www.farmonlineweather.com.au Open in urlscan Pro
18.155.68.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.farmonlineweather.com.au/
Effective URL:
https://www.farmonlineweather.com.au/
Submission: On November 12 via manual (November 12th 2022, 1:16:52 pm UTC) from ES — Scanned from AU

Summary HTTP 336 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 80 domains to perform 336 HTTP transactions. The main IP is 18.155.68.94, located in United States and belongs to AMAZON-02, US. The main domain is www.farmonlineweather.com.au.
TLS certificate: Issued by Amazon on July 31st 2022. Valid for: a year.

This is the only time www.farmonlineweather.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.155.68.58 18.155.68.58	16509 (AMAZON-02) (AMAZON-02)
21	18.155.68.94 18.155.68.94	16509 (AMAZON-02) (AMAZON-02)
20	54.192.150.129 54.192.150.129	16509 (AMAZON-02) (AMAZON-02)
4	13.224.250.61 13.224.250.61	16509 (AMAZON-02) (AMAZON-02)
3 8	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1	23.36.48.244 23.36.48.244	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.13.76 104.18.13.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.10.155 142.251.10.155	15169 (GOOGLE) (GOOGLE)
1	18.155.68.71 18.155.68.71	16509 (AMAZON-02) (AMAZON-02)
2 6	52.76.128.105 52.76.128.105	16509 (AMAZON-02) (AMAZON-02)
4	13.33.88.113 13.33.88.113	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.194.97 172.217.194.97	15169 (GOOGLE) (GOOGLE)
1	13.33.88.47 13.33.88.47	16509 (AMAZON-02) (AMAZON-02)
8	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
1	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
1	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
9	142.251.12.132 142.251.12.132	15169 (GOOGLE) (GOOGLE)
2 2	54.85.225.242 54.85.225.242	14618 (AMAZON-AES) (AMAZON-AES)
11 15	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
5	54.202.29.137 54.202.29.137	16509 (AMAZON-02) (AMAZON-02)
1	23.207.37.206 23.207.37.206	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	13.33.88.104 13.33.88.104	16509 (AMAZON-02) (AMAZON-02)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	52.199.182.20 52.199.182.20	16509 (AMAZON-02) (AMAZON-02)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	3.0.197.111 3.0.197.111	16509 (AMAZON-02) (AMAZON-02)
2 2	67.199.150.81 67.199.150.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	67.199.150.85 67.199.150.85	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	54.192.150.117 54.192.150.117	16509 (AMAZON-02) (AMAZON-02)
15	74.125.68.132 74.125.68.132	15169 (GOOGLE) (GOOGLE)
7	142.250.4.155 142.250.4.155	15169 (GOOGLE) (GOOGLE)
20	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
1 4	74.125.68.147 74.125.68.147	15169 (GOOGLE) (GOOGLE)
3	142.250.4.154 142.250.4.154	15169 (GOOGLE) (GOOGLE)
2 6	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
44	74.125.24.148 74.125.24.148	15169 (GOOGLE) (GOOGLE)
3 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	23.53.160.138 23.53.160.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.155.68.48 18.155.68.48	() ()
1	34.120.45.191 34.120.45.191	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.227.38.74 23.227.38.74	() ()
1	104.18.63.130 104.18.63.130	() ()
1	192.229.189.136 192.229.189.136	() ()
1	23.53.160.118 23.53.160.118	() ()
3	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
336	46

1 18.155.68.58 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-58.sin52.r.cloudfront.net

www.farmonlineweather.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.155.68.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-94.sin52.r.cloudfront.net

www.farmonlineweather.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.192.150.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-129.sin2.r.cloudfront.net

resources.weatherzone.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.250.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-61.sin52.r.cloudfront.net

data.weatherzone.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.132.202.70 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

content.dl-rms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
odnaknopka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hlmiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.48.244 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-244.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-71.sin52.r.cloudfront.net

otf.weatherzone.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.76.128.105 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-128-105.ap-southeast-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.88.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-113.sin2.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.97 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-47.sin2.r.cloudfront.net

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.60.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

resistcorrectly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net

06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.225.242 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-225-242.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.24.157 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.202.29.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-29-137.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.37.206 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.104 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-104.sin2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.182.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-182-20.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.0.197.111 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-197-111.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.81 (Los Angeles, United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.85 (Los Angeles, United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-117.sin2.r.cloudfront.net

gyhyygz6ebrjjnunoz8x07vfjorfd1668259007.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.68.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.5.84.243 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.254.151.120 (Los Angeles, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 74.125.24.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.160.138 (Singapore, Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.48 (None, )

ASN- ()

hbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.45.191 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.45.120.34.bc.googleusercontent.com

www.semrush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.74 (None, )

ASN- ()

www.olly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.63.130 (None, )

ASN- ()

stripchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.189.136 (None, )

ASN- ()

www.buckle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.160.118 (None, )

ASN- ()

www.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	455 KB
39	googlesyndication.com 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	247 KB
31	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	539 KB
25	weatherzone.com.au resources.weatherzone.com.au data.weatherzone.com.au otf.weatherzone.com.au	285 KB
22	farmonlineweather.com.au 1 redirects www.farmonlineweather.com.au	79 KB
15	krxd.net 2 redirects cdn.krxd.net — Cisco Umbrella Rank: 1638 consumer.krxd.net — Cisco Umbrella Rank: 2207 usermatch.krxd.net — Cisco Umbrella Rank: 1283 beacon.krxd.net — Cisco Umbrella Rank: 530	208 KB
12	imrworldwide.com 2 redirects secure-au.imrworldwide.com — Cisco Umbrella Rank: 33647 cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2328 bee.imrworldwide.com — Cisco Umbrella Rank: 47376 gyhyygz6ebrjjnunoz8x07vfjorfd1668259007.nuid.imrworldwide.com	77 KB
10	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 491 as-sec.casalemedia.com — Cisco Umbrella Rank: 1339 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	14 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	6 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	109 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	700 B
5	hlmiq.com 3 redirects hlmiq.com — Cisco Umbrella Rank: 266775	5 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 407	718 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	142 KB
3	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662 image4.pubmatic.com — Cisco Umbrella Rank: 822	852 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1226	635 B
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 714	818 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	597 B
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 285	17 KB
2	odnaknopka.ru odnaknopka.ru — Cisco Umbrella Rank: 284242	1 KB
1	ebay.com www.ebay.com
1	buckle.com www.buckle.com
1	stripchat.com stripchat.com
1	olly.com www.olly.com
1	semrush.com www.semrush.com — Cisco Umbrella Rank: 74166
1	hbx.com hbx.com
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 544	656 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 434	500 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	448 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 480	427 B
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 79993	792 B
1	resistcorrectly.com 1 redirects resistcorrectly.com — Cisco Umbrella Rank: 280097	336 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 587	27 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 492	23 KB
1	dl-rms.com content.dl-rms.com — Cisco Umbrella Rank: 631607	516 B
0	freshworks.com Failed www.freshworks.com Failed
0	walmart.com Failed www.walmart.com Failed
0	thelotter.net Failed www.thelotter.net Failed
0	hotelscombined.com Failed www.hotelscombined.com Failed
0	cex.io Failed cex.io Failed
0	kinsta.com Failed kinsta.com Failed
0	viator.com Failed www.viator.com Failed
0	bongacams.com Failed bongacams.com Failed
0	miniinthebox.com Failed www.miniinthebox.com Failed
0	rosewe.com Failed www.rosewe.com Failed
0	binance.us Failed www.binance.us Failed
0	alibaba.com Failed offer.alibaba.com Failed
0	getyourguide.com Failed www.getyourguide.com Failed
0	itcosmetics.com Failed www.itcosmetics.com Failed
0	expedia.com Failed www.expedia.com Failed
0	canva.com Failed www.canva.com Failed
0	buyee.jp Failed buyee.jp Failed
0	aweber.com Failed www.aweber.com Failed
0	chaturbate.com Failed chaturbate.com Failed
0	trip.com Failed www.trip.com Failed
0	vrbo.com Failed www.vrbo.com Failed
0	wise.com Failed wise.com Failed
0	elementor.com Failed elementor.com Failed
0	changelly.com Failed changelly.com Failed
0	monday.com Failed monday.com Failed
0	sproutsocial.com Failed sproutsocial.com Failed
0	rotita.com Failed www.rotita.com Failed
0	hotels.com Failed www.hotels.com Failed
0	kraken.com Failed www.kraken.com Failed
0	modlily.com Failed www.modlily.com Failed
0	lightinthebox.com Failed www.lightinthebox.com Failed
0	bluejeans.com Failed www.bluejeans.com Failed
0	is.gd Failed is.gd Failed
0	rentalcars.com Failed www.rentalcars.com Failed
0	drop.com Failed drop.com Failed
0	zulily.com Failed www.zulily.com Failed
0	dhgate.com Failed de.dhgate.com Failed
0	agoda.com Failed www.agoda.com Failed
0	iherb.com Failed www.iherb.com Failed
0	saksfifthavenue.com Failed www.saksfifthavenue.com Failed
0	tiqets.com Failed www.tiqets.com Failed
0	claires.com Failed www.claires.com Failed
0	wish.com Failed www.wish.com Failed
0	eyeota.net Failed ps.eyeota.net — Cisco Umbrella Rank: 926 Failed
0	aliexpress.com Failed login.aliexpress.com Failed
336	80

	Domain	Requested by
44	s0.2mdn.net	www.farmonlineweather.com.au s0.2mdn.net
22	www.farmonlineweather.com.au	1 redirects www.farmonlineweather.com.au
20	pagead2.googlesyndication.com	06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com googleads.g.doubleclick.net www.farmonlineweather.com.au tpc.googlesyndication.com www.googletagservices.com
20	resources.weatherzone.com.au	www.farmonlineweather.com.au
15	tpc.googlesyndication.com	www.farmonlineweather.com.au 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com tpc.googlesyndication.com
15	cm.g.doubleclick.net	11 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com www.farmonlineweather.com.au
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
6	cdn.krxd.net	www.farmonlineweather.com.au cdn.krxd.net
6	secure-au.imrworldwide.com	2 redirects secure-au.imrworldwide.com www.farmonlineweather.com.au
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	beacon.krxd.net	www.farmonlineweather.com.au cdn.krxd.net
5	hlmiq.com	3 redirects odnaknopka.ru hlmiq.com
5	securepubads.g.doubleclick.net	www.farmonlineweather.com.au securepubads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
4	06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn-gl.imrworldwide.com	www.farmonlineweather.com.au secure-au.imrworldwide.com cdn-gl.imrworldwide.com
4	data.weatherzone.com.au	www.farmonlineweather.com.au
3	googleads4.g.doubleclick.net	www.farmonlineweather.com.au
3	www.googletagservices.com	06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	sync.crwdcntrl.net	1 redirects www.farmonlineweather.com.au
2	ssum-sec.casalemedia.com	2 redirects
2	sb.scorecardresearch.com	1 redirects www.farmonlineweather.com.au
2	usermatch.krxd.net	2 redirects
2	consumer.krxd.net	cdn.krxd.net
2	ssl.google-analytics.com	1 redirects www.farmonlineweather.com.au
2	odnaknopka.ru	content.dl-rms.com odnaknopka.ru
1	www.ebay.com	hlmiq.com
1	www.buckle.com	hlmiq.com
1	stripchat.com	hlmiq.com
1	www.olly.com	hlmiq.com
1	www.semrush.com	hlmiq.com
1	hbx.com	hlmiq.com
1	gyhyygz6ebrjjnunoz8x07vfjorfd1668259007.nuid.imrworldwide.com	www.farmonlineweather.com.au
1	image4.pubmatic.com	www.farmonlineweather.com.au
1	token.rubiconproject.com	www.farmonlineweather.com.au
1	aa.agkn.com	www.farmonlineweather.com.au
1	idsync.rlcdn.com	www.farmonlineweather.com.au
1	stags.bluekai.com	www.farmonlineweather.com.au
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	resistcorrectly.com	1 redirects hlmiq.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.farmonlineweather.com.au
1	bee.imrworldwide.com	secure-au.imrworldwide.com
1	otf.weatherzone.com.au	www.farmonlineweather.com.au
1	js-sec.indexww.com	www.farmonlineweather.com.au
1	assets.adobedtm.com	www.farmonlineweather.com.au
1	content.dl-rms.com	www.farmonlineweather.com.au
0	www.freshworks.com Failed	hlmiq.com
0	www.walmart.com Failed	hlmiq.com
0	www.thelotter.net Failed	hlmiq.com
0	www.hotelscombined.com Failed	hlmiq.com
0	cex.io Failed	hlmiq.com
0	kinsta.com Failed	hlmiq.com
0	www.viator.com Failed	hlmiq.com
0	bongacams.com Failed	hlmiq.com
0	www.miniinthebox.com Failed	hlmiq.com
0	www.rosewe.com Failed	hlmiq.com
0	www.binance.us Failed	hlmiq.com
0	offer.alibaba.com Failed	hlmiq.com
0	www.getyourguide.com Failed	hlmiq.com
0	www.itcosmetics.com Failed	hlmiq.com
0	www.expedia.com Failed	hlmiq.com
0	www.canva.com Failed	hlmiq.com
0	buyee.jp Failed	hlmiq.com
0	www.aweber.com Failed	hlmiq.com
0	chaturbate.com Failed	hlmiq.com
0	www.trip.com Failed	hlmiq.com
0	www.vrbo.com Failed	hlmiq.com
0	wise.com Failed	hlmiq.com
0	elementor.com Failed	hlmiq.com
0	changelly.com Failed	hlmiq.com
0	monday.com Failed	hlmiq.com
0	sproutsocial.com Failed	hlmiq.com
0	www.rotita.com Failed	hlmiq.com
0	www.hotels.com Failed	hlmiq.com
0	www.kraken.com Failed	hlmiq.com
0	www.modlily.com Failed	hlmiq.com
0	www.lightinthebox.com Failed	hlmiq.com
0	www.bluejeans.com Failed	hlmiq.com
0	is.gd Failed	hlmiq.com
0	www.rentalcars.com Failed	hlmiq.com
0	drop.com Failed	hlmiq.com
0	www.zulily.com Failed	hlmiq.com
0	de.dhgate.com Failed	hlmiq.com
0	www.agoda.com Failed	hlmiq.com
0	www.iherb.com Failed	hlmiq.com
0	www.saksfifthavenue.com Failed	hlmiq.com
0	www.tiqets.com Failed	hlmiq.com
0	www.claires.com Failed	hlmiq.com
0	www.wish.com Failed	hlmiq.com
0	ps.eyeota.net Failed	www.farmonlineweather.com.au
0	login.aliexpress.com Failed	odnaknopka.ru
336	99

This site contains links to these domains. Also see Links.

Domain
www.theland.com.au
www.queenslandcountrylife.com.au
www.stockandland.com.au
www.stockjournal.com.au
www.farmweekly.com.au
www.agtrader.com.au
www.horsedeals.com.au
www.farmonlinelivestock.com.au
www.ruralbookshop.com.au
www.domainrural.com.au
www.weatherzone.co.nz
www.farmonline.com.au
www.northqueenslandregister.com.au
livestockconnect.com.au
farmbuy.com
acmruralevents.com.au
www.machineryexpo.com.au
www.cdfielddays.co.nz
www.acmadcentre.com.au
twitter.com

Subject Issuer	Validity	Valid
*.farmonlineweather.com.au Amazon	`2022-07-31` - `2023-08-29`	a year	crt.sh
*.weatherzone.com.au Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
content.dl-rms.com R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
odnaknopka.ru Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-26` - `2023-10-25`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-07`	a year	crt.sh
hlmiq.com R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
hbx.com Amazon	`2022-09-01` - `2023-09-30`	a year	crt.sh
stripchat.com Cloudflare Inc ECC CA-3	`2022-03-03` - `2023-03-02`	a year	crt.sh
www.ebay.com Sectigo RSA Organization Validation Secure Server CA	`2022-08-16` - `2023-08-16`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.farmonlineweather.com.au/
Frame ID: 8E4324D5E199F084BCB43BECA322019F
Requests: 73 HTTP requests in this frame

Frame: https://secure-au.imrworldwide.com/storageframe.html
Frame ID: D976D24234CB9F998975098AB4ED80FC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: C967B47EDE49A441194330457F234BC1
Requests: 15 HTTP requests in this frame

Frame: https://hlmiq.com/vu/us/
Frame ID: 132052BB5F0D885F3A3D5A304D2FDEB3
Requests: 1 HTTP requests in this frame

Frame: https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2668432%26cn%3Ddallas%26cv%3D320403%26dp%3D173.245.209.46%26aff_fcid%3Dc8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%26tt%3DCPS_NORMAL%26aff_fsk%3D_DkvbRPd%26aff_platform%3Dportals-tool%26sk%3D_DkvbRPd%26aff_trace_key%3Dc8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%26terminal_id%3D4682d81db7724626b186ace0f3034bdf
Frame ID: 9B55D44DC774F6995B3E1DB06C1E7E33
Requests: 1 HTTP requests in this frame

Frame: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 07B6080428F6F8044D54D9073254C86A
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 8313AD71E9BDA129403704BA81700EF1
Requests: 3 HTTP requests in this frame

Frame: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: B99C1953DF455759124C4D24B64DF63F
Requests: 16 HTTP requests in this frame

Frame: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 60C9E9C12858A789DC0C028128C8961B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
Frame ID: 208FA65BBD8CEF51A5E98435C9C51AAB
Requests: 12 HTTP requests in this frame

Frame: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 9EA575467842DAA1E57A5975C44F4ED7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGJ75ktEBMAE&v=APEucNU_P3MfpnkZypHTMHmjcBtHvSaAhZgS1c5AGG7GxqIc2Uy9HgVTE4C1rt3nbWGAx4Tiy0N78GhhNenSNPdAocEON0l2Sg
Frame ID: 4EC29F00F8BF260593D6475A1B9751B1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNWEgHGS-iDsyqej180q_t2AIZHeuugX3RESnB-gaS7Tp2ASOm8SYhT20fc8qONhHK-YNZq8sRzAE2zAqVJPj2WG9Y_P1A
Frame ID: 80467252478913538E6D18F42DB9E426
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNXMppb77RTSI9lSKSUOORFij14R1uZgH8d_x2H3Y4EPR1M0lIXiAuN3Fc4SuoCZQnWr_RzJyi9sgzbsifysCa5aoHqSjQ
Frame ID: B6183CD0E9B3A8BA5B029DA0F1FA0048
Requests: 5 HTTP requests in this frame

Frame: https://hlmiq.com/vu/us/
Frame ID: 7477C91897B0EF4AA75F00E4CE498E5A
Requests: 121 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
Frame ID: 9B025E1F28A17460CFAC751DBB965633
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
Frame ID: F78767FF2B0A23C94789365B3A978602
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E8484666AA35B1A498AE1857AFA1AE9E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
Frame ID: 5C1512C194FDCBF5486EF001F65F1E99
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 05B2F588AD74A7BC85B54011F0D1F5A3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2EC9EDDD115B507B7DE3CF3DFE39A288
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weather - Australia 7 day forecasts and weather radar - FarmOnline Weather - www.farmonlineweather.com.au

Page URL History Show full URLs

http://www.farmonlineweather.com.au/ HTTP 301
https://www.farmonlineweather.com.au/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

336
Requests

57 %
HTTPS

0 %
IPv6

80
Domains

99
Subdomains

46
IPs

8
Countries

2231 kB
Transfer

4851 kB
Size

41
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.theland.com.au/
Title: QUICK CONNECT :

Search URL Search Domain Scan URL

URL: https://www.queenslandcountrylife.com.au/
Title: Queensland Country Life

Search URL Search Domain Scan URL

URL: https://www.stockandland.com.au/
Title: Stock & Land

Search URL Search Domain Scan URL

URL: https://www.stockjournal.com.au/
Title: Stock Journal

Search URL Search Domain Scan URL

URL: https://www.farmweekly.com.au/
Title: Farm weekly

Search URL Search Domain Scan URL

URL: https://www.agtrader.com.au/
Title: AgTrader

Search URL Search Domain Scan URL

URL: https://www.horsedeals.com.au/
Title: Horse Deals

Search URL Search Domain Scan URL

URL: https://www.farmonlinelivestock.com.au/
Title: Farmonline Livestock

Search URL Search Domain Scan URL

URL: https://www.ruralbookshop.com.au/
Title: Rural Bookshop

Search URL Search Domain Scan URL

URL: https://www.domainrural.com.au/
Title: Rural Property

Search URL Search Domain Scan URL

URL: https://www.weatherzone.co.nz/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://www.farmonline.com.au/

Search URL Search Domain Scan URL

URL: https://www.northqueenslandregister.com.au/

Search URL Search Domain Scan URL

URL: https://www.farmonline.com.au/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://livestockconnect.com.au/
Title: Livestock Connect

Search URL Search Domain Scan URL

URL: https://farmbuy.com/
Title: farmbuy.com

Search URL Search Domain Scan URL

URL: https://www.farmonline.com.au/dairy/
Title: The Australian Dairyfarmer

Search URL Search Domain Scan URL

URL: https://acmruralevents.com.au/agquip/home
Title: Ag Quip

Search URL Search Domain Scan URL

URL: https://acmruralevents.com.au/farmfest/home
Title: Farm Fest

Search URL Search Domain Scan URL

URL: https://www.machineryexpo.com.au/
Title: Machinery Expo

Search URL Search Domain Scan URL

URL: https://www.cdfielddays.co.nz/
Title: Central Districts Field Days NZ

Search URL Search Domain Scan URL

URL: https://www.acmadcentre.com.au/brands/
Title: ACM Ad Centre

Search URL Search Domain Scan URL

URL: https://twitter.com/FarmOnline/fairfax-rural-reporters
Title: Twitter - farmonline

Search URL Search Domain Scan URL

URL: https://www.farmonline.com.au/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.farmonline.com.au/conditions-of-use/
Title: Conditions of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.farmonlineweather.com.au/ HTTP 301
https://www.farmonlineweather.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://secure-au.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 57

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1068670878&utmhn=www.farmonlineweather.com.au&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Weather%20-%20Australia%207%20day%20forecasts%20and%20weather%20radar%20-%20FarmOnline%20Weather%20-%20www.farmonlineweather.com.au&utmhid=1482033249&utmr=-&utmp=%2F&utmht=1668259006088&utmac=UA-21576599-1&utmcc=__utma%3D243469466.1946891184.1668259006.1668259006.1668259006.1%3B%2B__utmz%3D243469466.1668259006.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=684377872&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-21576599-1&cid=1946891184.1668259006&jid=684377872&_v=5.7.2&z=1068670878

Request Chain 58

https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1668259006092&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&sr=1600x1200&id=lstrg-944a1341f8e1ada2b392282befea8087 HTTP 302
https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1668259006092&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&sr=1600x1200&id=lstrg-944a1341f8e1ada2b392282befea8087&ja=1

Request Chain 67

https://resistcorrectly.com/stat HTTP 302
https://hlmiq.com/vu/us/

Request Chain 68

https://feneteko.com/a HTTP 302
https://s.click.aliexpress.com/e/_DkvbRPd?af=a;68432&cn=dallas&cv=320403&dp=173.245.209.46 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&68432&cn=dallas&cv=320403&dp=173.245.209.46&aff_fcid=c8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd&tt=CPS_NORMAL&aff_fsk=_DkvbRPd&aff_platform=portals-tool&sk=_DkvbRPd&aff_trace_key=c8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd&terminal_id=4682d81db7724626b186ace0f3034bdf HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2668432%26cn%3Ddallas%26cv%3D320403%26dp%3D173.245.209.46%26aff_fcid%3Dc8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%26tt%3DCPS_NORMAL%26aff_fsk%3D_DkvbRPd%26aff_platform%3Dportals-tool%26sk%3D_DkvbRPd%26aff_trace_key%3Dc8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%26terminal_id%3D4682d81db7724626b186ace0f3034bdf

Request Chain 77

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UE1jZUVxN3g HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEA5bvJWiLtEstImKhB-gcs8&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UE1jZUVxN3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UE1jZUVxN3g&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM4V61WQ57l1q09aw2_jH5c&google_cver=1

Request Chain 80

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PMceEq7x&rn=1668259007 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=PMceEq7x&rn=1668259007

Request Chain 81

https://ps.eyeota.net/match?bid=i0r4o4v&uid=PMceEq7x HTTP 302
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PMceEq7x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjR0aWhvc09ITGtLaFlPQWNPNU8yOXBmN0xGUlZxeEtCd2tEZExjVkprSUk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESEIVoTTgfU6eP7zAdjyxtj20&google_cver=1 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D2%2526dc_mr%253D5%2526dc_orig%253Di0r4o4v%2526 HTTP 302
https://ps.eyeota.net/match?uid=7034244450352962069&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v& HTTP 302
https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26 HTTP 302
https://ps.eyeota.net/match?bid=9sn4omv&uid=IKJAsrSD1OTQnp5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v&

Request Chain 83

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PMceEq7x

Request Chain 85

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Y2.cvyf-eBIUGoJ.n3zqXgAA%264692

Request Chain 86

https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=PMceEq7x HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PMceEq7x

Request Chain 87

https://image6.pubmatic.com/AdServer/UCookieSetPug?p=160769&gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160769%26partnerUID%3DPMceEq7x%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?p=160769&gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160769%26partnerUID%3DPMceEq7x%26gdpr%3D0%26gdpr_consent%3D&rdf=1 HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=160769&partnerUID=PMceEq7x&gdpr=0&gdpr_consent=

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2.cvyf-eBIUGoJ.n3zqXgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5MDczNzY3MTczNDg1MjE1MQ%3D%3D

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1

Request Chain 130

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2.cvyf-eBIUGoJ.n3zqXgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1

Request Chain 132

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzg3MjcyMTc3MjMyMDQxOQ%3D%3D

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGrApjJ8V193mteFtQG-Q28&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGrApjJ8V193mteFtQG-Q28&google_cver=1

Request Chain 144

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY0ODQ5ZTUtZTJlNy0yMjdiLWNmZDAtMThiOGJhYmM4Njlj

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKEs7gAOs1QX0JMr0cc-Hfc&google_cver=1

Request Chain 146

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGJjOWFlM2ItN2ExMC00MTBiLWIyOTYtMmE0ZThkMTc2ZTBj

Request Chain 152

https://hlmiq.com/to2/semrush.com/ HTTP 307
https://www.semrush.com/?irclickid=2T8Tjh3R%3AxyNWLpwfg0VZSHFUkDSnT1HXUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius&utm_term=

Request Chain 153

https://hlmiq.com/to2/claires.us/ HTTP 307
https://www.zenaps.com/rclick.php?mid=5387&c_len=2592000&c_ts=1668250082&c_cnt=922583%7C0%7C0%7C1668250082%7C3CefZBFQMcwYExeT6fMFVp0aWtnYQ5aJF4P1T8B2YckAoy%7Caw%7C0&ir=7b447e30-6277-11ed-9d10-2262c713b6c4&pr=https%3A%2F%2Fwww.claires.com%3Futm_source%3Daffiliatewindow%26utm_campaign%3D922583%26utm_medium%3Daffiliates+%26awc%3D5387_1668250082_05c38ccf036adb03312dd003d6ccdc1d&bId=HLEX_636f79e2b4a8d6.27558901&cookie=1&c_d=zenaps.com HTTP 302
https://www.claires.com/?utm_source=affiliatewindow&utm_campaign=922583&utm_medium=affiliates%20&awc=5387_1668250082_05c38ccf036adb03312dd003d6ccdc1d

Request Chain 154

https://www.tiqets.com/en?partner=mtac HTTP 308
https://www.tiqets.com/en/?partner=mtac

Request Chain 155

https://hlmiq.com/to2/olly.com/ HTTP 307
https://www.olly.com/?irclickid=yKXRiM3RaxyNWLpwfg0VZSHFUkDSn3XXXUjWwE0&irgwc=1&utm_source=Impact_Affiliate&utm_medium=Linkbux&utm_campaign=Online%20Tracking%20Link

Request Chain 157

https://hlmiq.com/to2/saksfifthavenue.com/ HTTP 307
https://www.saksfifthavenue.com/Entry.jsp?site_refer=AFF001&mid=38707&siteID=xALzvpIGBAw-ElIq16LAzYJ775b6wiv.aw HTTP 301
https://www.saksfifthavenue.com/?site_refer=AFF001&mid=38707&siteID=xALzvpIGBAw-ElIq16LAzYJ775b6wiv.aw

Request Chain 158

https://hlmiq.com/to2/buckle.com/ HTTP 307
https://www.buckle.com/?ranMID=2652&ranEAID=2126220&ranSiteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&siteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&utm_source=aff&utm_medium=a1LgFw09t88&utm_campaign=1

Request Chain 160

https://hlmiq.com/to2/iherbcd/ HTTP 307
https://www.iherb.com/?clickref=1100lwhNZmxC&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232 HTTP 301
https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

Request Chain 162

https://hlmiq.com/to2/dhgate/ HTTP 307
https://de.dhgate.com/?f=bm|aff|admitad|1019090|1d26e7a58f38e788b551189e46ce8eb7|197649||

Request Chain 163

https://hlmiq.com/to2/zulily.com/ HTTP 307
https://www.zulily.com/?irclickid=S9Exyh3R5xyNRw2xKQ3XYSymUkDSnTxPXUjWwE0&irgwc=1&tid=33338180_1020116_2334778_Linkbux_9643_zcvp2_&linkName=Beachy%20Picks%20by%20Personalized%20Planet&SID=

336 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.farmonlineweather.com.au/
Redirect Chain

http://www.farmonlineweather.com.au/
https://www.farmonlineweather.com.au/

45 KB
10 KB

811ms
414ms

Document
text/html

18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 2476a5d9da615bbb3f86bf6cb783f6fef2e6f5235725d5081aa1f16232a67f1f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sat, 12 Nov 2022 13:16:42 GMT
expires: Sat, 12 Nov 2022 13:21:42 GMT
server: Apache/2.4.54 ()
vary: Accept-Encoding
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-id: KSiXPK9sK8yNjNqrOyA5Xz9l5ZW-jA4tf_g8SmWEzvAE7Ovv1GgAkg==
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sat, 12 Nov 2022 13:16:41 GMT
Location: https://www.farmonlineweather.com.au/
Server: CloudFront
Via: 1.1 0a7b620f0f14feda0f8b9c00e925e1a4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cMzBy43fWz-KE5VEe4AUlwM1r-8vqbbizPYhLpHHAtm756U3imVY7w==
X-Amz-Cf-Pop: SIN52-P1
X-Cache: Redirect from cloudfront

GET
H2 200 wz4_fol.css
www.farmonlineweather.com.au/includes/css/ 12 KB
3 KB 206ms
200ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/wz4_fol.css?rev=202112021139
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: f910edb7e9631bb5b7894a6698160508e200e75d65ca4b49e7567cbd2335d017

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:06:29 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 1444213
x-cache: Hit from cloudfront
content-length: 2823
last-modified: Mon, 13 Dec 2021 01:46:00 GMT
server: Apache/2.4.54 ()
etag: "314f-5d2fd3c1fd59e-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: z851t1AmC5-LcNGrXT-TYUSydb3t89j-Li8QROWzqCiKS2DeAz6u8g==
expires: Wed, 23 Nov 2022 20:06:29 GMT

GET
H2 200 glob_structure.css
www.farmonlineweather.com.au/includes/css/ 2 KB
875 B 224ms
218ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/glob_structure.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 850c0413e9cf0be466b6842267f5096b766ef142d192decacdda8b19b2af3dfa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:59:18 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 1322244
x-cache: Hit from cloudfront
content-length: 459
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
etag: "60e-5d2fd09075348-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: XVHOf_18q_JbNKVw5JDkyyiPuW_zWVyWdQnIOCXTGAL8GpFralwgnQ==
expires: Fri, 25 Nov 2022 05:59:18 GMT

GET
H2 200 glob_style.css
www.farmonlineweather.com.au/includes/css/ 43 KB
9 KB 223ms
217ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/glob_style.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 0114f37149f6157ef2a2c05817065b0ed99b1efc3386e25b7a99a2b6c1a017d8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 04:47:10 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 808172
x-cache: Hit from cloudfront
content-length: 8781
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
etag: "acf5-5d2fd09083da8-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: 8Q1ENV4p3GCTpYZXJi4_waaQWwgkaQZdQZGP4kNcL5PWDCfHWU9MnA==
expires: Thu, 01 Dec 2022 04:47:10 GMT

GET
H2 200 glob_navigation.css
www.farmonlineweather.com.au/includes/css/ 6 KB
2 KB 229ms
224ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/glob_navigation.css?r=20130129
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: ebab3ba6b649a724873c8a04e230b316640e9dc4b684bd064ede6bf619dda045

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 21:01:53 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 2218489
x-cache: Hit from cloudfront
content-length: 1567
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
etag: "17ac-5d2fd09075348-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: d6tk8-WwjoJhKiuB1kVWDICpOKzWu7wGTjAQr6kA8jBXfTsSbptabA==
expires: Mon, 14 Nov 2022 21:01:53 GMT

GET
H2 200 jquery-ui-1.8.16.custom.css
resources.weatherzone.com.au/wz/includes/jquery-ui-1.8.16.custom/css/smoothness/ 31 KB
31 KB 639ms
230ms Stylesheet
text/css 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/jquery-ui-1.8.16.custom/css/smoothness/jquery-ui-1.8.16.custom.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee6ca4a9ec51cb637ca6d5ada94a0c94d5270a1962feb960ed07835f564bb65f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 04:04:18 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:40:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 2020346
etag: "59e1c2cc611052700463c177ac7fad0d"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 31883
x-amz-cf-id: zEG7KrRRp3vqdcv9Zny7-Rk9r_T4hMlHmN5wj4D6xrdTFSjEwp_Onw==

GET
H2 200 googleads.css
www.farmonlineweather.com.au/includes/css/ 451 B
651 B 228ms
223ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/googleads.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 7ed0e36b80c93f14bf25b7bbd06842e0eb07b4e58d63adc0d10cc056694defc0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 01:03:19 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 1253602
x-cache: Hit from cloudfront
content-length: 237
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
etag: "1c3-5d2fd09077288-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: 3Qsn8ygqpjKt_ayTa1_vBOF8XtdllQ0nQqmXOY9jo-k1rZytMRjtxg==
expires: Sat, 26 Nov 2022 01:03:19 GMT

GET
H2 403 jqmodal.css
resources.weatherzone.com.au/wz/includes/css/ 0
0 1208ms
800ms Stylesheet
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/css/jqmodal.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 glob_head.css
www.farmonlineweather.com.au/includes/css/ 4 KB
1 KB 233ms
229ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/glob_head.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 17e5f98fa90703bf789da01433726b59fa4ccee9ef3b277be4bfef111c7338a7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:59:18 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 1322244
x-cache: Hit from cloudfront
content-length: 940
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
etag: "1016-5d2fd09083da8-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: Yfqtlk_804EyKOK-ghsaYv_4d2iWhq6-ub-2huOQiOKIhtFAGufwiQ==
expires: Fri, 25 Nov 2022 05:59:18 GMT

GET
H2 200 jquery-1.8.1.min.js Show response
resources.weatherzone.com.au/wz/includes/jquery/ 91 KB
91 KB 821ms
413ms Script
application/javascript 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/jquery/jquery-1.8.1.min.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf0608bf8dd716388c00ca8223bee994e2d25226aa8e4e32da70a525613fdf4b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 04:04:18 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:40:45 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 2020346
etag: "e7155ee7c8c9898b6d4f2a9a12a1288e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 92792
x-amz-cf-id: uxqqxCMDiIZLaH9AALJygIDEkJ0JUqRDItmxZu_r-98KDaoFA77P9g==

GET
H2 200 jquery-ui-1.8.16.custom.min.js Show response
resources.weatherzone.com.au/wz/includes/jquery-ui-1.8.16.custom/js/ 109 KB
109 KB 821ms
414ms Script
application/javascript 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/jquery-ui-1.8.16.custom/js/jquery-ui-1.8.16.custom.min.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0b24ffda884f826ade7d9bf5890779d07809d256a5e8a75fedfcfd96eaf23ed

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 04:04:18 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:40:47 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 2020346
etag: "57abc945a3195248eeaa2dd9416d441b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 111380
x-amz-cf-id: lVIqYgLiP0Dj2qrDdehqr4e_fMs8Pej2fIAHLY8WX7o59XOCZ_3ZDw==

GET
H2 403 glob_util.js
resources.weatherzone.com.au/wz/includes/js/ 0
0 1206ms
799ms Script
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/js/glob_util.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 403 glob_navigation.js
resources.weatherzone.com.au/wz/includes/js/ 0
0 1205ms
798ms Script
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/js/glob_navigation.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 403 jquery.cookies.2.2.0.min.js
resources.weatherzone.com.au/wz/includes/jquery/ 0
0 1207ms
801ms Script
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/jquery/jquery.cookies.2.2.0.min.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 403 jqmodal.js
resources.weatherzone.com.au/wz/includes/jquery/ 0
0 1205ms
798ms Script
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/jquery/jqmodal.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 animator-2.02.min.js Show response
data.weatherzone.com.au/javascript/twc/animator/ 13 KB
5 KB 609ms
201ms Script
text/javascript 13.224.250.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data.weatherzone.com.au/javascript/twc/animator/animator-2.02.min.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-61.sin52.r.cloudfront.net
Software: Apache/2.4.23 (Amazon) OpenSSL/1.0.1k-fips /
Resource Hash: db41849923e429c11078afa9fb9fc3dbccffa6c3875178b99311f9ed73fb460b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:37:38 GMT
content-encoding: gzip
via: 1.1 b0b2bb3b21ed20feab951c611319321e.cloudfront.net (CloudFront)
last-modified: Wed, 02 Nov 2016 01:00:34 GMT
server: Apache/2.4.23 (Amazon) OpenSSL/1.0.1k-fips
x-amz-cf-pop: SIN52-C2
age: 10409945
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 4751
x-amz-cf-id: yOeEbQF3Zt6uaheH0yma3OLRnb0JDY3bTLCjVHAmTaAuisxFsuQCaA==
expires: Mon, 10 Jul 2023 01:37:38 GMT

GET
H/1.1 200
OK nodetag.js Show response
content.dl-rms.com/rms/30307/ 312 B
516 B 1213ms
405ms Script
application/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.dl-rms.com/rms/30307/nodetag.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 13:16:43 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 satelliteLib-9cd04029ab6e478b5c53def2d26694b4b38c6652.js Show response
assets.adobedtm.com/7d5ea80d054b96730162d0905d59678c4d2bf30c/ 75 KB
23 KB 1387ms
326ms Script
application/x-javascript 23.36.48.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/7d5ea80d054b96730162d0905d59678c4d2bf30c/satelliteLib-9cd04029ab6e478b5c53def2d26694b4b38c6652.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.48.244 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-48-244.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6a82d92cf0fe04d9abbe41964c63777c9ce7de4ff79a93e4bab13934db3fc2ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:44 GMT
content-encoding: gzip
last-modified: Wed, 23 May 2018 01:10:18 GMT
server: AkamaiNetStorage
etag: "19e57f6b7ca783751fbc6c589bb8e747:1527037819"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.farmonlineweather.com.au
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 23698
expires: Sat, 12 Nov 2022 14:16:44 GMT

GET
H2 200 186432-85207781403097.js Show response
js-sec.indexww.com/ht/p/ 88 KB
27 KB 326ms
112ms Script
text/javascript 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186432-85207781403097.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683eb28def345d55e3c4f389fdd07bdd6e035161463bb3138388c51a90cbdb7a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 13:01:47 GMT
server: cloudflare
age: 861
etag: W/"da1d55-15e05-5ed459bdcc4cf"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 768f8b3c490f557b-SYD
expires: Sat, 12 Nov 2022 17:16:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 649ms
257ms Script
text/javascript 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

sffe /

Resource Hash

0915578e3545433f07867c65210b4bec0d8e30f64dd37884ae4ed65504b3ea2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27297
x-xss-protection: 0
server: sffe
etag: "1391 / 273 of 1000 / last-modified: 1668207947"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Nov 2022 13:16:45 GMT

GET
H2 200 FOL-weather-logo-only.png
www.farmonlineweather.com.au/images/ 5 KB
6 KB 204ms
200ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/FOL-weather-logo-only.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 876ddfca3675be0a637989ddc207954e3e9cc4f7e491a6fc85f1a3a6ad65ae2f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 21:24:04 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 316360
etag: "1579-5d2fd090668e8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 5497
x-amz-cf-id: -Rc_oGkBwLLRQHjJlKxF9uYawmFW1mtCSXc2Kj7KfgqhsO0eKhToDg==
expires: Tue, 06 Dec 2022 21:24:04 GMT

GET
H2 200 glob_structure_print.css
www.farmonlineweather.com.au/includes/css/ 703 B
652 B 197ms
197ms Stylesheet
text/css 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.farmonlineweather.com.au/includes/css/glob_structure_print.css
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 881a47e1b01340e2d58b636ca8c2873e3ffa01debd4faff5c6c620b7aa293c8e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:43:38 GMT
content-encoding: gzip
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 1074787
x-cache: Hit from cloudfront
content-length: 239
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
etag: "2bf-5d2fd09078228-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2419200
accept-ranges: bytes
x-amz-cf-id: bJirZhlas7GiBfsauwOpI17UMsW9bZD8D5U4YCRWRag-45uS--kldA==
expires: Mon, 28 Nov 2022 02:43:38 GMT

GET
H2 200 wz_map_wzcountry_aus.jpg
resources.weatherzone.com.au/wz/images/maps/ 12 KB
12 KB 209ms
204ms Image
image/jpeg 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/maps/wz_map_wzcountry_aus.jpg
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d70a7c44155278839f951fb1fac74d75c1fe373e3cea0292c8b59c18b3a0c8c9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 01:45:45 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:52:12 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 473460
etag: "c8fe79b2366f29ff662fdb50a352f69a"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 12366
x-amz-cf-id: tZhJbMDU50ZybLhhcIL5zqieb0EnCX-ZVPDcz_iugx9cQK-2aqJFKA==

GET
H2 200 possible_thunderstorm.gif
resources.weatherzone.com.au/wz/images/icons/fcast_30_map/ 662 B
987 B 202ms
198ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/icons/fcast_30_map/possible_thunderstorm.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c91d27482b12873bdef8486d9d4cc653abe0d18c856e65d9fc2eb814237b633

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 04:39:20 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:56:21 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 463045
etag: "34856f4d95900100533b14053c875030"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 662
x-amz-cf-id: _2wWPCIEa9dRpkqw3WWr_yWK6Jyz5lsmzEMO35g41sXm1Id3scBesg==

GET
H2 200 mostly_sunny.gif
resources.weatherzone.com.au/wz/images/icons/fcast_30_map/ 587 B
913 B 203ms
199ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/icons/fcast_30_map/mostly_sunny.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d9c585d2e6a29419830253b20e33780819b800179c7f5f00ae31d545511c339

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 05:50:46 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:56:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 2532359
etag: "484903bc8ef68577b228ee87fe99f6b8"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 587
x-amz-cf-id: _megnSbc5OHTwwov6HCi8u6T6-TJmGbBwDnrnru01qMoX4OELl96Ig==

GET
H2 200 showers_increasing.gif
resources.weatherzone.com.au/wz/images/icons/fcast_30_map/ 528 B
853 B 209ms
206ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/icons/fcast_30_map/showers_increasing.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d2b44f435cad466588f4071af9e409219c813e97d102a64cbebf8303224ca8b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 06:34:28 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:56:28 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 542537
etag: "e648e2f6574cb601538a77eaa1bc3380"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 528
x-amz-cf-id: lbHSW98-OqmYI3Au0Yj5hPvQiyYfc7mfcbGDKMTyp9XTylSpGtVfMw==

GET
H2 200 nav_icon_australia.gif
resources.weatherzone.com.au/wz/images/widgets/ 1 KB
2 KB 200ms
198ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/widgets/nav_icon_australia.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29423cb4bcb324cf7ea3e069b79aacedf4e7cfce818c479128600b123a9204d3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 03:22:10 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:41:26 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 2022875
etag: "5ac28c9481cd5b35cffdbb6a31040bed"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 1213
x-amz-cf-id: FTRsqJpU1M_Hgz2BlD0vYBXjnvppwD3jnzJ9fH9KOsJ8tTtv7_KKhw==

GET
H2 200 wz_syn_aus_d0_180x135.jpg
data.weatherzone.com.au/data/hourly/images/synoptic/ 15 KB
16 KB 241ms
239ms Image
image/jpeg 13.224.250.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.weatherzone.com.au/data/hourly/images/synoptic/wz_syn_aus_d0_180x135.jpg
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-61.sin52.r.cloudfront.net
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.1k-fips /
Resource Hash: d99273766e6b52bbca7ada61e92bc4f6b1c482b05d7e90301869700d1e6f69aa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:14:06 GMT
via: 1.1 b0b2bb3b21ed20feab951c611319321e.cloudfront.net (CloudFront)
last-modified: Sat, 12 Nov 2022 13:09:11 GMT
server: Apache/2.4.27 (Amazon) OpenSSL/1.0.1k-fips
x-amz-cf-pop: SIN52-C2
age: 158
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=300
accept-ranges: bytes
content-length: 15626
x-amz-cf-id: lyPXGBTIb30WzEEdMnGAsLE_8j9AN6WYYJzgVFbuMry999Uf0Cy1kQ==
expires: Sat, 12 Nov 2022 13:19:06 GMT

GET
H2 404 wz_sat_aus_116x87.latest.jpg
data.weatherzone.com.au/data/hourly/images/satellite/ 0
0 423ms
420ms Image
text/html 13.224.250.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.weatherzone.com.au/data/hourly/images/satellite/wz_sat_aus_116x87.latest.jpg
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-61.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 radar_wzcountry_aus_640x480.202211121310.png
data.weatherzone.com.au/httpdata_r/images/radar/anims/twc15/radar_wzcountry_aus_640x480/ 7 KB
7 KB 320ms
318ms Image
image/png 13.224.250.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.weatherzone.com.au/httpdata_r/images/radar/anims/twc15/radar_wzcountry_aus_640x480/radar_wzcountry_aus_640x480.202211121310.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-61.sin52.r.cloudfront.net
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.1k-fips /
Resource Hash: c5228194e752991d57e7454ac01a3297b588cefc1cd796a1318a8f1f839ae908

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:44 GMT
via: 1.1 b0b2bb3b21ed20feab951c611319321e.cloudfront.net (CloudFront)
last-modified: Sat, 12 Nov 2022 13:14:27 GMT
server: Apache/2.4.27 (Amazon) OpenSSL/1.0.1k-fips
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 7124
x-amz-cf-id: QhUNA_q_Z0Cd3k__vsBt7PkWLYNUZf0hF8vZV6bfnm-Tsl_gliN7GQ==
expires: Tue, 07 Nov 2023 13:16:44 GMT

GET
H2 200 image.png
otf.weatherzone.com.au/otfimage/timestamped/lightning/wzcountry/aus/fcast_360/gpats/202211121310/60/4/640x480/ 4 KB
5 KB 809ms
398ms Image
image/png 18.155.68.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otf.weatherzone.com.au/otfimage/timestamped/lightning/wzcountry/aus/fcast_360/gpats/202211121310/60/4/640x480/image.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-71.sin52.r.cloudfront.net
Software: Apache/2.4.23 (Amazon) OpenSSL/1.0.1e-fips /
Resource Hash: 0ebc9e5f79ed26564a6acddc85dbe47622235a985d6acc64ddd69c2450055c55

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:45 GMT
via: 1.1 59200cf8e35c5a7273b88a148fe1e0a4.cloudfront.net (CloudFront)
server: Apache/2.4.23 (Amazon) OpenSSL/1.0.1e-fips
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4506
x-amz-cf-id: tt5fantWntPmAN2t8FD-cjw0jEQSWOfYhgLdPRU4Xek4LUio_J_txg==
expires: Sun, 12 Nov 2023 13:16:45 GMT

GET
H2 200 possible_thunderstorm.gif
resources.weatherzone.com.au/wz/images/icons/fcast_30/ 483 B
809 B 199ms
197ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/icons/fcast_30/possible_thunderstorm.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d525395d3f25e757575b00dda62356295d1f701dddac9d3f5333f7c99e953eae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 11:06:19 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:58:10 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 871826
etag: "f45854498560674faac56e9161365578"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 483
x-amz-cf-id: PQqi9fPJbmc93BoAnTqRrW8uX1PowCzZ6cYscLpn3IdB5XlhAeIYLQ==

GET
H2 200 mostly_sunny.gif
resources.weatherzone.com.au/wz/images/icons/fcast_30/ 421 B
747 B 369ms
367ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/icons/fcast_30/mostly_sunny.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e63d94fd54f0a9669351a0d8e4dcd3e84d46ce48af1faa2bbd312e9afa8a7ac

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 11:58:12 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:58:16 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 2078313
etag: "e4498c0fad19d9546fe034185d6be0a8"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 421
x-amz-cf-id: QyGCpGKcoSQoRA0erz5A7yd5G6Ar3U5KyLQB-_yatAJ-wzTDokqWXQ==

GET
H2 200 showers_increasing.gif
resources.weatherzone.com.au/wz/images/icons/fcast_30/ 401 B
727 B 368ms
366ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/icons/fcast_30/showers_increasing.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 776e2f71190ac8e9e36d0ed782bcf8722c557c25b62dcd9e9abc5de7e2058433

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 13:06:21 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 22:58:16 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 605424
etag: "8bf4deda4c689dcaba288cf52adea846"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 401
x-amz-cf-id: nPlCs6Z-1zKBZcH7UBUxq9kkEoc54qw4AbHGnlwFZT41TXZZO07VmA==

GET
H2 200 nav_icon_warning.gif
resources.weatherzone.com.au/wz/images/widgets/ 478 B
803 B 368ms
365ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/widgets/nav_icon_warning.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88fdbf02fcbe660b66c6893fc709ad674299c534e9c54df4009615c752b927f6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 04:27:01 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:42:09 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 1846184
etag: "24efe361690b13c924ecce77ba2ea003"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 478
x-amz-cf-id: crwEjT0uHcPJxcyfQrbRG2FfBPjt0DVRBVoV1LEfCnlr6OjhI7B6fA==

GET
H2 403 weatherzone_rss_350x160.jpg
resources.weatherzone.com.au/wz//images/ads/wzservices/ 0
0 584ms
581ms Image
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz//images/ads/wzservices/weatherzone_rss_350x160.jpg
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 localwx_arrow_blue.gif
resources.weatherzone.com.au/wz/images/widgets/ 325 B
651 B 367ms
365ms Image
image/gif 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resources.weatherzone.com.au/wz/images/widgets/localwx_arrow_blue.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9200935e1c176ad5941bbf242d93811401ebe2924217dfe89cbaf140e7bf4bf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 20:59:52 GMT
via: 1.1 57f07f5d6af70b966deb083e1354f6f8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 22:41:51 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 1527413
etag: "daacc89a18b1a77fa63b59840e59c453"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 325
x-amz-cf-id: LMd1SNhZRQgN0dHSn7tCgJpPgvbq9NDGh83VfLXymBxGb8qqvstTfw==

GET
H2 403 jMyCarousel.min.js
resources.weatherzone.com.au/wz/includes/jquery/ 0
0 405ms
404ms Script
application/xml 54.192.150.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/wz/includes/jquery/jMyCarousel.min.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-129.sin2.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 fol-home.png
www.farmonlineweather.com.au/images/ 7 KB
7 KB 216ms
214ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/fol-home.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: b5ce9ea266d9a7620b873c72ce4794bfd65c65b3be191d00639e9389276bf446

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:21:58 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:38 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 1061686
etag: "1a9d-5d2fd08b27c86"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 6813
x-amz-cf-id: 8roBo10yXacPs_HCkrjrJrsqjI_39OzNZxWKdWxdR9ySAH0q9CWy8g==
expires: Mon, 28 Nov 2022 06:21:58 GMT

GET
H2 200 nqr-logo.png
www.farmonlineweather.com.au/images/ 5 KB
5 KB 238ms
236ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/nqr-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: f45e7b9e1511124991ea0818692a7c4f42e2add899c16c983467d42f40ac37cc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 12:44:59 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:38 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 1470705
etag: "13f1-5d2fd08b395c6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 5105
x-amz-cf-id: 7zvx4CwAWMHEIFr9DNodhWq2nfRGpnKKPvSqd4nWN6Mlq6I0yKvauA==
expires: Wed, 23 Nov 2022 12:44:59 GMT

GET
H2 200 qcl-logo.png
www.farmonlineweather.com.au/images/ 5 KB
6 KB 373ms
371ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/qcl-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 5b58d2ef9be11bdad19cb90e0fc099e8e975aa4a5d9a139205dbaefa3ee033b0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 20:01:14 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:38 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 753330
etag: "1500-5d2fd08b32866"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 5376
x-amz-cf-id: B4nnVyJ_TLrej65WOPPuU4yqHgjN0z15-T2vYBFokY8fmlO6i6Gi9w==
expires: Thu, 01 Dec 2022 20:01:14 GMT

GET
H2 200 tl-logo.png
www.farmonlineweather.com.au/images/ 3 KB
3 KB 271ms
269ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/tl-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: b9f9c6d0ad72d7fc33cd1558c00489f65d45bc61e2e6bf159e3f9956101e38c3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 21:24:04 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:38 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 316360
etag: "b1c-5d2fd08b318c6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 2844
x-amz-cf-id: W5CwpTjPBXN_Uh53NQeI1qMrsmZdEjLEQhHYHElgvx4lOG7J0AOxMg==
expires: Tue, 06 Dec 2022 21:24:04 GMT

GET
H2 200 sl-logo.png
www.farmonlineweather.com.au/images/ 4 KB
4 KB 260ms
258ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/sl-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: ea12811af4fa5dc577286d86d8a340182b9bd6323b0ba3f4f25919e916d26df3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 20:01:14 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:36 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 753330
etag: "1025-5d2fd08997646"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4133
x-amz-cf-id: ghLqIj-fo368Uxr0o7aC1dWuvCnduv8qdG7E5YagJCfoKpgYosdguQ==
expires: Thu, 01 Dec 2022 20:01:14 GMT

GET
H2 200 sj-logo.png
www.farmonlineweather.com.au/images/ 4 KB
5 KB 384ms
382ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/sj-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 91f065334c658a997ca4edad0686689852838e1294a87448e56a2784b66edd5b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 04:55:00 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:38 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 894104
etag: "1130-5d2fd08b318c6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4400
x-amz-cf-id: Kb2vZQnxxwHFuJBbtEeWk7J_ndSpT3jA2DdBK5ViZh8ait5-Vxch4g==
expires: Wed, 30 Nov 2022 04:55:00 GMT

GET
H2 200 fw-logo.png
www.farmonlineweather.com.au/images/ 5 KB
6 KB 249ms
247ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/fw-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: c23c1f75741056ad8d50312f92a40cf4b78a258e5a4a8d81d7b55d54f2a0f0e6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 07:37:10 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 279574
etag: "1517-5d2fd09029088"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 5399
x-amz-cf-id: jmf-EGOLXrj0bOW8SJk12eC2Y8H-4MfpZ997-kPKAAn2VBAUuMogBw==
expires: Wed, 07 Dec 2022 07:37:10 GMT

GET
H2 200 farmonline-logo.png
www.farmonlineweather.com.au/images/ 4 KB
4 KB 227ms
225ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/farmonline-logo.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: f115ce3ac402aff5da4a00d48fc702c90157411cd1b6a464a95cfb17f65ba30f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:21:58 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 1061686
etag: "1033-5d2fd090668e8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4147
x-amz-cf-id: a2AOMcUFAUSEiuH7oYRCdUZdQ9DXjiQ4Tbqf8_ZJVKiRijey-k7uNw==
expires: Mon, 28 Nov 2022 06:21:58 GMT

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-au.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

655ms
204ms

Script
application/javascript

13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding: gzip
via: 1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
date: Sat, 12 Nov 2022 10:13:11 GMT
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 11014
x-amz-server-side-encryption: AES256
etag: W/"3bad78b036ef952c6ace672b2251b459"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: PDdR-aYkGA6uE98pNV8hpCQ2h75DTYPuhQHwzYxJkrs_eAPueK9oDw==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Sat, 12 Nov 2022 13:16:45 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H/1.1 200
OK ok9.js Show response
odnaknopka.ru/ 143 B
379 B 1157ms
384ms Script
text/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/ok9.js
Requested by: Host: content.dl-rms.com
URL: https://content.dl-rms.com/rms/30307/nodetag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 13:16:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
ETag: 3e7b8495e43a77f8f40dc90fc611d3d5
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8

GET
H2 200 weatherzone_navtop_background.png
www.farmonlineweather.com.au/images/head/standard/ 149 B
524 B 201ms
201ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/head/standard/weatherzone_navtop_background.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/includes/css/glob_navigation.css?r=20130129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 53deeda9ac29445a49081d49f76e445b2d33a70e25b16169e993f045071ca540

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/includes/css/glob_navigation.css?r=20130129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 04:55:00 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:38 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 894104
etag: "95-5d2fd08b35746"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 149
x-amz-cf-id: M7hqH8tbsnmWYTk12RRoSlh-adrxOi-0TzHuS_qjpKIknqOiCF-roA==
expires: Wed, 30 Nov 2022 04:55:00 GMT

GET
H2 200 nav_top_arrow.png
www.farmonlineweather.com.au/images/widgets/ 225 B
600 B 203ms
202ms Image
image/png 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/widgets/nav_top_arrow.png
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/includes/css/glob_navigation.css?r=20130129
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 5fda48c729ba08756e2013e240dd09b0f21b33ef3b6722efa601bb22acef315f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/includes/css/glob_navigation.css?r=20130129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 22:53:46 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 310978
etag: "e1-5d2fd09056ee8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 225
x-amz-cf-id: qSnltrcYkBTf75Uu-da3VHf-T1rpFjC6stjkLuDj9lTPZxFxcBEQaw==
expires: Tue, 06 Dec 2022 22:53:46 GMT

GET
H2 200 optionlist_on.gif
www.farmonlineweather.com.au/images/widgets/ 99 B
472 B 197ms
197ms Image
image/gif 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/widgets/optionlist_on.gif
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/includes/css/glob_style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 5b5c46ec6c30e23f190a7415341061e5927b2623845e952c497bde96d9b46486

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/includes/css/glob_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 15:08:46 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:43 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 1462079
etag: "63-5d2fd09056ee8"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 99
x-amz-cf-id: Nps-tn9aw2S76-_8WKI27qkh3OxZbfffyA0wtwNeBUugum-vjaDeBA==
expires: Wed, 23 Nov 2022 15:08:46 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 586ms
193ms Script
text/javascript 172.217.194.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f97.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 12 Nov 2022 11:19:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 7019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Sat, 12 Nov 2022 13:19:46 GMT

GET
H2 200 wz_layer_map_wzcountry_aus_116.jpg
www.farmonlineweather.com.au/images/layers/ 3 KB
3 KB 205ms
202ms Image
image/jpeg 18.155.68.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.farmonlineweather.com.au/images/layers/wz_layer_map_wzcountry_aus_116.jpg
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/includes/css/glob_style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-94.sin52.r.cloudfront.net
Software: Apache/2.4.54 () /
Resource Hash: 1a4ffad6583250964086e41d380ffa62056d98c17448dc21dc12a108a880f6b5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/includes/css/glob_style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 03:40:34 GMT
via: 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 01:31:36 GMT
server: Apache/2.4.54 ()
x-amz-cf-pop: SIN52-P1
age: 2280970
etag: "a59-5d2fd089d5e46"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 2649
x-amz-cf-id: K4CmzHku9SNFiFpfxHPkbsvpzphBS19cbtnmlqlhv8fG0c50GqIM9w==
expires: Mon, 14 Nov 2022 03:40:34 GMT

GET
H2 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
382 KB 194ms
193ms Script
text/javascript 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 19:16:06 GMT
x-content-type-options: nosniff
age: 64839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 390773
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 19:16:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
95 B 581ms
196ms XHR
application/json 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.farmonlineweather.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

cafe /

Resource Hash

ed4bfa5c1875ce3b632e0aca6b0228f577800e411cb5911fcdb50a385816e49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70
x-xss-protection: 0
expires: Sat, 12 Nov 2022 13:16:45 GMT

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 86 B
563 B 648ms
201ms XHR
application/json 13.33.88.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=ruralpressltd&url=https://www.farmonlineweather.com.au/

Requested by

Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-47.sin2.r.cloudfront.net

Software

Resource Hash

39532e54b5b4f90cf0429ff3131fb0e590c78fac028e8b6e0221737085a601f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:01:35 GMT
strict-transport-security: max-age=25920000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 80432223a109fcf584967597d286e714.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 80111
x-cache: Hit from cloudfront
content-length: 99
x-xss-protection: 1; mode=block
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-id: LS03jKSh2hrSM-wjvgOPd6ySLgVYjEVlRCx5OAqMNwlxHThnVeRuGA==

GET
H2 200 storageframe.html Show response
secure-au.imrworldwide.com/ Frame D976 11 KB
4 KB 200ms
200ms Document
text/html 52.76.128.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-au.imrworldwide.com/storageframe.html
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.128.105 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-128-105.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-length: 3489
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:45 GMT
etag: "6324ea19-da1"
last-modified: Fri, 16 Sep 2022 21:26:49 GMT
server: nginx

GET
H2 200 soo8h649k.js Show response
cdn.krxd.net/controltag/ 66 KB
19 KB 312ms
100ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/soo8h649k.js
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3051ffa764cf6837df04cf7a3f9492c4d74f2e82e4388a41c2cf3b23786ac54e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 12 Nov 2022 13:16:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 984
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 19125
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000174-IAD, cache-syd10151-SYD
x-response-time: 1
x-do-esi: esi
x-timer: S1668259006.289482,VS0,VE1
etag: "357ca81d8b569c735d030677675875f85a4fe5c8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 1

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1068670878&utmhn=www.farmonlineweather.com.au&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-21576599-1&cid=1946891184.1668259006&jid=684377872&_v=5.7.2&z=1068670878

35 B
430 B

582ms
194ms

Image
image/gif

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-21576599-1&cid=1946891184.1668259006&jid=684377872&_v=5.7.2&z=1068670878

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 12 Nov 2022 13:16:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-21576599-1&cid=1946891184.1668259006&jid=684377872&_v=5.7.2&z=1068670878
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
secure-au.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1668259006092&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&sr=1600...
https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1668259006092&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&sr=1600...

44 B
596 B

207ms
207ms

Image
image/gif

52.76.128.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1668259006092&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&sr=1600x1200&id=lstrg-944a1341f8e1ada2b392282befea8087&ja=1
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 52.76.128.105 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-128-105.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:46 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:46 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1668259006092&ci=ruralpressltd&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&sr=1600x1200&id=lstrg-944a1341f8e1ada2b392282befea8087&ja=1
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 11 KB
7 KB 637ms
425ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=249070
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186432-85207781403097.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d329c98c9396b4493cbc4853e777afd2b6247e379da0f1c34383cc161279496

Request headers

Referer: https://www.farmonlineweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhI6jJ8UDYlr2YbNiEyel3sP%2BoMehC9yjJBSyrcqyAvHbiPoyEwYTc%2FFSAUBkP0D2nrlUEM1d%2BINXFjyo8dA2tOFajx9oZnqoC92VQ5VKxtAkJ2BjvFIb3yPt8gZFpEoH99gLYMB"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.farmonlineweather.com.au
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 768f8b46fa88aad7-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 controltag.js.d58f47095e6041e576ee04944cca45da Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 100ms
100ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/soo8h649k.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sat, 12 Nov 2022 13:16:46 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 953077
age: 3365572
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84766
x-served-by: cache-syd10151-SYD
last-modified: Tue, 04 Oct 2022 09:41:11 GMT
x-timer: S1668259006.413373,VS0,VE0
etag: "d58f47095e6041e576ee04944cca45da"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Fri, 01 Oct 2032 09:41:10 GMT

GET
H/1.1 200
OK stat.js Show response
odnaknopka.ru/ 770 B
959 B 385ms
384ms Script
application/javascript 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/stat.js
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/ok9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0599d1678c7d235c258d74876dc842f187fc0dd0660ee4a744341fcfd00eac5f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 13:16:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 12 KB
5 KB 204ms
204ms Script
application/javascript 13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0be780bef183e52fbd511546ce9c2992467a24930c9c51766dcc99d08a2b95b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:00:18 GMT
content-encoding: gzip
via: 1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-version-id: CVDmml475X_Ng8LWjtiu5ea3i9DjmCH0
last-modified: Sat, 12 Nov 2022 11:21:39 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 988
x-amz-server-side-encryption: AES256
etag: W/"7e0ca8188a780ef0c0a11f7a5f33686e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: 29iTU2yIb5XvlY61GBCA13tiwKymHJPP1u0Is5wOBdxmrJaCtxW_iA==

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame C967 805 B
826 B 100ms
100ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 34727984
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Sat, 12 Nov 2022 13:16:46 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 272160
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-syd10151-SYD
x-timer: S1668259007.663587,VS0,VE0

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ 240 B
435 B 490ms
278ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c5023ba0eb7b42e9c362c60c31dca10fe5507fbe90809324cddd188ecef03ea7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: consumer-a009-pdx-prod.krxd.net, cache-syd10151-SYD
date: Sat, 12 Nov 2022 13:16:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1668259007.920656,VS0,VE179
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 195
x-cache-hits: 0, 0

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 231ms
231ms Script
application/javascript 13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding: gzip
via: 1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
date: Sat, 12 Nov 2022 12:20:25 GMT
x-amz-cf-pop: SIN2-P2
age: 3382
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 28 Sep 2022 14:09:01 GMT
server: AmazonS3
etag: W/"81a9e2a298d0019660cb2966f0c24748"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: bKjqCLT0eC_xwKPuF6yiU7LLPbnGxC2LxEAvpCN9bR1E4v8EKBntaA==

GET
H2 200 soo8h649k.js Show response
cdn.krxd.net/controltag/ Frame C967 66 KB
19 KB 100ms
100ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/soo8h649k.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3051ffa764cf6837df04cf7a3f9492c4d74f2e82e4388a41c2cf3b23786ac54e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 12 Nov 2022 13:16:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 984
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 19125
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kiad7000174-IAD, cache-syd10151-SYD
x-response-time: 1
x-do-esi: esi
x-timer: S1668259007.776959,VS0,VE0
etag: "357ca81d8b569c735d030677675875f85a4fe5c8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 2, 2

GET
H/1.1

200
OK

/ Show response
hlmiq.com/vu/us/ Frame 1320
Redirect Chain

https://resistcorrectly.com/stat
https://hlmiq.com/vu/us/

188 B
380 B

1185ms
394ms

Document
text/html

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlmiq.com/vu/us/
Requested by: Host: odnaknopka.ru
URL: https://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c576c76548bc1f401c700ae01d9906954788a89d81cbfeb2a1788dc62e4e03e4

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 13:16:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 13:16:48 GMT
Location: https://hlmiq.com/vu/us/
Server: nginx/1.12.2
Transfer-Encoding: chunked

GET

sync_cookie_read.htm
login.aliexpress.com/ Frame 9B55
Redirect Chain

https://feneteko.com/a
https://s.click.aliexpress.com/e/_DkvbRPd?af=a;68432&cn=dallas&cv=320403&dp=173.245.209.46
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&68432&cn=dallas&cv=320403&dp=173.245.209.46&aff_fcid=c8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd&tt=CPS_NORMAL&aff...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2668432%26cn%3Ddallas%26cv%3D320403%26dp%3D173.245.209.4...

0
0

GET
H2 200 controltag.js.d58f47095e6041e576ee04944cca45da Show response
cdn.krxd.net/ctjs/ Frame C967 259 KB
83 KB 106ms
105ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/soo8h649k.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sat, 12 Nov 2022 13:16:46 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 953078
age: 3365572
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84766
x-served-by: cache-syd10151-SYD
last-modified: Tue, 04 Oct 2022 09:41:11 GMT
x-timer: S1668259007.889091,VS0,VE0
etag: "d58f47095e6041e576ee04944cca45da"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Fri, 01 Oct 2032 09:41:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 597ms
197ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.farmonlineweather.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 585ms
196ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.farmonlineweather.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 88 KB
25 KB 1215ms
1214ms XHR
text/plain 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2378648470900532&correlator=2718501976351616&eid=31068366&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=21666581298%2Cfarmonlineweather%2CHome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C300x250%2C300x250%7C300x600%2C300x250&ifi=1&adks=2436397213%2C102493410%2C4227007446%2C102493420&sfv=1-0-39&prev_scp=%7C%7CIOM%3D300x600_6%26ix_id%3D_g4c3Vf78%7CPos%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1668259006960&lmt=1668259006&dlt=1668259002856&idt=3426&adxs=561%2C315%2C985%2C985&adys=37%2C952%2C245%2C423&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&frm=20&vis=1&psz=728x-1%7C300x0%7C300x0%7C300x0&msz=728x-1%7C300x0%7C300x0%7C300x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1662483909.1668259007&ga_sid=1668259007&ga_hid=1482033249&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f155.1e100.net

Software

cafe /

Resource Hash

90cf0cdf42ccc6f9a313b12387b2c0ea813a48d75e32f4be83ffcbd1325bb9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25643
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.farmonlineweather.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 07B6 6 KB
3 KB 670ms
194ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:47 GMT
expires: Sun, 12 Nov 2023 13:16:47 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
511 B 418ms
210ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=249070&u=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186432-85207781403097.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.farmonlineweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiwsZeBRLQbFnZ354wn%2FOjqfngNP36t5Bq9B2HCeB9kjaUB0f5CjI5OKPZ14cp7hiUWqiG2h2VaH0GpOCE7pY9wmrxku0qPJED8jde19V0wx5nbpFHu3Kqi%2FcpH1uQigRLl6%2FRPqJ94%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.farmonlineweather.com.au
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 768f8b4b3bd1a968-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 3220481e-9545-495d-b98d-6e863d0aa1af Show response
consumer.krxd.net/consent/get/ Frame C967 225 B
288 B 281ms
281ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/3220481e-9545-495d-b98d-6e863d0aa1af?idt=device&dt=kxcookie&callback=Krux.ns.fairfaxacm.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aca812459d3c2ab7544d53f93c7ba6acb51d27ce78fc3943b2091c88e7784d98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: consumer-a006-pdx-prod.krxd.net, cache-syd10151-SYD
date: Sat, 12 Nov 2022 13:16:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1668259007.047971,VS0,VE181
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 188
x-cache-hits: 0, 0

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 8313 12 KB
4 KB 201ms
201ms Document
text/html 13.33.88.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-113.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2045
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 12 Nov 2022 12:42:43 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Wed, 28 Sep 2022 14:09:00 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2da7d450deef501f4b6eb466e3a79f4a.cloudfront.net (CloudFront)
x-amz-cf-id: hlHpRYM9f79-P-GvwXCv9osl1ECJzyetvQEaMshM8t1Jh6nSCTT4Mg==
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache: Hit from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C967
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=UE1jZUVxN3g
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEA5bvJWiLtEstImKhB-gcs8&google_cver=1

0
336 B

576ms
265ms

Image
text/plain

54.202.29.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEA5bvJWiLtEstImKhB-gcs8&google_cver=1
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n003-pdx-prod.krxd.net
date: Sat, 12 Nov 2022 13:16:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=21 t=1668259008
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEA5bvJWiLtEstImKhB-gcs8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C967
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UE1jZUVxN3g
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UE1jZUVxN3g&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM4V61WQ57l1q09aw2_jH5c&google_cver=1

0
336 B

666ms
265ms

Image
text/plain

54.202.29.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM4V61WQ57l1q09aw2_jH5c&google_cver=1
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n008-pdx-prod.krxd.net
date: Sat, 12 Nov 2022 13:16:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=21 t=1668259008
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM4V61WQ57l1q09aw2_jH5c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26357
stags.bluekai.com/site/ Frame C967 62 B
427 B 1372ms
592ms Image
image/gif 23.207.37.206
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/26357?id=PMceEq7x
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.37.206 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-37-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 12 Nov 2022 13:16:48 GMT
content-length: 62
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/ Frame C967
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PMceEq7x&rn=1668259007
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=PMceEq7x&rn=1668259007

43 B
262 B

356ms
355ms

Image
image/gif

13.33.88.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=PMceEq7x&rn=1668259007
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 13.33.88.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-104.sin2.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:48 GMT
via: 1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
content-length: 43
x-amz-cf-id: MirDqvTIVjkqE0V_4p23JePj_6Y9GgxHZDzj0wEcxaxMRPscSRF05g==
x-cache: Miss from cloudfront
content-type: image/gif

Redirect headers

location: /p2?c1=9&c2=8188709&cs_xi=PMceEq7x&rn=1668259007
date: Sat, 12 Nov 2022 13:16:47 GMT
via: 1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
content-length: 0
x-amz-cf-id: gB50aVVROlZQquqTZPKAc864yqUXogTHPH03IglYYdczug1esPR6uA==
x-cache: Miss from cloudfront

GET

match
ps.eyeota.net/ Frame C967
Redirect Chain

https://ps.eyeota.net/match?bid=i0r4o4v&uid=PMceEq7x
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PMceEq7x
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjR0aWhvc09ITGtLaFlPQWNPNU8yOXBmN0xGUlZxeEtCd2tEZExjVkprSUk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=i0r4o4v&google_gid=CAESEIVoTTgfU6eP7zAdjyxtj20&google_cver=1
https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D2%2526dc_mr%253D5%2526dc_orig%253Di0r4o4v%2526
https://ps.eyeota.net/match?uid=7034244450352962069&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=i0r4o4v&
https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3Di0r4o4v%26
https://ps.eyeota.net/match?bid=9sn4omv&uid=IKJAsrSD1OTQnp5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v&

0
0

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame C967 42 B
448 B 487ms
278ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=PMceEq7x
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:47 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

g.js
aa.agkn.com/adscores/ Frame C967
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PMceEq7x

43 B
500 B

696ms
215ms

Image
image/gif

52.199.182.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PMceEq7x
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 52.199.182.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-182-20.ap-northeast-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:48 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PMceEq7x
date: Sat, 12 Nov 2022 13:16:48 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a016-ash-prod.krxd.net

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C967 0
656 B 788ms
197ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C967
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Y2.cvyf-eBIUGoJ.n3zqXgAA%264692

0
338 B

841ms
264ms

Image
text/plain

54.202.29.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Y2.cvyf-eBIUGoJ.n3zqXgAA%264692
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n007-pdx-prod.krxd.net
date: Sat, 12 Nov 2022 13:16:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1668259008
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juQfIZSfXWfSlLZLJ%2FFnqU7hgC4yJkiw%2B7SQLFokvF6QU9U%2BM4dEHVmiJcS5ucALN9GYUZ0dR7QV2JECg2KX7%2BRgfTmlvfa7f2GBQbuAHV9kRbTFHq3rXGmx2jltHCZvyqWtovysOIDSww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=Y2.cvyf-eBIUGoJ.n3zqXgAA%264692
cache-control: no-cache
cf-ray: 768f8b4f7d5ba889-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

tpid=PMceEq7x
sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/ Frame C967
Redirect Chain

https://sync.crwdcntrl.net/map/c=9164/TP=KRUX/tpid=PMceEq7x
https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PMceEq7x

49 B
545 B

224ms
224ms

Image
image/gif

3.0.197.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PMceEq7x
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 3.0.197.111 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-197-111.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.21.247
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=9164/TP=KRUX/tpid=PMceEq7x
cache-control: no-cache
x-server: 10.42.20.110
content-length: 0
expires: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C967
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?p=160769&gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160769%26partnerUID%3DPMceEq7x%26gdpr%3D0%26gdp...
https://image6.pubmatic.com/AdServer/UCookieSetPug?p=160769&gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160769%26partnerUID%3DPMceEq7x%26gdpr%3D0%26gdp...
https://image4.pubmatic.com/AdServer/SPug?partnerID=160769&partnerUID=PMceEq7x&gdpr=0&gdpr_consent=

0
260 B

608ms
201ms

Image
text/plain

67.199.150.85
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=160769&partnerUID=PMceEq7x&gdpr=0&gdpr_consent=
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 67.199.150.85 Los Angeles, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=160769&partnerUID=PMceEq7x&gdpr=0&gdpr_consent=
date: Sat, 12 Nov 2022 13:16:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 gn
secure-au.imrworldwide.com/cgi-bin/ Frame 8313 44 B
596 B 211ms
211ms Image
image/gif 52.76.128.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-au.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=gyhyygz6ebrjjnunoz8x07vfjorfd1668259007&c16=sdkv,bj.6.0.0&uoo=&fp_id=ev5ialjtm8u2rhukdbh1s4xmsr3ui1668259007&fp_cr_tm=1668259007153&fp_acc_tm=1668259007153&fp_emm_tm=1668259007153&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&retry=0
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.128.105 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-128-105.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:47 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
gyhyygz6ebrjjnunoz8x07vfjorfd1668259007.nuid.imrworldwide.com/ Frame 8313 35 B
351 B 837ms
201ms Image
image/gif 54.192.150.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gyhyygz6ebrjjnunoz8x07vfjorfd1668259007.nuid.imrworldwide.com/
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-117.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 00:17:59 GMT
via: 1.1 4642e61e7cbb0e6314e66efe50b70646.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 46730
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: vgTUk7ZtksACR6Q8BBvVsuGpjfWCyFW93yBsWfwo-ResbLNRRVTF3w==

GET
H2 200 container.html Show response
06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame B99C 6 KB
3 KB 495ms
193ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:47 GMT
expires: Sun, 12 Nov 2023 13:16:47 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 60C9 6 KB
3 KB 503ms
202ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:47 GMT
expires: Sun, 12 Nov 2023 13:16:47 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210191347000/ Frame 208F 221 KB
61 KB 591ms
194ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 17:11:33 GMT
age: 417915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61564
x-xss-protection: 0
server: sffe
etag: "84cdcac007f64412"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 17:11:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 208F 14 KB
5 KB 924ms
527ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 17:11:33 GMT
age: 417915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5198
x-xss-protection: 0
server: sffe
etag: "aeb1502543fb438c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 17:11:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 208F 94 KB
28 KB 942ms
546ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 17:11:33 GMT
age: 417915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28845
x-xss-protection: 0
server: sffe
etag: "fdb7364f8f067758"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 17:11:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 208F 5 KB
2 KB 1024ms
628ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 17:11:33 GMT
age: 417915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "9f4a70ec77acc0d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 17:11:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 208F 40 KB
13 KB 1030ms
634ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 17:11:33 GMT
age: 417915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "2923b90bb7365105"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 17:11:33 GMT

GET
DATA 200
OK truncated
/ Frame 208F 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30ebafd8f1df6d9a645caa3c52d95e516649ae73ef257f08bf811bbd37c78364

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 9EA5 6 KB
3 KB 495ms
194ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.farmonlineweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:47 GMT
expires: Sun, 12 Nov 2023 13:16:47 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8681750586995113703
tpc.googlesyndication.com/simgad/ Frame 208F 45 KB
45 KB 816ms
425ms Image
image/jpeg 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8681750586995113703?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnxrdnC0TzZYpzPE1m8W6C9imQJBQ

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

ec90e62528b7355dfcb1069f6c07e33320bbda391a4e2a56c59c0653b9f8b3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46064
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 23:45:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Nov 2023 13:16:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 208F 3 KB
3 KB 582ms
193ms Image
image/png 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
server: cafe
age: 38057
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Sun, 13 Nov 2022 02:42:31 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 208F 344 B
421 B 584ms
195ms Image
image/png 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
server: cafe
age: 38057
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 13 Nov 2022 02:42:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 208F 0
0 210ms
209ms Image
text/html 142.251.10.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8CMrv5xvY5qnB9PGmsMPxJ2PgAzql-X4bITN1tClEJq17JPBBxABINvxuVdgpYCAgJABoAG38uf9A8gBAuACAKgDAcgDCKoE_AFP0Akim1DZOWTO1ynxq6aaRtNJa-QVTfeXymoO87ecqhBaTHR84LMzZLZZGe9ExalUMdWtdd1mGuxQTo_i-VtdH1qy-LXLaYo4DCl5eDJ-Gnh1a_FcY1isBuOzL4HrGNyf5-_Aw0x5GnUTTCisxNVc4LigZGjVgFMHXEeEtjFTk74OxTJklZsZ0M2j1jLp_LywmWK4kID_TeQnfRYad-AWy2g-AKq2MRgBVCbqg4qAywjPXi6RhWyfGxxnCL-bnkt15sNGY8wQwfBsFEHkiAsxx63AhVsOQKa1jajB1fFXOCLe4Xw6Q8hD9hZQvYWyaUzaOlpa96QU6H7yiRDABMrdh5jZA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAexjZgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQn_FV0ggQCIhhEAEYHTIDioIBOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi03ODg4Njc2NjU0MDQ3MzkzGKXOag&sigh=2sZsvIw_78I&uach_m=[UACH]&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4EC2 624 B
670 B 589ms
198ms Document
text/html 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGJ75ktEBMAE&v=APEucNU_P3MfpnkZypHTMHmjcBtHvSaAhZgS1c5AGG7GxqIc2Uy9HgVTE4C1rt3nbWGAx4Tiy0N78GhhNenSNPdAocEON0l2Sg

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B99C 80 KB
34 KB 978ms
587ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CquOaKe0aH8RyW2CnHayo0bxDioQq3QlbquiGZYN5t7aIQXxKzosjXMErkOwPfG9FaT3jPDhDtHrlTmAEl8F9pLY-2DArA5iFAKzN1_sW32IOPaTsyTBiDQzP44lEe3hC8cf2i-RfBOO9twvOW41M3w9ZcyFCLTa4Nz9l5HgV6mUSfi5amk0vNY7m2bwb8GI7mlbup&cry=1&dbm_d=AKAmf-BVTK8HzwbufEleha8khw5RpWxHgxse-BTM_JPYfzuZL3r_haPErfFZBvXBlIO1HCAhC-CJujbLfhJ2Np1G3PRKXxK_KZviDEMQI-WaPFiNCYYU3xDYTKkFq4rP4KF2DsTIrdrvSTzsVajPNsb1VZwB3BRrIHmfCH6k4JTjj1shgDpNibGI_bdm6BgJOtNB5NPGAkXhrqGUj2G4uaVMPTzBS5eGVjXl4hiKyGx3Ce6tMImXlnJZ1h_phppqX3saz5_MedD3phT2EiwdRTfkjUf890qdGV71hseVmtVYfnatJtTvlCOhORx8ux2YztkUEILAsfaWG7s20-v36pm29ZnSdbKwQkI5hZ8lB0U1M44xwKxEiCjIntXD8KY5Z13GT-C-dOjNzdsSJ3JuMyckMcQW7z1XaUQG1zh3lp0oBfEic7ZtmjMzMRcB-4oEfUjol0KQUW2ftKpP2DH3nDuYED_sY0kWry_ar4cVPfoBL6qy9D8yby5NUCT-jh8bnv8Dist8ZUOKwfqLKuB40k4YOWC-Q4b4yxnsspd5FWVceMAFk98lenitKAR78NjY4b7u8V0sgqAsiBy0hfbCQqd5IRTcBD1Lc_75Qi-JrI4tmt20_tpTB3-LasGa2FR2DbCPg1IJbu05fkUSWYIxrsg1IMzulLYK461s0LoI9qUUfZJfnAwMYfng4VH9s4-DUSg_qm1pG0BA5f2DMixmzJvtwEWCCM8xWVhd8pr2hj7D5Mslm82NIDTm9XA6hr0T9Co-7uqm7-KSEbo4t3A6tgDs8c5WxmkuNRDK4U7mp6bmsq5e_E05ptZfg79b4V8V7SIOUCMcKnDsu9vknxvxcv6lRW10YfkYDpQxgSn80QTOUkW3iX3yzE0vgZwitG9iYlSGCxWZ1sm25n82xWJ3SzZrbbJgezVKCX37x1c9931lWfUQ4a98AN76_Oj5XqCKWoz78KrNPvGqur2BDNLVBCsIgKBpRxmb9nqGOc7cBCjjuTmDlDA0XNFRVLapQVDCXjANrbHJnrRFym59TgXeA_PJ_Y8sPOeIO_hFRcWg0AxqulrBLIRZAYTd-21kapUbu0K33xTWySTtRCzozfUKUvr9ovtHT4Mr-JkixVcGlw3wWrIgCV1wSVAttcKT061KFVuxTbNAtBoxVAOEKAkmDDaNG34UzEYRKeWg01Vz_ypFXiXUeg8BFuM7WEpqw3awBv69vlPkXV5D8cL7vEfc7ZXwve_kctIae1-FgOaekV2DrRhDmWjYDk8weF3Qr6b1Xm1v0NUQ4oDAFsv0v_keozqczNVekmldb3FL5jL69fWCnOsBzxcj6bbr4J94xfCFJsfo5XZWZrCXf_fMcpVgMOJXWnvf4F5DRt18Sgdem02UgdP08CHfX8lytIT3d2KaKe70Yz79H811YjlXNVmdTAc9mNifRh22LuR7io9MsXccPfowoghDGAfRMlZqpQ-w92GRPB2Z3QEyc8ApOty_xqsgPnkKQR1jcHppPjl0M0ybsxUPfEIJtaHKgPJP2SZlymF7k7rzPYPT9JeHRZS9YlY8vJUMx0fXltdnpLDQ_OazXiUqJxOMsf4aOB1ApbxrNKk9ooLd3vm6e9YWqRiUet2kn-rb1ZQVehaQq41hthc6J4zsOBa0g4SukU5zsgXDfE-Z1U6VK3Drmar1-cNoae_9t2jNYwOebwla3JsUkfsRg-O5dbFOVW7NsOF6VcMQGMeUTKWpfJqhUmF-s-8Rcd9vnvY7RaDN75PXH3ydCuB9RDvSTG8YYh4hcoO-5c_PoJZPKjuF6q9utcYDiAv81f7nufjXAFdK7RXOd7eWARxOlN0m6Xoa1zC3RTzZsib-cAjSVV6IFX0FNXWJDqbB99zybSc9Mm6JMAgdWhuGpJ_1AmTWgpfvk_2BFUUv6tnalzhjUqfgV0ga1VcdRbtbMCsL2kq2ILDhOpIRRhofhmcqLUyKWYT5MXm3QbT0Z0JJ080HB5Gh4-F9kGFK3UOnFjifSM2GhYD85pP2FjZcF8AvINjFLnKuR9F-fsSja_11SRO0izgkm6p_AZROIqj3VIS2-XTrPh8NINYWGTiSM2_AdacJi5pLb3yzcQyYSZDL70ccDgdXK2XoRGxkXcpumdPcf6WX55K9PVWjIZKToLXGWBtI4jPltjk_NNOxXAo1X7XH394vNEShgYznqMeXR0969TIxMx3uhTuIoawwkePazC0ZokaWnNBApW3JxrlU883P8CNSVw1_jRDhWrDuyT9d-TqPeOgmDa2Kf6g8PUSL7BwOZRFiWki8-_rTduoefQyuAOHxSyUs1im3LhWke0jweaIgYex5CciS8TLuM7-BbM_9bh6bY-Lm9HkMG-ZZ1ZEAK6cLkvTJda0sESRvW2HWvjY-sHpwGuAoEhy9zk-r6L76IHsH2osx9lCw_mC7e-yiEPkC_O43vS2qj3AKg0hogsHT_gwuZtjojZ5_Ea9nsGILvFz_Qwlsd9R5s0axnLMvz-Mc39dA91J7ClFQbbvsPBEux1YN9H4p7cW4QjEB3JG6kf8E8IvzscxqEmknm6sTQYf5hDC0FXdUZ_DSMyfx_b7r53Brb0337jAaX5bPtIioUE3VMoW43K4JxtzrUwLrqyP6iOunMi4gT6akH8FUGWYJba1Hm8wfbAP2J7ic_ZaZPryjIxn5oBdwZd-78dnbdr1V7LPvjEO6ghM3Fkj0K37YBKIfHbD9bTFnoYDaCoLeBo0uuk8bexQj9y2Oyu93LYXx7bjyY6Tfn0BCwfUXSLfQerrJGlrhMfTqVps4HtN-e2txrKCzHWTIQzfk1SyNu3hAzYT5waONQtKjsPz3DY4giCX3twrHrATqWurT7LaFaJA2mFadNW_uUR3I0BVzDQBen2W7qpiHvwCMUciPSE_eV3a3bc2ls2cFPS9JPJoVMYJZHohkIPZXxkRzUdbS1uC7WBOUp_J9H_cDcWFR1JmM9fZ-4aayob7lQmUx9IuVLgC-E3HHspB_EhXO4NTqwTvSyCjCTxNlZABZmk4RxHBGa47Rwg-CMAitCtkdLLxslICEc9YzfO_245SlaZ2fjG7Qe1vy-hxTwQ2ZShAyx9egom0JJ80ibQDH1vrf2ibKmeLG8hDvatDTJN8-z3qhPANjKfH-dbjFxjWitGnWWJe7tiKiU4DppWdAPif1-2HvNTlaNL-sY9bACKYGiv3b96QlFosgxMltW77h31pGksrr9PEJtn85zR7Q-pLaqpMLaMJkh-o8LN_sLiMvU3JqNaa_39PqhwwHuEkQYlv0_9tB2jQKlzCiT41qJULUrSnDzxQVkB8Y94AAk4EzAZR_hwDt1LP7LE2sW7CXWNRqnH_7iVFhW11ms1hOJmGtw7vkbL1EpYZTgq5l24G_Tt3XJie9EHEZxc_u-rxfIix0U_wjF6Vk8hWSyiaGTF0eT0ykQ8uObIs&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.farmonlineweather.com.au%252F%240

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

91acdccd53d56fac97c1852c6024b19aee2d98d30a534ab99a56f0d673d594d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34443
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B99C 42 B
494 B 582ms
193ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0Cp6MZhMUW7UwfijhbrmMMUpe_wgPEgE0sLwCDoM2uycLy6JTP143GHbaYciDEmZSl7xsvAp-PHxTnDAuVJu0g1b4kNgSBifelLDFDOl1iNoCuJU

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame B99C 3 KB
1 KB 214ms
213ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 02:48:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame B99C 18 KB
7 KB 193ms
192ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 02:48:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B99C 0
0 622ms
235ms Image
text/html 74.125.68.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjdrNYFFvq7aHgyXUQNpwUfqihiW_KZMbzL7Bd4NVHYFS1xIrbnRuANX9EcR_0_IP5UmcXsukw11wGoik0A705hl3zfg
Requested by: Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B99C 154 KB
48 KB 585ms
194ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 13:16:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8046 624 B
285 B 578ms
199ms Document
text/html 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNWEgHGS-iDsyqej180q_t2AIZHeuugX3RESnB-gaS7Tp2ASOm8SYhT20fc8qONhHK-YNZq8sRzAE2zAqVJPj2WG9Y_P1A

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 60C9 80 KB
34 KB 603ms
224ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Az_1RrQ0k6ude7nSOo7LM-2MRW_xGedbjolEJJLPl_d3C2lYo4Q4uqg70BndMsuc4Cte8blGRct8LFN0k8HE4SOCRifRA_28z8YAKUxMN-fc4BC-jDWl7rN4GIlEqg7Mcy1D21c-OC2HzB3xjP6jOIfd5Qvk3ztnlYW7e0HFkzT8p-rK7lMQCbmMHiEhbH_KRC-OlZ&cry=1&dbm_d=AKAmf-DAeR5Enr427NJQdahvWtZ7tL3U5Ek1PlHuqo7dMJCLRB0RD3C-z85DZcziGYuePk-LKThXZYef3qMAxGPItffvY79HsudED6LHxkD7vvyw7xL5NdXfmGbHa68TcL7BEaYHqUAhsLWEotK2dEWPX6dtF3FpNvP96g8KI1rJ5cqRwMZoYGtt8FBqFlcZMtLdD60J8AInr3A80uJSLRBNIzhQsFQ7oZn_eQrPAKr8ROuwmmSNqt5KO4H__uk9FJj0EhFYV0zCL5U-JjZjgxLkeJw1DqQc6c8MG_mhdFCoYv1jxUJN2xTSdgg-oohyimWMl27oqp9nogi_vNtVVb7QtPyKD6nUk1v-OAWXv9omRVKCU2KJ1-kj_VEIDaWMXZo9YCDP90XtMx5ohWpEkrZic7WKMZRn0q95y6TCD0spX56IXpMGUDSFYNgQNG-IWc3LWAA2789h067WHNI3tciMwuk2646R8aKVQqYonL9aowui9ZA-0ywe0d9xNc8zzMhICDPxIAMb_HAljbNn8tjKrmgdpZyrMS1VfsVng2_-eO3uRwfFZUDvIB-w2C2m9mGK8yrPhZTUS6C8CKoqPvYC1ZZ_bPMNy4LKi2k-simOiczpDeMNcDDlDBFkpytobO9f2o4QQlt7_d43kdeqh80lVgmDmmh4hbTPfxP2Vvji5BFHktw5J30ckjTOlC5pbfn_MH6FOdAM29kr2-f-C48-cAU0cQW_v_IK_C8L53qe1QwSc8lfhX-A_fZwiruQ-s77y9z0q4oW4-YYgZKTC6k_OqQKacGt9xcz8RHdEzAmrTJlTbsWxJMOzpJOES9d6fEmM2nJWfvLQJn3MSxc_cgmgEGgHIiuTM-1ToINoZI_UNoSAwlYN7LI8JTexxdKoKNdxwFdcCKdRVsCA3xNrpdosyOPfzK8HfDFIl58v9EMWZODJWe1PqbjF4GZcOytGS_BvqVqVj1hgcChR7wVikkDiwg4AbVPnc1NW_K2E6XECxpKuswPLThQMvZ-3MJLuY1UmimXCTAyPOtSS595Yz6gSqrAEbgo028EVc5VMalN8RHUSMOpZfR_MSUd0pr-m-ZopEYNM1TJLQITPHdBlfHO3rhDhKzQceMTOc83S9NJ3vB-TEm3OnWqmcMoqkpnWTFae2RmBMQBHrLJFtp81hee4-spzYNEG6cNbiuBRgJxDjzlPsMk5d2N3ZI6jHojAhtX1b6evuncgk4N604_9DCQDG4o0MD5mYtovfxGz4vvr5j_wNcj_Cq9TIGSAHy-VZQfET0UHnSpX6xjGSV-dL9JsBFgsNvrBMIA7YyAi7zvtk_k6ETd5zBspm3O_awbpJZnwTHZjFwvz28M3ZgbDe5WViY2N3xQIKJq1EseIaADPaHNIr3vEMMMZ3oGjRUjAAULUsBulwFXTdWho5tbnjqz_NxHVcxfvDp6XzahafVFAp6nNvprrdW6HacPQymf4Xp_tx4-osbBkfX5hpyhTame1K7cpAurHUt_0z6P9EPkMY1I1M2g38abUeAd4MSx9VxX8RXyLLfIYXoD7H8NJIxlpGrehUdg-exHBx3XeBhQkaZsbWRFXSaLNhWePhrDS6B3gQrAcT475zdItG9SXZzawLUr5WSYym_xmlOi2oSuJVkbrte1RJXh5dGcZxUIp2ne5XmYAwoY89xATYYOLCxMgG-zjbySSC79CYBPdTi4JgVm-VvnitMDb9cl7CP6BJYsAN6jNs62EEMzGfhmJUyHMqODW4qTmTQB2-ySeiLiMvHU4q_LzMBikaFpbn8mAYMcSqJSaJVHbupwSHdUR8QGwjcKrH3ruM6J_leekbD_ZozYJolwWEr9B-st0dV0N6JQ3dz0oGTvQiHTdQK1okneQGfJbae_hLOlrsFkGWHJKINDXvXUgAntsSQqy1ZudlIVFzNCfB2NqVy7xvfznSgpoOQvSMRbWDMsdodfMaf1LS_xAIA2N5lEMj-iKHfzf5CiuynShkcLkMN6p6l9efBlUSEzBZhemK-4MgRDUwRCxUfGhd-mrYkkAB35xxC9pvtvE7wcSFgy-C6RLZJY-Bbl7aABGE6uuYvFmR_IZVr1Q5ffUgSftqXe0Nc6FMMMmW0d-J1Wyejeau1QgAZMwatbXYmlxUcwVEhIXognu-XuvyvkymGVip8kX2Ff-c4QZvt8_hO6nxGbEj9KLtKkR_7Ifho1KjdeG5_WzmkJOFTEFGvSSHJkWNWP-v7nn546krxAW1_6VT90PgY2SYP6WNXEqN5yv8WfUJhikLPWAkresFX_rSh_RG-WFuXjr0O6E_X7wc2VY-IyY091PRpAi9EeyzbxC7GqkZIqRRfgF9xQ0M0VGkCpvVrebjx_GB-2q7-BcFrLhMy-kgHyXiqxa6F6WbfRfOwfQQ-nNX9ejP7lRmrJg1LN5awMSSNkKx67fMQRCwe65bhW4M-kebpnTUoKkchdTLS5lGmEHLrFVDuZg00FXTAqS-h00-c0VFf_yPXTUo2UAorRQkpMoQXLfagqFhn3qecbtH3w26BNc4bRWlZnXPhLG4xF7FJOq2yHjO-mCgdZN5g-CSx079WFRgV4-uMl1n12TWpUc9cHvdrfpFbxcmP1InrAT2hVF08f1Mt3h65ZQGYwdWs7CAVHiISdRT2AEEJRS6Do1Xs6IF-uqZo2zmd9vWzZAZ9MQJvZk6O1YKaa5yki-u9rzw2TGt3dw-M1nRjqojsLVmJlegaFo8WFCt1IyUzkjX3VufNrufIQ6l7gDMJPUT22hscyoSI6EVDRV7Ul-6n-0MgXVLX5HmGxgcOqhIE-P-tgLzmjhd22TzdBbfOZJLR2xee7dXrtAbNiDHGxKB7ZMJsix217-SQsrqw0cr7AHKBnOL_GswQhkKYVqeEBzK_fzqo_VxQicXirBHrHliTL8pzqZnk7TSsyGEx81rue6yHB4fzgoW68CvNUlbmp2pLeXxbro9gwCXjrfY4tNodmg0pdcdfuyylIWWUdYIIeW9EtoIFC81YMa71-KyE2rT9R1BLT75dUADC4xwx_nAU7WG9XUyD8TJB-H3LJwfUXmyjmHSeRy-POO8ZBt9iwea4MK2zuGGEpHBCmcJRA842Ew0EnmbsYD8bhIqw9lQ82lL62_MqWV44aLBxarZdvIiyZou2opJGULR6ngcFFqV5P63lx9B4RttC5Y1bZsXBO-Pn4noQ4UOkVrBjIyc9MAxJpgjEEQ6otzpeXTs9tYkpcByIJ98ljpSHvWJYFQZka81JtnpF8876093ofWKmsduh_tWwCE65krGzSIci9UPe6e8PFRAj2BcjMGnL-x800opmPSlPlYy7JTKd8kKdSUX7GM8hng5JfGkF84Mm_fKBL5Xgwb8Uf64bMzmEgDIWhCmH2TsnDZRip4m_0iiG3l87tlQN0QKqcaDG077UXYsF8rtidzot9BtyQr51r05DW5mXD9i6ZvC3Hn58cjhuH3SjnzRQERZgNEluRuoAkTQ&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.farmonlineweather.com.au%252F%240

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

8034e05b2d1392383bd63760e194319a83d4a0a46cd47576c67265f5a5e16756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34570
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 60C9 42 B
107 B 571ms
194ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CTpEEVeBz8blX4-OLWJXN5iaG__A65c8Gr9oWIs9BkZdwrNBgDTlPgwtTwlaBnSTT_lWDeME_BnTnnmHjWXF9znC1knhr1VQFxldY0BPD2jIKSD8I

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 60C9 3 KB
1 KB 318ms
317ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 02:48:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 60C9 18 KB
7 KB 215ms
214ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 02:48:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 60C9 0
0 613ms
239ms Image
text/html 74.125.68.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmRKmEOm-ufb0DelWqk9XRnbF-Ax6uyIuiigTh7EWv2XMs3mCeDDRkrst4NlUMC5qV1WQ9ikr6LYItTNyVzllmvaecIg
Requested by: Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60C9 154 KB
47 KB 859ms
480ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 13:16:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B618 640 B
308 B 917ms
585ms Document
text/html 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNXMppb77RTSI9lSKSUOORFij14R1uZgH8d_x2H3Y4EPR1M0lIXiAuN3Fc4SuoCZQnWr_RzJyi9sgzbsifysCa5aoHqSjQ

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9EA5 80 KB
34 KB 786ms
456ms Script
text/javascript 142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BW2AqzURuryWoXAtlE4efn9L92f6qR-SK3WPXJ-_iqlFQery4EK8eBND6frlQBf62jVEJbsjsVdJleJZWAbaM4YqFe0OV5LIbCL6cmep3nu5QzeAUcbFVoWMybtLOuPSsgflnTuNrlU_EQmbjkUwVuVzK15JZ69rRepdZsUyq0NjfChAQ1yort66ttqdhrBNgNsOfn&cry=1&dbm_d=AKAmf-CAg46r6RlBK4wzRuDM869RRCYk9_dT59sLwWrDsbijTx9ngVUhyOL31p8FEvFh-0vyhpJjb02SxqIkfZy0c-95H7wbJJuW1LORUgUoGE7WT7EhF9kMZsHSUxFFdaygl3XmIae51w15RyUoNAW3ZT4N2KYwOgcDOYGZg737v0Ld0OO4-_R4h2S_UONsm_xK2TTaE_x5NMcrHfwAfGXOZB8BKiRDULU4T2KrxX0XphELmf8EcM27rbtb7-5-Qg96xCt5XYl6qc6htke2JTSGNgf95lbr9TypUXTh3IJwosC-Lp8kNRWIWHAMjY32t0mvusgL3PdQnRqqibyEzi8j4iU-87Vbjy1GAH3tuT1HHqAgz9CZ9P1Vgee-93XZU8xPgaq0_cjLwc-ICBkuFJRJWXVTsDTLe_2FCKRFWaKKbrkIY23hGbnsDiU5V1fHhslLIUX8ozk81eizX0mzI4e5-WtP4cqqflq2Wo8lDmajulbZqnHnjQyNTCZqkbGe1Qacgfs2sueYgcwPtCXkA8BlzQDdb43vZ3eVYL1U-chnx3zKR6qnOVuu1_YPewAO6cA9ZfFtpztr4YwmTw8X0g5VynZxGxJlDCixIBcaYOiPJwJX_nxjK5PXHmRwg8u9caktXpXuzFEV6DahM7g4_9of16mT8D9eG-ka6XaoA_FIlqrQ61kXM7_uKMtaxFjO16b6TkdHO7cb2ANeVdoOSPSTncYaqjE-SGwezpHFgwlFkmwPGXk8BVPG5K8sjZC3oGOlgxlRiU-qfQTKwBhgyz1U_YSqTTtsn6PyuhIK8rGxe_PpifB_uv4BdBm4Wf6RTdmS96CQ7EscFfjnJU4Q142sulSW0lqM4cW1Iw3zTxGs94zcNVawr-vzvJ6DhmYRnwBX7oyPfncDJHZylrYcDU9ZvViXMya6OVqGCovpn5JS6m--7zelis_uSOHKBhYH8pwuIB0VTn7MyMavmK_DpUKpfCuMsxSP-pPb9uQx48k7VGvM3Tu-zB-sn9YOrkQ0Pm-B3U8CO96uyWfBG9s3WES3Z2FgKL_TXKQW34rLU433YM6dP-fQq2l2nKRLtmIO4Z_lJXgtJxBE-CQBimSGDPbuimB29sw35eElpFPNzHLdld6iUi26QZevXxDILa7LGzrVUVBhjblUFuWo0BqNXZPiAEu6OlHDG0t0phcCVnCb3WJrdBwn3_RRn9MnFo8atRq2fWH9DYIk9p7BFQQqo-fshcmK8GAfMEt8jS4OL1c-2mPOTJaDhhHJtiYTQsVE_t5c6Jk7FMgq4iOXn_VG3chIfYSLyrBYmQ2dWZYGoiSvnbouvwL9THRksDhDQYuIbJEMXiiEQniac80gDCG28gIDhKLmA4XzDMAq2MZR-Pqxrv4G1CK_aPLikv6ce-rGO7c9LlDUG9A8X5H6wFGFKOmXg3-lnYsMRgeonMXN99rio9SyoZcOQFUUvhMqQ2IaS_SdvLwMvVi1ezYVPyGOlDl9RmL79MoeamlwmPMWLmaC7HstvclLUt6Fv0qm4HtPx4xvmsVs2pBbXnlEY6gDFIBw7g6T2i7SNUWmHuTO0rSwm8fvW0hRAg6rKkljMUGp2VhFR4lRGeXKQw38eF7jVJnsoC3xgwR5LQMYW9OqPDbKzEkC_-Q2weZwPEw5r9SxnE0iaU2PuzGqGi7rXJD7SJVHhvpFxwXXL_xR60wb3Fmwog0ZtZF4LIakt9UvYCHOacZySqFgcFbJNltuZjZnm_JUrapnI2OkWBtYeDKDeceDzVBCyB7Srm8CZHYV6HlZyj2PF-1-ANOIiUthmYLr9mjTgD_vkfOGPuCnWYDDXjUSSbAfJaTmAuub7MR_1IuK-ijLdD7ZfJwSReNQ9TJXefSulhhzqbIOhPFfX0rJaVvn7lEzPdmIiS3naVdca185jtW4HgAZ6_phDQ6c3LrEMZUafiw1S_r_09nInwRZ9WQvGBM96Wxaz59o2s7WWqWJDgJsNJiZ4TIFQoSq_58Lr5T3_hUJKPgV5OB12QUnJP2aU1yVmC49jFB_xRkpQJApkUz5yYmP2hv7c6HT2lj_UD76gbCxQaimqZ4E3zHY9nu13LaLZfjy3-Z97R54imYU1UuGTNmPhyQ8sf_KQbiL7UVIQF2oLno_92ZJieQHQjhbtyh75QSRsMn28XTWDq3Eiyp8ZrLB_mY8hSIqmiQgvOylwV7XN_jlOsSoPeOVNlej-k5_LaSQgGvUAO-Ps_-vHannpw185E-idoEY1ZemRoT_YjSqsOCbh4YEZY8xC5jFrPvDVOINcD9fotzf38whUK1ygvEcP-ZsC7coq_p6w2Xn9AgsVEZQ13mO8fSfaehTdcMVIq6kLH191w3STxk4QWLX2AX7AoDUu1lIKHRSheR1ceLOLhzFopUe1zFdT6siQWIWrR6FScsQzEJlbqOqAZTaG7GSIm2ych0SL0yuRzVX4j3od_Zq_9jlzw00PJ-UA9pZc1BnFXR1BDq_yakI9m_honQhBlfiVONVZfga892Lw7aEZZDXwyVnYnSDi4h9ZEOtiZLl4EGcbHSdtu4pCSd6EQ1h3RmV7PP8iHJm4iRTKy_OhD56eRR5waRLxKpZzvZWrTR5wC_Ne5doqDIAGXMZadoU1iUicuZb4rHg3p1yS5QVTC-isyoGVMXEz_3YrqXmZzisr7YwVmTaikHKZa_yGcZ3uSkmqgo8kBGhkg6KpopijECPwaCseDnqMOqAMGfd26-KgTZyDDswT4UVv6UPrtBbGIZSI15dPkazVtokSH1SqYQ2XWVxISVgDwEggM6ShbpLkC9s7yAblgGUUPBFABqh8NNlImqm6XhsF9STxfUvxB80fJrq0lSc6JkN4aOf3HUb90ykI7Ezk7G2x-yGwcVskr3-gHixySPSPMLZvCuTUy4GB-s8HDv7UBX2yXZ0jw7ogkq5URNo-z-40c8kHOo1mDmz-kT5AwOTAgBJXthTejaQHdwAU2RlBzW0xgfIFn44T_YlBH89s0kRsG1E2x3Wb-7PpEcsIdvGPQbE0aJTmlm6tKnFFR1Gpul9II0bGP557rZ_CmapEO-L7FIWWh6V3pnKleSZrM1PQUEGP7389_pF86ZpuyCX2-SyfzHhdzMQ0Ek8WaV9Qu8znbR81pTb39k8JPMoMmPpKrgwSr8bQhlIr9QidZDAKK1LbVuGeJL9asPXA1v-6HI73D650BUe472ChA7uOiFVQBQZPyOAV8mAiYaibtCrDCtfTX98mxtTyR5DkcrqICunGBBCgSBfrK928LIoZ4pfPN4Hy54FYgxm_YyhPcnUy41xAeYNPd4rXki2pfPiHnRPncdlQn3ulKKhT5dbY0NRmRNp5kUMmHc0ERTjl3jeHCBuh8hkzTwpF8MbZebCvbr3PHkQyjQgCZVJ4VyYOkglWlB7SYcFfRZpxEhtWPSTkWYaeL5rdYy-mU-49hijx2qbr4WJWHM_3SyLTCqBMAltNsnGtkERckzKTQ&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.farmonlineweather.com.au%252F%240

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f155.1e100.net

Software

cafe /

Resource Hash

86ececb795f37ae370f5e8cac77b770a980a638a1853f2019f864d52cdb2a33d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34642
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EA5 42 B
107 B 522ms
194ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bxc-rBNIaWG6P-hGJrP9dUV7BwsnFLRLFdoGFLFSNAWMW-X-uoKkFR71cmKIrxdRHWTU79rn9nQeoDlVICwdSns7s8hkX2odkoRbzQzPbO6Sdy2A0

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 9EA5 3 KB
1 KB 473ms
471ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 02:48:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 9EA5 18 KB
7 KB 279ms
277ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 02:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 02:48:45 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9EA5 0
0 569ms
243ms Image
text/html 74.125.68.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPEq0GgUDnAxFAUBEW1eDuuKKlXsQCc8F93tR3iAOuyWoTS5oyc9xDaBOUpUFLqMhd4Vp7gDKWlePrvDGRhl9DRAsjFA
Requested by: Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EA5 154 KB
47 KB 965ms
635ms Script
text/javascript 142.250.4.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f154.1e100.net

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 13:16:49 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 208F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

498ms
197ms

Image
text/html

142.250.4.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Server: 142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date: Sat, 12 Nov 2022 13:16:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4EC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1

43 B
766 B

590ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGJ75ktEBMAE&v=APEucNU_P3MfpnkZypHTMHmjcBtHvSaAhZgS1c5AGG7GxqIc2Uy9HgVTE4C1rt3nbWGAx4Tiy0N78GhhNenSNPdAocEON0l2Sg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 13:16:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4EC2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2.cvyf-eBIUGoJ.n3zqXgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2

43 B
766 B

198ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGJ75ktEBMAE&v=APEucNU_P3MfpnkZypHTMHmjcBtHvSaAhZgS1c5AGG7GxqIc2Uy9HgVTE4C1rt3nbWGAx4Tiy0N78GhhNenSNPdAocEON0l2Sg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 13:16:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4EC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1

43 B
1 KB

564ms
255ms

Image
image/gif

104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGJ75ktEBMAE&v=APEucNU_P3MfpnkZypHTMHmjcBtHvSaAhZgS1c5AGG7GxqIc2Uy9HgVTE4C1rt3nbWGAx4Tiy0N78GhhNenSNPdAocEON0l2Sg

Protocol

HTTP/1.1

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 13:16:49 GMT
AN-X-Request-Uuid: 21f01e58-2bd9-411e-9ec7-7c03f5aa93bc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.46; 173.245.209.46; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EC2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5MDczNzY3MTczNDg1MjE1MQ%3D%3D

170 B
188 B

201ms
200ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5MDczNzY3MTczNDg1MjE1MQ%3D%3D

Requested by

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 12 Nov 2022 13:16:50 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.46; 173.245.209.46; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6627b798-22fb-48fc-8269-346021688014
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc5MDczNzY3MTczNDg1MjE1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8046
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1

43 B
766 B

593ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNWEgHGS-iDsyqej180q_t2AIZHeuugX3RESnB-gaS7Tp2ASOm8SYhT20fc8qONhHK-YNZq8sRzAE2zAqVJPj2WG9Y_P1A
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 13:16:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8046
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y2.cvyf-eBIUGoJ.n3zqXgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2

43 B
766 B

197ms
197ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNWEgHGS-iDsyqej180q_t2AIZHeuugX3RESnB-gaS7Tp2ASOm8SYhT20fc8qONhHK-YNZq8sRzAE2zAqVJPj2WG9Y_P1A
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 13:16:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIAWTBIPFfbXWrb-qxOTo0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8046
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1

43 B
1 KB

700ms
257ms

Image
image/gif

104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNWEgHGS-iDsyqej180q_t2AIZHeuugX3RESnB-gaS7Tp2ASOm8SYhT20fc8qONhHK-YNZq8sRzAE2zAqVJPj2WG9Y_P1A

Protocol

HTTP/1.1

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 13:16:50 GMT
AN-X-Request-Uuid: 8347e174-2738-4598-98f3-b5221b50dea4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.46; 173.245.209.46; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMHP2QjG-eqgaBeHQBMV3KI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8046
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzg3MjcyMTc3MjMyMDQxOQ%3D%3D

170 B
188 B

199ms
199ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzg3MjcyMTc3MjMyMDQxOQ%3D%3D

Requested by

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 12 Nov 2022 13:16:50 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.46; 173.245.209.46; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5ea03885-6a8e-417e-80fe-a9f0d27beaa6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc3Nzg3MjcyMTc3MjMyMDQxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gn
secure-au.imrworldwide.com/cgi-bin/ 44 B
596 B 204ms
204ms Image
image/gif 52.76.128.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-au.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_b39_0&sessionId=gyhyygz6ebrjjnunoz8x07vfjorfd1668259007&fp_id=ev5ialjtm8u2rhukdbh1s4xmsr3ui1668259007&fp_cr_tm=1668259007153&fp_acc_tm=1668259007153&fp_emm_tm=1668259007153&asn=0&prv=1&c6=vc,b39&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,ayzatzt1uoxk2he5wsb51sqbxiccy1668259007&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1668259007149260&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwww.farmonlineweather.com.au%2F&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1668259009&rnd=810603
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.128.105 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-128-105.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK / Show response
hlmiq.com/vu/us/ Frame 7477 11 KB
3 KB 392ms
392ms Document
text/html 142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlmiq.com/vu/us/?
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 559eb1d11b28dc7cdf3968b2f24be18cc6957d107d58fa800ed24dc937e56b5d

Request headers

Referer: https://hlmiq.com/vu/us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 13:16:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 60C9 106 KB
38 KB 594ms
193ms Script
text/javascript 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Origin: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 15:09:11 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/ Frame 60C9 8 KB
3 KB 493ms
192ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Az_1RrQ0k6ude7nSOo7LM-2MRW_xGedbjolEJJLPl_d3C2lYo4Q4uqg70BndMsuc4Cte8blGRct8LFN0k8HE4SOCRifRA_28z8YAKUxMN-fc4BC-jDWl7rN4GIlEqg7Mcy1D21c-OC2HzB3xjP6jOIfd5Qvk3ztnlYW7e0HFkzT8p-rK7lMQCbmMHiEhbH_KRC-OlZ&cry=1&dbm_d=AKAmf-DAeR5Enr427NJQdahvWtZ7tL3U5Ek1PlHuqo7dMJCLRB0RD3C-z85DZcziGYuePk-LKThXZYef3qMAxGPItffvY79HsudED6LHxkD7vvyw7xL5NdXfmGbHa68TcL7BEaYHqUAhsLWEotK2dEWPX6dtF3FpNvP96g8KI1rJ5cqRwMZoYGtt8FBqFlcZMtLdD60J8AInr3A80uJSLRBNIzhQsFQ7oZn_eQrPAKr8ROuwmmSNqt5KO4H__uk9FJj0EhFYV0zCL5U-JjZjgxLkeJw1DqQc6c8MG_mhdFCoYv1jxUJN2xTSdgg-oohyimWMl27oqp9nogi_vNtVVb7QtPyKD6nUk1v-OAWXv9omRVKCU2KJ1-kj_VEIDaWMXZo9YCDP90XtMx5ohWpEkrZic7WKMZRn0q95y6TCD0spX56IXpMGUDSFYNgQNG-IWc3LWAA2789h067WHNI3tciMwuk2646R8aKVQqYonL9aowui9ZA-0ywe0d9xNc8zzMhICDPxIAMb_HAljbNn8tjKrmgdpZyrMS1VfsVng2_-eO3uRwfFZUDvIB-w2C2m9mGK8yrPhZTUS6C8CKoqPvYC1ZZ_bPMNy4LKi2k-simOiczpDeMNcDDlDBFkpytobO9f2o4QQlt7_d43kdeqh80lVgmDmmh4hbTPfxP2Vvji5BFHktw5J30ckjTOlC5pbfn_MH6FOdAM29kr2-f-C48-cAU0cQW_v_IK_C8L53qe1QwSc8lfhX-A_fZwiruQ-s77y9z0q4oW4-YYgZKTC6k_OqQKacGt9xcz8RHdEzAmrTJlTbsWxJMOzpJOES9d6fEmM2nJWfvLQJn3MSxc_cgmgEGgHIiuTM-1ToINoZI_UNoSAwlYN7LI8JTexxdKoKNdxwFdcCKdRVsCA3xNrpdosyOPfzK8HfDFIl58v9EMWZODJWe1PqbjF4GZcOytGS_BvqVqVj1hgcChR7wVikkDiwg4AbVPnc1NW_K2E6XECxpKuswPLThQMvZ-3MJLuY1UmimXCTAyPOtSS595Yz6gSqrAEbgo028EVc5VMalN8RHUSMOpZfR_MSUd0pr-m-ZopEYNM1TJLQITPHdBlfHO3rhDhKzQceMTOc83S9NJ3vB-TEm3OnWqmcMoqkpnWTFae2RmBMQBHrLJFtp81hee4-spzYNEG6cNbiuBRgJxDjzlPsMk5d2N3ZI6jHojAhtX1b6evuncgk4N604_9DCQDG4o0MD5mYtovfxGz4vvr5j_wNcj_Cq9TIGSAHy-VZQfET0UHnSpX6xjGSV-dL9JsBFgsNvrBMIA7YyAi7zvtk_k6ETd5zBspm3O_awbpJZnwTHZjFwvz28M3ZgbDe5WViY2N3xQIKJq1EseIaADPaHNIr3vEMMMZ3oGjRUjAAULUsBulwFXTdWho5tbnjqz_NxHVcxfvDp6XzahafVFAp6nNvprrdW6HacPQymf4Xp_tx4-osbBkfX5hpyhTame1K7cpAurHUt_0z6P9EPkMY1I1M2g38abUeAd4MSx9VxX8RXyLLfIYXoD7H8NJIxlpGrehUdg-exHBx3XeBhQkaZsbWRFXSaLNhWePhrDS6B3gQrAcT475zdItG9SXZzawLUr5WSYym_xmlOi2oSuJVkbrte1RJXh5dGcZxUIp2ne5XmYAwoY89xATYYOLCxMgG-zjbySSC79CYBPdTi4JgVm-VvnitMDb9cl7CP6BJYsAN6jNs62EEMzGfhmJUyHMqODW4qTmTQB2-ySeiLiMvHU4q_LzMBikaFpbn8mAYMcSqJSaJVHbupwSHdUR8QGwjcKrH3ruM6J_leekbD_ZozYJolwWEr9B-st0dV0N6JQ3dz0oGTvQiHTdQK1okneQGfJbae_hLOlrsFkGWHJKINDXvXUgAntsSQqy1ZudlIVFzNCfB2NqVy7xvfznSgpoOQvSMRbWDMsdodfMaf1LS_xAIA2N5lEMj-iKHfzf5CiuynShkcLkMN6p6l9efBlUSEzBZhemK-4MgRDUwRCxUfGhd-mrYkkAB35xxC9pvtvE7wcSFgy-C6RLZJY-Bbl7aABGE6uuYvFmR_IZVr1Q5ffUgSftqXe0Nc6FMMMmW0d-J1Wyejeau1QgAZMwatbXYmlxUcwVEhIXognu-XuvyvkymGVip8kX2Ff-c4QZvt8_hO6nxGbEj9KLtKkR_7Ifho1KjdeG5_WzmkJOFTEFGvSSHJkWNWP-v7nn546krxAW1_6VT90PgY2SYP6WNXEqN5yv8WfUJhikLPWAkresFX_rSh_RG-WFuXjr0O6E_X7wc2VY-IyY091PRpAi9EeyzbxC7GqkZIqRRfgF9xQ0M0VGkCpvVrebjx_GB-2q7-BcFrLhMy-kgHyXiqxa6F6WbfRfOwfQQ-nNX9ejP7lRmrJg1LN5awMSSNkKx67fMQRCwe65bhW4M-kebpnTUoKkchdTLS5lGmEHLrFVDuZg00FXTAqS-h00-c0VFf_yPXTUo2UAorRQkpMoQXLfagqFhn3qecbtH3w26BNc4bRWlZnXPhLG4xF7FJOq2yHjO-mCgdZN5g-CSx079WFRgV4-uMl1n12TWpUc9cHvdrfpFbxcmP1InrAT2hVF08f1Mt3h65ZQGYwdWs7CAVHiISdRT2AEEJRS6Do1Xs6IF-uqZo2zmd9vWzZAZ9MQJvZk6O1YKaa5yki-u9rzw2TGt3dw-M1nRjqojsLVmJlegaFo8WFCt1IyUzkjX3VufNrufIQ6l7gDMJPUT22hscyoSI6EVDRV7Ul-6n-0MgXVLX5HmGxgcOqhIE-P-tgLzmjhd22TzdBbfOZJLR2xee7dXrtAbNiDHGxKB7ZMJsix217-SQsrqw0cr7AHKBnOL_GswQhkKYVqeEBzK_fzqo_VxQicXirBHrHliTL8pzqZnk7TSsyGEx81rue6yHB4fzgoW68CvNUlbmp2pLeXxbro9gwCXjrfY4tNodmg0pdcdfuyylIWWUdYIIeW9EtoIFC81YMa71-KyE2rT9R1BLT75dUADC4xwx_nAU7WG9XUyD8TJB-H3LJwfUXmyjmHSeRy-POO8ZBt9iwea4MK2zuGGEpHBCmcJRA842Ew0EnmbsYD8bhIqw9lQ82lL62_MqWV44aLBxarZdvIiyZou2opJGULR6ngcFFqV5P63lx9B4RttC5Y1bZsXBO-Pn4noQ4UOkVrBjIyc9MAxJpgjEEQ6otzpeXTs9tYkpcByIJ98ljpSHvWJYFQZka81JtnpF8876093ofWKmsduh_tWwCE65krGzSIci9UPe6e8PFRAj2BcjMGnL-x800opmPSlPlYy7JTKd8kKdSUX7GM8hng5JfGkF84Mm_fKBL5Xgwb8Uf64bMzmEgDIWhCmH2TsnDZRip4m_0iiG3l87tlQN0QKqcaDG077UXYsF8rtidzot9BtyQr51r05DW5mXD9i6ZvC3Hn58cjhuH3SjnzRQERZgNEluRuoAkTQ&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.farmonlineweather.com.au%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 19:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 19:22:14 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 60C9 29 KB
11 KB 501ms
201ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 18:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11172
x-xss-protection: 0
server: cafe
etag: 1193498290069121257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 18:36:54 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 83 B
242 B 265ms
265ms Script
text/javascript 54.202.29.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.fairfaxacm.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 494e75f228f4ada66acec72ea644bc6f64c80c244f54506bea77de2fa56aaac2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n001-pdx-prod.krxd.net
date: Sat, 12 Nov 2022 13:16:49 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=29 t=1668259009
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 364 B
506 B 316ms
316ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=3220481e-9545-495d-b98d-6e863d0aa1af&technographics=1&callback=Krux.ns.fairfaxacm.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2ddce8d20789ac78878d4a0a65cabb31563901dc7f5f81c42365fffdad92de3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Sat, 12 Nov 2022 13:16:49 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: userdata-a006-ash-prod.krxd.net, cache-syd10151-SYD
age: 0
x-timer: S1668259010.701815,VS0,VE216
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 278
x-cache-hits: 0, 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9EA5 106 KB
37 KB 816ms
545ms Script
text/javascript 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Origin: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 15:09:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/ Frame 9EA5 8 KB
3 KB 571ms
302ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BW2AqzURuryWoXAtlE4efn9L92f6qR-SK3WPXJ-_iqlFQery4EK8eBND6frlQBf62jVEJbsjsVdJleJZWAbaM4YqFe0OV5LIbCL6cmep3nu5QzeAUcbFVoWMybtLOuPSsgflnTuNrlU_EQmbjkUwVuVzK15JZ69rRepdZsUyq0NjfChAQ1yort66ttqdhrBNgNsOfn&cry=1&dbm_d=AKAmf-CAg46r6RlBK4wzRuDM869RRCYk9_dT59sLwWrDsbijTx9ngVUhyOL31p8FEvFh-0vyhpJjb02SxqIkfZy0c-95H7wbJJuW1LORUgUoGE7WT7EhF9kMZsHSUxFFdaygl3XmIae51w15RyUoNAW3ZT4N2KYwOgcDOYGZg737v0Ld0OO4-_R4h2S_UONsm_xK2TTaE_x5NMcrHfwAfGXOZB8BKiRDULU4T2KrxX0XphELmf8EcM27rbtb7-5-Qg96xCt5XYl6qc6htke2JTSGNgf95lbr9TypUXTh3IJwosC-Lp8kNRWIWHAMjY32t0mvusgL3PdQnRqqibyEzi8j4iU-87Vbjy1GAH3tuT1HHqAgz9CZ9P1Vgee-93XZU8xPgaq0_cjLwc-ICBkuFJRJWXVTsDTLe_2FCKRFWaKKbrkIY23hGbnsDiU5V1fHhslLIUX8ozk81eizX0mzI4e5-WtP4cqqflq2Wo8lDmajulbZqnHnjQyNTCZqkbGe1Qacgfs2sueYgcwPtCXkA8BlzQDdb43vZ3eVYL1U-chnx3zKR6qnOVuu1_YPewAO6cA9ZfFtpztr4YwmTw8X0g5VynZxGxJlDCixIBcaYOiPJwJX_nxjK5PXHmRwg8u9caktXpXuzFEV6DahM7g4_9of16mT8D9eG-ka6XaoA_FIlqrQ61kXM7_uKMtaxFjO16b6TkdHO7cb2ANeVdoOSPSTncYaqjE-SGwezpHFgwlFkmwPGXk8BVPG5K8sjZC3oGOlgxlRiU-qfQTKwBhgyz1U_YSqTTtsn6PyuhIK8rGxe_PpifB_uv4BdBm4Wf6RTdmS96CQ7EscFfjnJU4Q142sulSW0lqM4cW1Iw3zTxGs94zcNVawr-vzvJ6DhmYRnwBX7oyPfncDJHZylrYcDU9ZvViXMya6OVqGCovpn5JS6m--7zelis_uSOHKBhYH8pwuIB0VTn7MyMavmK_DpUKpfCuMsxSP-pPb9uQx48k7VGvM3Tu-zB-sn9YOrkQ0Pm-B3U8CO96uyWfBG9s3WES3Z2FgKL_TXKQW34rLU433YM6dP-fQq2l2nKRLtmIO4Z_lJXgtJxBE-CQBimSGDPbuimB29sw35eElpFPNzHLdld6iUi26QZevXxDILa7LGzrVUVBhjblUFuWo0BqNXZPiAEu6OlHDG0t0phcCVnCb3WJrdBwn3_RRn9MnFo8atRq2fWH9DYIk9p7BFQQqo-fshcmK8GAfMEt8jS4OL1c-2mPOTJaDhhHJtiYTQsVE_t5c6Jk7FMgq4iOXn_VG3chIfYSLyrBYmQ2dWZYGoiSvnbouvwL9THRksDhDQYuIbJEMXiiEQniac80gDCG28gIDhKLmA4XzDMAq2MZR-Pqxrv4G1CK_aPLikv6ce-rGO7c9LlDUG9A8X5H6wFGFKOmXg3-lnYsMRgeonMXN99rio9SyoZcOQFUUvhMqQ2IaS_SdvLwMvVi1ezYVPyGOlDl9RmL79MoeamlwmPMWLmaC7HstvclLUt6Fv0qm4HtPx4xvmsVs2pBbXnlEY6gDFIBw7g6T2i7SNUWmHuTO0rSwm8fvW0hRAg6rKkljMUGp2VhFR4lRGeXKQw38eF7jVJnsoC3xgwR5LQMYW9OqPDbKzEkC_-Q2weZwPEw5r9SxnE0iaU2PuzGqGi7rXJD7SJVHhvpFxwXXL_xR60wb3Fmwog0ZtZF4LIakt9UvYCHOacZySqFgcFbJNltuZjZnm_JUrapnI2OkWBtYeDKDeceDzVBCyB7Srm8CZHYV6HlZyj2PF-1-ANOIiUthmYLr9mjTgD_vkfOGPuCnWYDDXjUSSbAfJaTmAuub7MR_1IuK-ijLdD7ZfJwSReNQ9TJXefSulhhzqbIOhPFfX0rJaVvn7lEzPdmIiS3naVdca185jtW4HgAZ6_phDQ6c3LrEMZUafiw1S_r_09nInwRZ9WQvGBM96Wxaz59o2s7WWqWJDgJsNJiZ4TIFQoSq_58Lr5T3_hUJKPgV5OB12QUnJP2aU1yVmC49jFB_xRkpQJApkUz5yYmP2hv7c6HT2lj_UD76gbCxQaimqZ4E3zHY9nu13LaLZfjy3-Z97R54imYU1UuGTNmPhyQ8sf_KQbiL7UVIQF2oLno_92ZJieQHQjhbtyh75QSRsMn28XTWDq3Eiyp8ZrLB_mY8hSIqmiQgvOylwV7XN_jlOsSoPeOVNlej-k5_LaSQgGvUAO-Ps_-vHannpw185E-idoEY1ZemRoT_YjSqsOCbh4YEZY8xC5jFrPvDVOINcD9fotzf38whUK1ygvEcP-ZsC7coq_p6w2Xn9AgsVEZQ13mO8fSfaehTdcMVIq6kLH191w3STxk4QWLX2AX7AoDUu1lIKHRSheR1ceLOLhzFopUe1zFdT6siQWIWrR6FScsQzEJlbqOqAZTaG7GSIm2ych0SL0yuRzVX4j3od_Zq_9jlzw00PJ-UA9pZc1BnFXR1BDq_yakI9m_honQhBlfiVONVZfga892Lw7aEZZDXwyVnYnSDi4h9ZEOtiZLl4EGcbHSdtu4pCSd6EQ1h3RmV7PP8iHJm4iRTKy_OhD56eRR5waRLxKpZzvZWrTR5wC_Ne5doqDIAGXMZadoU1iUicuZb4rHg3p1yS5QVTC-isyoGVMXEz_3YrqXmZzisr7YwVmTaikHKZa_yGcZ3uSkmqgo8kBGhkg6KpopijECPwaCseDnqMOqAMGfd26-KgTZyDDswT4UVv6UPrtBbGIZSI15dPkazVtokSH1SqYQ2XWVxISVgDwEggM6ShbpLkC9s7yAblgGUUPBFABqh8NNlImqm6XhsF9STxfUvxB80fJrq0lSc6JkN4aOf3HUb90ykI7Ezk7G2x-yGwcVskr3-gHixySPSPMLZvCuTUy4GB-s8HDv7UBX2yXZ0jw7ogkq5URNo-z-40c8kHOo1mDmz-kT5AwOTAgBJXthTejaQHdwAU2RlBzW0xgfIFn44T_YlBH89s0kRsG1E2x3Wb-7PpEcsIdvGPQbE0aJTmlm6tKnFFR1Gpul9II0bGP557rZ_CmapEO-L7FIWWh6V3pnKleSZrM1PQUEGP7389_pF86ZpuyCX2-SyfzHhdzMQ0Ek8WaV9Qu8znbR81pTb39k8JPMoMmPpKrgwSr8bQhlIr9QidZDAKK1LbVuGeJL9asPXA1v-6HI73D650BUe472ChA7uOiFVQBQZPyOAV8mAiYaibtCrDCtfTX98mxtTyR5DkcrqICunGBBCgSBfrK928LIoZ4pfPN4Hy54FYgxm_YyhPcnUy41xAeYNPd4rXki2pfPiHnRPncdlQn3ulKKhT5dbY0NRmRNp5kUMmHc0ERTjl3jeHCBuh8hkzTwpF8MbZebCvbr3PHkQyjQgCZVJ4VyYOkglWlB7SYcFfRZpxEhtWPSTkWYaeL5rdYy-mU-49hijx2qbr4WJWHM_3SyLTCqBMAltNsnGtkERckzKTQ&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.farmonlineweather.com.au%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 19:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 19:22:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 9EA5 29 KB
11 KB 459ms
193ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 18:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11172
x-xss-protection: 0
server: cafe
etag: 1193498290069121257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 18:36:54 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B618
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGrApjJ8V193mteFtQG-Q28&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGrApjJ8V193mteFtQG-Q28&google_cver=1

43 B
61 B

299ms
196ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGrApjJ8V193mteFtQG-Q28&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNXMppb77RTSI9lSKSUOORFij14R1uZgH8d_x2H3Y4EPR1M0lIXiAuN3Fc4SuoCZQnWr_RzJyi9sgzbsifysCa5aoHqSjQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGrApjJ8V193mteFtQG-Q28&google_cver=1
date: Sat, 12 Nov 2022 13:16:50 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B618
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY0ODQ5ZTUtZTJlNy0yMjdiLWNmZDAtMThiOGJhYmM4Njlj

170 B
188 B

200ms
200ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY0ODQ5ZTUtZTJlNy0yMjdiLWNmZDAtMThiOGJhYmM4Njlj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNXMppb77RTSI9lSKSUOORFij14R1uZgH8d_x2H3Y4EPR1M0lIXiAuN3Fc4SuoCZQnWr_RzJyi9sgzbsifysCa5aoHqSjQ

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 12 Nov 2022 13:16:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWY0ODQ5ZTUtZTJlNy0yMjdiLWNmZDAtMThiOGJhYmM4Njlj
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame B618
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKEs7gAOs1QX0JMr0cc-Hfc&google_cver=1

23 B
286 B

978ms
357ms

Image
image/gif

23.53.160.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKEs7gAOs1QX0JMr0cc-Hfc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIOBlZkCEIPxheoCGPeEk9EBMAE&v=APEucNXMppb77RTSI9lSKSUOORFij14R1uZgH8d_x2H3Y4EPR1M0lIXiAuN3Fc4SuoCZQnWr_RzJyi9sgzbsifysCa5aoHqSjQ
Protocol: H2
Server: 23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-138.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sat, 12 Nov 2022 13:16:50 GMT
pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEKEs7gAOs1QX0JMr0cc-Hfc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B618
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGJjOWFlM2ItN2ExMC00MTBiLWIyOTYtMmE0ZThkMTc2ZTBj

170 B
188 B

198ms
198ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGJjOWFlM2ItN2ExMC00MTBiLWIyOTYtMmE0ZThkMTc2ZTBj

Requested by

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
server: akka-http/10.2.9
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=OGJjOWFlM2ItN2ExMC00MTBiLWIyOTYtMmE0ZThkMTc2ZTBj
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Sat, 12 Nov 2022 13:16:50 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B99C 106 KB
37 KB 611ms
426ms Script
text/javascript 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Origin: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 15:09:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/ Frame B99C 8 KB
3 KB 469ms
286ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CquOaKe0aH8RyW2CnHayo0bxDioQq3QlbquiGZYN5t7aIQXxKzosjXMErkOwPfG9FaT3jPDhDtHrlTmAEl8F9pLY-2DArA5iFAKzN1_sW32IOPaTsyTBiDQzP44lEe3hC8cf2i-RfBOO9twvOW41M3w9ZcyFCLTa4Nz9l5HgV6mUSfi5amk0vNY7m2bwb8GI7mlbup&cry=1&dbm_d=AKAmf-BVTK8HzwbufEleha8khw5RpWxHgxse-BTM_JPYfzuZL3r_haPErfFZBvXBlIO1HCAhC-CJujbLfhJ2Np1G3PRKXxK_KZviDEMQI-WaPFiNCYYU3xDYTKkFq4rP4KF2DsTIrdrvSTzsVajPNsb1VZwB3BRrIHmfCH6k4JTjj1shgDpNibGI_bdm6BgJOtNB5NPGAkXhrqGUj2G4uaVMPTzBS5eGVjXl4hiKyGx3Ce6tMImXlnJZ1h_phppqX3saz5_MedD3phT2EiwdRTfkjUf890qdGV71hseVmtVYfnatJtTvlCOhORx8ux2YztkUEILAsfaWG7s20-v36pm29ZnSdbKwQkI5hZ8lB0U1M44xwKxEiCjIntXD8KY5Z13GT-C-dOjNzdsSJ3JuMyckMcQW7z1XaUQG1zh3lp0oBfEic7ZtmjMzMRcB-4oEfUjol0KQUW2ftKpP2DH3nDuYED_sY0kWry_ar4cVPfoBL6qy9D8yby5NUCT-jh8bnv8Dist8ZUOKwfqLKuB40k4YOWC-Q4b4yxnsspd5FWVceMAFk98lenitKAR78NjY4b7u8V0sgqAsiBy0hfbCQqd5IRTcBD1Lc_75Qi-JrI4tmt20_tpTB3-LasGa2FR2DbCPg1IJbu05fkUSWYIxrsg1IMzulLYK461s0LoI9qUUfZJfnAwMYfng4VH9s4-DUSg_qm1pG0BA5f2DMixmzJvtwEWCCM8xWVhd8pr2hj7D5Mslm82NIDTm9XA6hr0T9Co-7uqm7-KSEbo4t3A6tgDs8c5WxmkuNRDK4U7mp6bmsq5e_E05ptZfg79b4V8V7SIOUCMcKnDsu9vknxvxcv6lRW10YfkYDpQxgSn80QTOUkW3iX3yzE0vgZwitG9iYlSGCxWZ1sm25n82xWJ3SzZrbbJgezVKCX37x1c9931lWfUQ4a98AN76_Oj5XqCKWoz78KrNPvGqur2BDNLVBCsIgKBpRxmb9nqGOc7cBCjjuTmDlDA0XNFRVLapQVDCXjANrbHJnrRFym59TgXeA_PJ_Y8sPOeIO_hFRcWg0AxqulrBLIRZAYTd-21kapUbu0K33xTWySTtRCzozfUKUvr9ovtHT4Mr-JkixVcGlw3wWrIgCV1wSVAttcKT061KFVuxTbNAtBoxVAOEKAkmDDaNG34UzEYRKeWg01Vz_ypFXiXUeg8BFuM7WEpqw3awBv69vlPkXV5D8cL7vEfc7ZXwve_kctIae1-FgOaekV2DrRhDmWjYDk8weF3Qr6b1Xm1v0NUQ4oDAFsv0v_keozqczNVekmldb3FL5jL69fWCnOsBzxcj6bbr4J94xfCFJsfo5XZWZrCXf_fMcpVgMOJXWnvf4F5DRt18Sgdem02UgdP08CHfX8lytIT3d2KaKe70Yz79H811YjlXNVmdTAc9mNifRh22LuR7io9MsXccPfowoghDGAfRMlZqpQ-w92GRPB2Z3QEyc8ApOty_xqsgPnkKQR1jcHppPjl0M0ybsxUPfEIJtaHKgPJP2SZlymF7k7rzPYPT9JeHRZS9YlY8vJUMx0fXltdnpLDQ_OazXiUqJxOMsf4aOB1ApbxrNKk9ooLd3vm6e9YWqRiUet2kn-rb1ZQVehaQq41hthc6J4zsOBa0g4SukU5zsgXDfE-Z1U6VK3Drmar1-cNoae_9t2jNYwOebwla3JsUkfsRg-O5dbFOVW7NsOF6VcMQGMeUTKWpfJqhUmF-s-8Rcd9vnvY7RaDN75PXH3ydCuB9RDvSTG8YYh4hcoO-5c_PoJZPKjuF6q9utcYDiAv81f7nufjXAFdK7RXOd7eWARxOlN0m6Xoa1zC3RTzZsib-cAjSVV6IFX0FNXWJDqbB99zybSc9Mm6JMAgdWhuGpJ_1AmTWgpfvk_2BFUUv6tnalzhjUqfgV0ga1VcdRbtbMCsL2kq2ILDhOpIRRhofhmcqLUyKWYT5MXm3QbT0Z0JJ080HB5Gh4-F9kGFK3UOnFjifSM2GhYD85pP2FjZcF8AvINjFLnKuR9F-fsSja_11SRO0izgkm6p_AZROIqj3VIS2-XTrPh8NINYWGTiSM2_AdacJi5pLb3yzcQyYSZDL70ccDgdXK2XoRGxkXcpumdPcf6WX55K9PVWjIZKToLXGWBtI4jPltjk_NNOxXAo1X7XH394vNEShgYznqMeXR0969TIxMx3uhTuIoawwkePazC0ZokaWnNBApW3JxrlU883P8CNSVw1_jRDhWrDuyT9d-TqPeOgmDa2Kf6g8PUSL7BwOZRFiWki8-_rTduoefQyuAOHxSyUs1im3LhWke0jweaIgYex5CciS8TLuM7-BbM_9bh6bY-Lm9HkMG-ZZ1ZEAK6cLkvTJda0sESRvW2HWvjY-sHpwGuAoEhy9zk-r6L76IHsH2osx9lCw_mC7e-yiEPkC_O43vS2qj3AKg0hogsHT_gwuZtjojZ5_Ea9nsGILvFz_Qwlsd9R5s0axnLMvz-Mc39dA91J7ClFQbbvsPBEux1YN9H4p7cW4QjEB3JG6kf8E8IvzscxqEmknm6sTQYf5hDC0FXdUZ_DSMyfx_b7r53Brb0337jAaX5bPtIioUE3VMoW43K4JxtzrUwLrqyP6iOunMi4gT6akH8FUGWYJba1Hm8wfbAP2J7ic_ZaZPryjIxn5oBdwZd-78dnbdr1V7LPvjEO6ghM3Fkj0K37YBKIfHbD9bTFnoYDaCoLeBo0uuk8bexQj9y2Oyu93LYXx7bjyY6Tfn0BCwfUXSLfQerrJGlrhMfTqVps4HtN-e2txrKCzHWTIQzfk1SyNu3hAzYT5waONQtKjsPz3DY4giCX3twrHrATqWurT7LaFaJA2mFadNW_uUR3I0BVzDQBen2W7qpiHvwCMUciPSE_eV3a3bc2ls2cFPS9JPJoVMYJZHohkIPZXxkRzUdbS1uC7WBOUp_J9H_cDcWFR1JmM9fZ-4aayob7lQmUx9IuVLgC-E3HHspB_EhXO4NTqwTvSyCjCTxNlZABZmk4RxHBGa47Rwg-CMAitCtkdLLxslICEc9YzfO_245SlaZ2fjG7Qe1vy-hxTwQ2ZShAyx9egom0JJ80ibQDH1vrf2ibKmeLG8hDvatDTJN8-z3qhPANjKfH-dbjFxjWitGnWWJe7tiKiU4DppWdAPif1-2HvNTlaNL-sY9bACKYGiv3b96QlFosgxMltW77h31pGksrr9PEJtn85zR7Q-pLaqpMLaMJkh-o8LN_sLiMvU3JqNaa_39PqhwwHuEkQYlv0_9tB2jQKlzCiT41qJULUrSnDzxQVkB8Y94AAk4EzAZR_hwDt1LP7LE2sW7CXWNRqnH_7iVFhW11ms1hOJmGtw7vkbL1EpYZTgq5l24G_Tt3XJie9EHEZxc_u-rxfIix0U_wjF6Vk8hWSyiaGTF0eT0ykQ8uObIs&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.farmonlineweather.com.au%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 19:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 19:22:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame B99C 29 KB
11 KB 384ms
204ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 18:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11172
x-xss-protection: 0
server: cafe
etag: 1193498290069121257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 18:36:54 GMT

GET
H2 200 520-promotion Show response
hbx.com/women/special/ Frame 7477 0
0 1594ms
1189ms Script
text/html 18.155.68.48

General

Check archive.org

Show headers Download Go to

Full URL: https://hbx.com/women/special/520-promotion?refid=5db0c98781bef&extra_data=&utm_source=affiliates&utm_medium=clickwise
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET /
www.wish.com/ Frame 7477 0
0

GET
H2

200

/ Show response
www.semrush.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/semrush.com/
https://www.semrush.com/?irclickid=2T8Tjh3R%3AxyNWLpwfg0VZSHFUkDSnT1HXUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius...

0
0

566ms
361ms

Script
text/html

34.120.45.191
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semrush.com/?irclickid=2T8Tjh3R%3AxyNWLpwfg0VZSHFUkDSnT1HXUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius&utm_term=
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/?
Protocol: H2
Server: 34.120.45.191 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 191.45.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

Location: https://www.semrush.com?irclickid=2T8Tjh3R%3AxyNWLpwfg0VZSHFUkDSnT1HXUjWwE0&utm_source=berush&utm_Medium=impact_radius&utm_campaign=1394912&utm_terms=&utm_content=&irgwc=1&utm_medium=impact_radius&utm_term=
Date: Sat, 12 Nov 2022 13:16:50 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET

/
www.claires.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/claires.us/
https://www.zenaps.com/rclick.php?mid=5387&c_len=2592000&c_ts=1668250082&c_cnt=922583%7C0%7C0%7C1668250082%7C3CefZBFQMcwYExeT6fMFVp0aWtnYQ5aJF4P1T8B2YckAoy%7Caw%7C0&ir=7b447e30-6277-11ed-9d10-2262c...
https://www.claires.com/?utm_source=affiliatewindow&utm_campaign=922583&utm_medium=affiliates%20&awc=5387_1668250082_05c38ccf036adb03312dd003d6ccdc1d

0
0

GET

/
www.tiqets.com/en/ Frame 7477
Redirect Chain

https://www.tiqets.com/en?partner=mtac
https://www.tiqets.com/en/?partner=mtac

0
0

GET
H2

200

/ Show response
www.olly.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/olly.com/
https://www.olly.com/?irclickid=yKXRiM3RaxyNWLpwfg0VZSHFUkDSn3XXXUjWwE0&irgwc=1&utm_source=Impact_Affiliate&utm_medium=Linkbux&utm_campaign=Online%20Tracking%20Link

0
0

758ms
320ms

Script
text/html

23.227.38.74

General

Check archive.org

Show headers Download Go to

Full URL: https://www.olly.com/?irclickid=yKXRiM3RaxyNWLpwfg0VZSHFUkDSn3XXXUjWwE0&irgwc=1&utm_source=Impact_Affiliate&utm_medium=Linkbux&utm_campaign=Online%20Tracking%20Link
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/?
Protocol: H2
Server: 23.227.38.74 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

Location: https://www.olly.com/?irclickid=yKXRiM3RaxyNWLpwfg0VZSHFUkDSn3XXXUjWwE0&irgwc=1&utm_source=Impact_Affiliate&utm_medium=Linkbux&utm_campaign=Online%20Tracking%20Link
Date: Sat, 12 Nov 2022 13:16:50 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
stripchat.com/ Frame 7477 0
0 1235ms
711ms Script
text/html 104.18.63.130

General

Check archive.org

Show headers Download Go to

Full URL: https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.63.130 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET

/
www.saksfifthavenue.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/saksfifthavenue.com/
https://www.saksfifthavenue.com/Entry.jsp?site_refer=AFF001&mid=38707&siteID=xALzvpIGBAw-ElIq16LAzYJ775b6wiv.aw
https://www.saksfifthavenue.com/?site_refer=AFF001&mid=38707&siteID=xALzvpIGBAw-ElIq16LAzYJ775b6wiv.aw

0
0

GET
H2

200

/ Show response
www.buckle.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/buckle.com/
https://www.buckle.com/?ranMID=2652&ranEAID=2126220&ranSiteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&siteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&utm_source=aff&utm_medium=a1LgFw09t88&utm_campaign=1

0
0

831ms
514ms

Script
text/html

192.229.189.136

General

Check archive.org

Show headers Download Go to

Full URL: https://www.buckle.com/?ranMID=2652&ranEAID=2126220&ranSiteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&siteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&utm_source=aff&utm_medium=a1LgFw09t88&utm_campaign=1
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/?
Protocol: H2
Server: 192.229.189.136 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

Location: https://www.buckle.com?ranMID=2652&ranEAID=2126220&ranSiteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&siteID=a1LgFw09t88-MY6PFOs6xY.CX06uhS8TPw&utm_source=aff&utm_medium=a1LgFw09t88&utm_campaign=1
Date: Sat, 12 Nov 2022 13:16:50 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
www.ebay.com/ Frame 7477 0
0 1393ms
546ms Script
text/html 23.53.160.118

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ebay.com/?PARM3_ID=GBH_168&FF11=GBH_168&kw=636f82c94fc3c50001a2fd99_14441&mkevt=1&mkcid=16&mkrid=711-155609-835623-2&ufes_redirect=true
Requested by: Host: hlmiq.com
URL: https://hlmiq.com/vu/us/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.53.160.118 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://hlmiq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET

/
www.iherb.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/iherbcd/
https://www.iherb.com/?clickref=1100lwhNZmxC&utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232
https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

0
0

GET deals
www.agoda.com/ Frame 7477 0
0

GET

/
de.dhgate.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/dhgate/
https://de.dhgate.com/?f=bm|aff|admitad|1019090|1d26e7a58f38e788b551189e46ce8eb7|197649||

0
0

GET

/
www.zulily.com/ Frame 7477
Redirect Chain

https://hlmiq.com/to2/zulily.com/
https://www.zulily.com/?irclickid=S9Exyh3R5xyNRw2xKQ3XYSymUkDSnTxPXUjWwE0&irgwc=1&tid=33338180_1020116_2334778_Linkbux_9643_zcvp2_&linkName=Beachy%20Picks%20by%20Personalized%20Planet&SID=

0
0

GET /
hlmiq.com/to2/ticketnetwork.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/nolo.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/smartfares.com/ Frame 7477 0
0

GET /
drop.com/ Frame 7477 0
0

GET /
www.rentalcars.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/menswearhouse.com/ Frame 7477 0
0

GET CZKad8
is.gd/ Frame 7477 0
0

GET /
hlmiq.com/to2/tirerack.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/hsn.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/myheritage.com/ Frame 7477 0
0

GET /
www.bluejeans.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/appliancepartspros.com/ Frame 7477 0
0

GET /
www.lightinthebox.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/coursera2.org/ Frame 7477 0
0

GET /
www.modlily.com/ Frame 7477 0
0

GET /
www.kraken.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/gentleherd.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/ashleymadison.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/princetonreview.com/ Frame 7477 0
0

GET /
www.hotels.com/ Frame 7477 0
0

GET plus-size-clothes-vc-23-1.html
www.rotita.com/ Frame 7477 0
0

GET /
sproutsocial.com/pricing/ Frame 7477 0
0

GET /
hlmiq.com/to2/anntaylor.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/crocs.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/forhims.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/revzilla.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/hotwire.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/priceline.com/ Frame 7477 0
0

GET /
monday.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/seatgeek.com/ Frame 7477 0
0

GET /
changelly.com/ Frame 7477 0
0

GET /
elementor.com/pages/elementor-cloud-website-c/ Frame 7477 0
0

GET /
wise.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/ziprecruiter.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/ancestry.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/bookoutlet.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/skinstore.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/forever21.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/justfly.com/ Frame 7477 0
0

GET /
www.vrbo.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/screencast-o-matic.com/ Frame 7477 0
0

GET /
www.trip.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/hulu.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/mango.us/ Frame 7477 0
0

GET /
hlmiq.com/to2/shopbop.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/1800petmeds.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/finishline.com/ Frame 7477 0
0

GET /
chaturbate.com/in/ Frame 7477 0
0

GET /
hlmiq.com/to2/bloomingdales.com/ Frame 7477 0
0

GET easy-email.htm
www.aweber.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/caesars.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/fragrancenet.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/extendedstayamerica.com/ Frame 7477 0
0

GET /
buyee.jp/ Frame 7477 0
0

GET /
hlmiq.com/to2/allbeauty.us/ Frame 7477 0
0

GET /
hlmiq.com/to2/onetravel.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/prettylittlething.us/ Frame 7477 0
0

GET /
www.canva.com/q/pro/ Frame 7477 0
0

GET /
www.expedia.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/nike.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/cupshe.us/ Frame 7477 0
0

GET /
www.itcosmetics.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/shoedazzle.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/remitly.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/homary.com/ Frame 7477 0
0

GET /
www.getyourguide.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/booking.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/alibris.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/kobo.us/ Frame 7477 0
0

GET /
hlmiq.com/to2/reverb.com/ Frame 7477 0
0

GET j19u1ne5
offer.alibaba.com/cps/ Frame 7477 0
0

GET /
hlmiq.com/to2/globalexpress.rakuten.co.jp/ Frame 7477 0
0

GET register
www.binance.us/en/ Frame 7477 0
0

GET /
hlmiq.com/to2/udemy.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/myfreecams.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/ssense.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/bestwestern.com/ Frame 7477 0
0

GET &lkid=69324
www.rosewe.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/mybookie.ag/ Frame 7477 0
0

GET /
www.miniinthebox.com/ Frame 7477 0
0

GET m
resistcorrectly.com/ Frame 7477 0
0

GET track
bongacams.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/princess.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/armani.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/hp.us/ Frame 7477 0
0

GET /
hlmiq.com/to2/feverup.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/nordvpn.com/ Frame 7477 0
0

GET /
www.viator.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/abebooks.com/ Frame 7477 0
0

GET /
kinsta.com/ Frame 7477 0
0

GET /
cex.io/r/0/up111785894/0/ Frame 7477 0
0

GET /
hlmiq.com/to2/eventticketscenter.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/thumbtack.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/maccosmetics.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/underarmour.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/travelocity.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/swansonvitamins.com/ Frame 7477 0
0

GET /
www.hotelscombined.com/ Frame 7477 0
0

GET /
www.thelotter.net/ Frame 7477 0
0

GET /
hlmiq.com/to2/dressbarn.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/childrensplace.com/ Frame 7477 0
0

GET /
www.walmart.com/ Frame 7477 0
0

GET /
www.freshworks.com/live-chat-software/ Frame 7477 0
0

GET /
hlmiq.com/to2/fiverr/ Frame 7477 0
0

GET /
hlmiq.com/to2/bhphotovideo.com/ Frame 7477 0
0

GET /
hlmiq.com/to2/dermstore.com/ Frame 7477 0
0

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 266ms
266ms Image
text/plain 54.202.29.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=soo8h649k&_kpid=3220481e-9545-495d-b98d-6e863d0aa1af&_kcp_s=farmonlineweather.com.au&_kcp_d=farmonlineweather.com.au&_knifr=10&_kua_kx_tz=0&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kpa_domain=farmonlineweather.com.au&_kpa_page_type=weather&_kpa_primary_category=weather&_kpa_sub_category1=home&_kpa_sub_category3=null&_kpa_cat=weather&_kpa_ctype=homepage&t_navigation_type=0&t_dns=0&t_tcp=397&t_http_request=-1&t_http_response=21&t_content_ready=4482&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&store_user_after=xy1oh52df&_kurl_=https%3A%2F%2Fwww.farmonlineweather.com.au&sview=1&kplt0=34328&kplt1=34329&kplt2=34629&kplt3=34631&kplt4=34632&kplt5=38604&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F3220481e-9545-495d-b98d-6e863d0aa1af%2C502%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C267%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2CNaN
Requested by: Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.202.29.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-202-29-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: beacon-n018-pdx-prod.krxd.net
date: Sat, 12 Nov 2022 13:16:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=74 t=1668259010
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 60C9 41 KB
15 KB 493ms
192ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 23:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 23:48:41 GMT

GET
DATA 200
OK truncated
/ Frame 60C9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a81e10bee53a7993bb306ab4e74c1160aa411b1eb378881100f4156be00c76c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B99C 41 KB
15 KB 473ms
194ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 23:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 23:48:41 GMT

GET
DATA 200
OK truncated
/ Frame B99C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66f1780cdf327373c70f5845e8465afe896d3bff16f82b2075e650b4836cbd0b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9EA5 41 KB
15 KB 499ms
256ms Script
text/javascript 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 23:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 23:48:41 GMT

GET
DATA 200
OK truncated
/ Frame 9EA5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd289b647bf0b798e05dd30f53518cfd4843cb1321b3dc815b2494fac6202ac

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 208F 42 B
64 B 197ms
197ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5ex4Nnwy6sWmgePiDaTiZTSXddcRdUp2iSmh11rNMWrtS2rZiBTn2Gy2tS6iYF2ARV0lOBDrcQF3hCqu0kSB6J3oQk_g1YmAdBhGAKDKCs_QbeZJN_Uv8JYDCDP9rQ_UmkXaD&sai=AMfl-YT-MUR1mMiu0RkgfiEmKNGuIoZhCj-327zMzXSH_FG3KCOuaiB0TnOzSA635acThrZad7U0qw8WQOVix48tFdKsA6AaOO5b_L9KOxPe9ee-wjPMlf0LUUHSd3WrJeTkoGk&sig=Cg0ArKJSzA_7khMM_wNPEAE&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&id=ampim&o=985,245&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1067&tls=2067&g=100&h=100&tt=2068&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.farmonlineweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15901327962251256393/ Frame 9B02 27 KB
5 KB 607ms
221ms Document
text/html 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

ea0608a11ab491b62ef01eb6a704f921db83a535dcbda2c4ba037f17f6fea3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:50 GMT
expires: Sun, 12 Nov 2023 13:16:50 GMT
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60C9 0
0 596ms
207ms Fetch
image/gif 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstsChrfvbQxmrW1nEHVLzadteqBkzFkYN3hSCKqIJOig8cCaj8JVJmS7rzNej4fs4ggbgT-fxOJVW9398vGYZ5XGF9KlgyYNu7nIc4GbWfq0vu7YjyxBlZ637Y_3lQwR0WsFM3k4XXhhVTK4e7XEp6FQE0W8uZCyooVyp4Kg_fvQKsM7sS6jdYTAPLTEpRofj-erVd_rvdu7BRrTOFcfpOSn21v55W0ojpOC2Kec2GcoR1E530dAg8s353zpzrGMJ2_el2H7fYrMM6_6hzVALKplwSfn80YdJnL5TuPn_5NRP4vw75F9gXVkfAZlk_1mkCBjVHOkipIFc86HBzvPY78Opk7wc_rObyz9D82-HS3XqJ3PTUJoG4v3TaxuwooGPjoYR-JkGrqMXUTpW2vpJ-K-KrtxPsGQS0QFDQNVueyLxFk3ZZQxPpoZ8dtxMwNvEXsOxrW6xO-2EwTOExtLACsLRZKITfGETmvNxXTGnLiN2tbLScbUCe1Agxaon8S__ukTS3iQEktVxxY-tC2GVt7Qu0nnn8j-aGwPWsXBYW-x4hIO6CtJ4oI8zDxNSW09AToIOqiV0G60daTZRDYqMYxFM4hz-u8MpnBot05Sz3VVm17VYtZe1acQHsCsovcxd_gNlxuzUPAUVO2VGFYRLsdu_t6eBV7yA9zjxc2Oi43iycWSrA-enYqGeCsMEJXjoP5NuoNt4CfG8m73lYPQ--VJv65FwpoRjSWt0rOX67tGtiVmtMBb2bkcPHBqehsMO9shvmMXx3g_ufbnFM3G7u-uMR4zsVim9v-cdjUlOmouUZocVWR6B23qGAojQnRmx2Qx7ft3McAgxJHrrh8-bCfyuhY880tLOQzWqPzOwOtL3TV5DZKLsQlKXHVf1P9eQjBpaRZs9FP2U9YSFhP_kcYYUKEfHqaA-5VnB807E73TaPCR2t6_rx0pS4M93wi3EhUkSmz7MzF4qAH89JMYjc2npvHGBkmFrH1cClpTLF9lTWm67p_B4X0zy1cqvGMKoQz_5ukRzX1b_TNAnSNDCpUWvzdt7AizGt26vM-M91-W7h-UJV4DnNhhg4MmFqDruSA6ym0HZ0gz97RBCtKehS1DY30vhc0rtGnFc9_ABYas4-oFwIoGIv4qAMAY862QRd5nBvoCiXavr20tUltXOj6b_bXfwGMTRAOW8heldzpAcyKrPAJWqF7uqM23KG0flTP9np5_4wpe0Thb6A3GrjCP9iPrXKk&sai=AMfl-YRwuDM1_BFVhCH4MOT2Fi7WXetrS6gLJbP6NuVZSu6HYWsBPxqCsi_47N5d6oB6pMJY8nlP0gJZIp6dK6LnUUbYRWHulOJoPvV6UVvXpH6jrwso4DXfQlERYTBIlAL2789wxCzXOcIDnQluKSj09kKNPwz0RRlkyVqOARhY_CSGBVUeLLmQenVhYNSNMTDWRonkTWbOpJlxoDDdCzHVXEbi2jmpse-MkqqIoE87HNz3A6bxTjUkv04diG_bO9gtqsEhg7BDJPwhTzrTXYF0L7w&sig=Cg0ArKJSzLb6dL0r9awkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=837&cbvp=1&cstd=834&cisv=r20221109.37137&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Nov 2022 13:16:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Nov 2022 13:16:50 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11134109870241100064/ Frame F787 28 KB
5 KB 372ms
200ms Document
text/html 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

cbae66d39827be563de7a30b908fb58db7f31e65424d1dad3b49b9ca94bfdf9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:50 GMT
expires: Sun, 12 Nov 2023 13:16:50 GMT
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B99C 0
0 382ms
206ms Fetch
image/gif 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTr5h9Bq-8wXOMnYhowb64DI-ElWBtXklRzUn9YjqnGnc3-Hcp9up-3wehECqRWjNiDkpaBBx96NMYgwb18k_tjgI5BgWjtyI-ZP4XkxBFZcZYccbAGjKjekswREMYWZKI3HXGcqU3XaXo209NMM8Shyun8pTOpL3V5XF7LItHRVZN_8w3Vb9_-i0tc1ohLx6tW0xAlkcHebozsrLW5nmAPH_3zWOFDUFZom44RrV-7we9DvGewA_kKg29St7HiGv5ogsBSJl6IOOeIZRVbe98sRB2VOT8i5v0P6M2dTlaHIAimtiQBgckTMSnXeRDxSNhsUWpQPHZF61zWPDLO8msTLJ7UCJ20bYyeb3iAG_ED9hOyj8tsziKts5t9RtozzkNgkiq_w9McpxvHZjKZM-T5MBY9KDoQo7rsvhUU596hJQA5UwxzLtmtlTeP-3J4dhP_bikkNsnoj8aWpVJpVpfQfJb8B1veb8x1W_h6Z-DknHBTIn6hY0n94B1l2Q4sm47lARwO89movFE3lgQODYxaN3mfDkcct4QNO0q_0UR9VCYBPRvKTDYicq6jYyyu0NWorv4D6MECIwTBITkTWe_8nv-z98sW-1D-kDU5zxXMk1jZ3O8Vi5DYDAuvU9mt50uVMg3KXggfJatI4Z8va8t6Vs9B6cCmgvPuhEEvaGyp_KTmceImY_79AItUaGg5WuoGbef-av0P15hDzCJXVZYRTN9c3xD1pEFLsCD1s5JB7tjQlTQRtzVyR7F_POP8QS2J_8wXS7JjaVZzh0oNiScdXIZJPdsASYZ91Y2Wpbzah2T-YO2B4TR26tVYT6vKIh6uvggrQJlHtrT_yTCUhz5vMXOknechDmAZAQBXkxlhf16EvHD6jfURkUVAAvMI6qgf2uKvPNgLAN-FwmRZHgKRNoFl1NCLXGjWCDOx64m0c4M0KZBdIoQ0e77QG-Uo3IbZV1mNMrL6XPqmVmjAqhzH_Vic55_msZEQWiIvZFWgJNzfe0IVX-pDZn7NtaFojU76zr-t67-oOMCLiV0FT-6NXZFYvYVE7EYJHJjwUFdvOp1D6nsxJA1d9nP578nLEQc8Tq61mKEEzl_lIVzeo7POKwdMUulMAjzMlAmaoaJucU_4OqHNR1Rk4v7VuXxWaiyo6XpuWTYUHIqhWYSWQlZSiA5odRHDbR4vaAOMcdpuT83GTeqinGj1VeEPxb4UHkcG8ApQb91m-Pzmgs&sai=AMfl-YRdi-HIrQ8GDl2iDVDrcoRZJx7gWhWFaSFKVA3W9L56kfy2aOhi1WyhaOQaSTPnRorOwyHI2Yc0nm0uzdoqo1Qy0iEHvC_Ul-6xc_JcUemxrA1ZnPQSnrGcIJb0m-mytsB5_AOIU__7C836NrVQCjiPXiG02TomsEoNgQw0pI5rjxvfVqEVI2CosgrzpdAL9hPBCXXmhd7ejjWd86Tk4dsz_UuxCJSpTg91B8WDPJYh_YuRdsb4tUTBiYB0jSFNqhMml8L-bemLFv1vSy-ThCk&sig=Cg0ArKJSzHmgv0WlMO2UEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=834&cbvp=1&cstd=832&cisv=r20221109.40839&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Nov 2022 13:16:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Nov 2022 13:16:50 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E848 22 KB
8 KB 193ms
193ms Document
text/html 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 131785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 00:40:25 GMT
expires: Sat, 11 Nov 2023 00:40:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15901327962251256393/ Frame 5C15 27 KB
5 KB 401ms
247ms Document
text/html 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

ea0608a11ab491b62ef01eb6a704f921db83a535dcbda2c4ba037f17f6fea3d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5350
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 13:16:50 GMT
expires: Sun, 12 Nov 2023 13:16:50 GMT
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9EA5 0
0 362ms
205ms Fetch
image/gif 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYLzE9ne7sLoH7M_2XJ5kyIQ_2F3lf5kQWkx2AOWuUBeSKzUKBRexdi4_h-Tna4btypX0yKTd82VFWRWgpYPl0gGem0CJIqvUJVPHzeikQEnCZ-s9KP4jd_FD-0PSJlEFdm-Szb-KGBJI7rbg7c02VxfovVbelcwYgGofSMEA8ie60jAUUh2mUN3g1lprtZhtBVSBjCG9_u-2WntQ4ZGH2SL_LKpXFu4kxu7dcqSj8NxGaF1lXAnegQt5CPaERw3afwhwNBMldQmdpd5N3nrQ4tevOIWyOoIvQhLFGWKSzPBMd-SCf82byp18uyJGR487R8yrXfbgDnbwgE-rEjEkkeOixEZD355sCqIq1Fusl6VgNSvBI1B7qaQeydgvVOPwBPN6bUVI4bINDVnDpaoBmGyMkOURatxyY-sn5fnb4uZbsMPsf4qybTP9--1no3jRAWQdl9QvTxQp5uvzHmaY5vQ0oOJ-sfjGuExbloXrs0kHRi7F9ujW_MggH7V3ChweUSb6AMIK5EZXOWpSUX2PSFmj9jQWbR7eLrjKcMJ7bqlTE4dUWyJYipOPr42CJP4vilmTNVAum37NY91qYYpMJFT2BUpb71tdYt6oRe8Qh1LyP9_84pYvS0Av0YjbqoNHKQ0dCuoUtxW6vmsI-qJHOeKLtAb3IYtBATMg9w37chhfmxzTeM_Z44bWib470AxKgZayuVzpa0JFZpS4IkLsCkifbZOErGJISBQ_VCprbCcapMSrx77UDPMn3nmrydIXqKT5M67_bwoTWMp12jjJUtVNDtxG7lAdtwwb32Y6OKtSJf0bb1Y5zJtjAqAAzJ2usptw1mBRMIYCRcZ73BI831bHzOgTggog2l0GtU7RCKlN5WKoX6UfQt8uoCfOnXcW5EHna50l-aNlIoW3I0m_q-NdaeWdOG9fYoupBpVEQu-wn6QdZOCTGlgyeLc58GCaNjzQM-8L6VqtquwcmEhAHeL8XwB_YF1KdT6fQEeaBujglKnFiD6U-RbOcOR9HKFBeGDy-B9tBmezyWJ4zuHAZxT-absbGJZZ1yUoEXof8Vl1IPZZefodC56KehlJyIFfwOxupfQa7isec4W6WOUBhszaywGJIMj3ZtaFRoRzViEprGC8CyEy8i-lO9KSRTqMWLnEv5AuV7qOYjjTLSfapp1Q_umf_h2w6s2qErw_nd270TcUTG6I-YwYsabXc1ZpSbXh1_SV9MSBtBkYwnAO74X0fEDr-&sai=AMfl-YT6DULm0NqCDVl1QIFRexWYa5qoi9aJJfwC-gysrkRzyylaXdhk7c_ZhLEGeEcUbcbi7Di2q0kjKqjM88ZZRXA-aRL1v1PR5yrEfaiAmYDHfWEFkmuCiJl5xJ7T6LAdkw6D0GZjSso-tkcg8I7usgUVZEHBGS5P5vfk-bjg7WXL0Q9xebyO67EsgoZDLGJ3qe-BOZ5u1-7qwG1pmmtTbDIiMw3CxWM6K4__KQT5TlbmxzQir0wlny8lBKF5qKRjiYzbvnTWQ4YgDaAhebhLSqU&sig=Cg0ArKJSzGNg_NxXMtN-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=938&cbvp=1&cstd=936&cisv=r20221109.45516&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.farmonlineweather.com.au
URL: https://www.farmonlineweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 12 Nov 2022 13:16:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 12 Nov 2022 13:16:50 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 05B2 22 KB
8 KB 193ms
193ms Document
text/html 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 131785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 00:40:25 GMT
expires: Sat, 11 Nov 2023 00:40:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B99C 0
20 B 195ms
194ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BeyzgwZxvY8GNGNa4vgT8vY7QBQAAAAA4AeAEAg

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2EC9 22 KB
8 KB 197ms
195ms Document
text/html 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 131785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Nov 2022 00:40:25 GMT
expires: Sat, 11 Nov 2023 00:40:25 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame E848 36 KB
16 KB 193ms
193ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 03:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 03:44:05 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 05B2 36 KB
16 KB 193ms
193ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 03:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 03:44:05 GMT

GET
H3 200 53eb231cf7b5abb9e064cbe0f047a75a.js Show response
s0.2mdn.net/sadbundle/11134109870241100064/ Frame F787 82 KB
21 KB 201ms
201ms Script
application/x-javascript 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/53eb231cf7b5abb9e064cbe0f047a75a.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2a7bac7b06d018f2f546d64c83cd08fd8cf683682797f5fe83ca09715f3949e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 f0f20b08f6bbd0f7ecd602a460e9931c.js Show response
s0.2mdn.net/sadbundle/15901327962251256393/ Frame 9B02 74 KB
19 KB 281ms
280ms Script
application/x-javascript 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

ba63e246385bb9b278c02256c49ccf80b8827b45035e9b5a6e80110955e43878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 f0f20b08f6bbd0f7ecd602a460e9931c.js Show response
s0.2mdn.net/sadbundle/15901327962251256393/ Frame 5C15 74 KB
19 KB 333ms
331ms Script
application/x-javascript 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

ba63e246385bb9b278c02256c49ccf80b8827b45035e9b5a6e80110955e43878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19860
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EC9 36 KB
16 KB 193ms
193ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 03:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 03:44:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60C9 42 B
64 B 585ms
199ms Fetch
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutf6kDKf2wU8HLYENnZGkW0Fr7H0rTZNP8n-Y4om2_yx54EpTq4jqvQ2hDyGmVj-gRHOXs6SIXh5jGtwAC5mgAmpeeS31n5LiAWodL_oR574404zcM1q9TOXU&sai=AMfl-YQHVfXGIfjB6I3H1pkuEwHO6FYt3r2fUL-Py2zRAhVu8BNtlHcA_XqKMIoLJHK4hPSLrRTHgRmLpKROPF3cYVNosXeIpdqqp1g2SEIaq80YJbf_fdlDsg3Hl1pPSDvc4YU&sig=Cg0ArKJSzJIIxoCdDfjmEAE&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&id=lidar2&mcvt=1001&p=952,315,1202,615&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=102493410&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668259008201&rpt=1931&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E848 0
20 B 198ms
197ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjr7JwZxvY8G5DM_cogO5wKewBAAAAAA4AeAEAg&bg=!tLelt_PNAAbvMpMzzzI7ACkAdvg8Wpup6rG4OWAH9I6t3YGOZlC5eqAcMIkWyeIBT797OvOkRY57rQIAAABYUgAAAAJoAQcKAF2xbUQdnxARXzpF6jpu5uHgk2uktJXMjVvDH6kwTrBx0nY7DHvj7JFGcjvbNekBDTldgWJuPleEM5Bk7kPRXFN33AGJlHoRgFcI3vcQytAlN3_aTtOE1vwZW88yefOZAviPcThiWA3RDwf6vbkMNSQaVQA828UOW5OYo3OYJyd0VvSrfGuQHTu47Ri7Kmxt6ike-JPVAOjdxdm1IXoYTUpleVDhNohBT8h1RKshW1bOxPq07e-gfW-ScwJYPVxa0qCgAe-PTMaGNsmr_tSYzt93amoKl_Ve4yPIM9zbJ8U49es7WoAFmP4pVPg6Qo6j4xVc8_NgbGAi1LbSjeZXx_RS2r3zDbkcg1e2-cgnglGnOpMIilwtlEpy_1t9Rknmb5jErgrZBVMuIi7gyRobMoIM_HrvG-l8RwiCIMYlhyMKAJdq7lLGRPDbul8V7pU8NZHClQjbbTjoj2FW9aRh6odRVkxXydOddU_DvrCJqFUOC5_mE7OudcMP8ByyBjdJf0wUikLtdp2FAvHvtyQxJxkg5PxUcjHhhmu8Y75VC--cv2lqHg-ucSgnH2NBraWWphjChkWF8kUlM6ik9hd-O9RaNc_dXXHMnzeqh4eqjA0yMSw-LBq7BVFZ0ow6XqfQCvqw4IojzImxh2he98taTIDR9VD1IUUYVDHLIZCluMqd2P2N7jEijs6WPvtHrD6K6F7QYRj6hYEw7cyzSVJ9dHh52zi2R6AZeuHYPZBsoqZCnxlIbG_jiTUxolwOSadGF94rZ9lbRQoN3FG5xzx5M906Mzpeg-vPS-JgTvpmJbtHo1eQaxQXX2YwM4d61ZzQtlm-HQ0m80Lzm04rBHoiRCr9hZsGLdatifwcGQwj_lDaV-UHdoHS6TQ_wSiG9y8lS_t47jfxHuVsrMUG1EoYl503-ck9VuqiNjRcFe4A-deoswkgW7DdWv-FH5EeXUMRJRK3-AcG8oKuznUoIArOY8OBFWqBvz9DEy5e_TITNtqpX5M2NfreuWvzCGNeowY6Ljqyat2XbaTEA4fWKmrI-KlFdbZE1O-Ofmqyv__DX4EQKhaNjTqbUPoOF5K8BHjLmAfdUHsuVjpDTwDBOyMLs6MsKvLgYZ5qW2obidfDHJsKU_wwmGFLttbZ

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B99C 42 B
64 B 481ms
197ms Fetch
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthIsJzLwRWaz4RiARq7xGrevXrcTNxbiiqq_dUrhncFunKgkiOXWu4jdXOIX740O9BxM3Pba7NKr0Hneo584d6DJuaxaAdnSM-fE342eaaVqfLKc5Z7cFSkKI&sai=AMfl-YRv22qgS4TdyrgGLk7KkOWqylN7KL_HZuDCjd6Vlh8mmz-ynWCALeWH_zx6wxD3ISzCFgRNOc7d-iSiCVql0jdimKcgf1i9494_AUmfRz7tjtihw4zjKRaNXabnoaBVmhc&sig=Cg0ArKJSzGHvxTIrFo2GEAE&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&id=lidar2&mcvt=1010&p=37,561,127,1289&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2436397213&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668259008197&rpt=2032&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9EA5 42 B
64 B 454ms
198ms Fetch
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXCBUKW5sZ-FwPtSDgcbxncr9fP-JZx7IGK0TGp4b7eU27dy9_onRujGagjZkX9wY7O7r1T3S1Ygtv6C1eScv3m2e2zKzGUJAA5I9UKDm4WwQLhRQ4Ssg4ArA&sai=AMfl-YTjp-LrvEo01sFPr0UngfmsoNrSCNiLs3Z2eYSlR0RFmBp7jNHvDj-KTVrUWGQksZN61NXDbxra9UznMsI4g8Ut50OGnuBW89Nis-k0kPMzkLsRNIxzeGkf8lF3UOZdIjs&sig=Cg0ArKJSzJf-iY3c8w5GEAE&cid=CAQSPwDq26N9Jj8DylSlRYw5PTfDVbVa7qE2pJYymcLEgvb1odTq38mJ3Yp3p7v2GwiODH9LERgZaGoPV7ctsvmybBgBIBM&id=lidar2&mcvt=1003&p=1023,985,1273,1285&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=20&adk=102493420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668259008259&rpt=2001&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swiss721_bt_400_normal.ttf
s0.2mdn.net/sadbundle/11134109870241100064/fonts/ Frame F787 38 KB
24 KB 197ms
197ms Font
font/ttf 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/fonts/swiss721_bt_400_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/53eb231cf7b5abb9e064cbe0f047a75a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

a8e03a070279f944f7a497142ca614d011f53ec2a9a07d2a54f5a4283877ef40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
Origin: https://s0.2mdn.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 abf54445980b9e6bfd1ce6b4a97d3e31.png
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 6 KB
6 KB 344ms
341ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/abf54445980b9e6bfd1ce6b4a97d3e31.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

af202d13dcbafcebd49733fdb79729b4bfc90920aa2163932054b217494af2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5769
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 f623e6c4a6718a9b0b0633d7eee26018.png
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 6 KB
6 KB 335ms
332ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/f623e6c4a6718a9b0b0633d7eee26018.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

b91af4df8b807f687a9596fe0845445047ee08f65bc15d70afb695d84ca9b81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5788
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 b59b20c6ac8a249ea5f73cab597166a1.png
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 963 B
989 B 350ms
347ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/b59b20c6ac8a249ea5f73cab597166a1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2db52ed661db0fa7ae7a99f288d8edc8de191160e83f6e17c39e89bbd06e7a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 85077fa42c2dadb1801d6242b11d66de.png
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 1 KB
1 KB 313ms
311ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/85077fa42c2dadb1801d6242b11d66de.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

5310fc6d6947237399129ad86bfa9fa1a58b0d68bbfc3b44cbe717e17c3d4cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 158c2757305bd5c8e66c412fc6fbfcaa.png
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 3 KB
3 KB 618ms
616ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/158c2757305bd5c8e66c412fc6fbfcaa.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2d3479dc845f993ad53af5c69ff2781b477f58381f1d69f2a7b03bd7ce92ab1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3392
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 65146cedf64420f7e73ca63275a6d9ae.svg
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 16 KB
5 KB 317ms
315ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/65146cedf64420f7e73ca63275a6d9ae.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

77752e81f00674523ab56f2117ff416da20faa95b0c1e9ba1b371cc63bd5c81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 124da9f5b3ca3abcda614e0e8739806c.svg
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 15 KB
4 KB 268ms
266ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/124da9f5b3ca3abcda614e0e8739806c.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

c8ec417030d2ef6219261533519ac874d8ab876ec6f1e9f06738bb43e862f7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4058
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 99fab651e27bf876ce065dbf20f02028.svg
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 5 KB
2 KB 313ms
311ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/99fab651e27bf876ce065dbf20f02028.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

4552edb62dcae72c1ff94d1b39c67d63e91206baae09877a046b9d5d61a68525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2118
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 757f46f16abc113cbcd42fcb94234228.svg
s0.2mdn.net/sadbundle/11134109870241100064/media/ Frame F787 56 KB
9 KB 279ms
277ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11134109870241100064/media/757f46f16abc113cbcd42fcb94234228.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

171658a9c9a8c38dd55fe0dacfc775ebe0ca848dd991d4fb388c4170343fcd36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11134109870241100064/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05B2 0
20 B 199ms
199ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeyzgwZxvY8GNGNa4vgT8vY7QBQAAAAA4AeAEAg&bg=!NTalNnLNAAbvMpMzzzI7ACkAdvg8WuHrT7hA--SbZwh9Ckepf8LBobFStvAjYt2uRhOosrYPqrLIeAIAAAB1UgAAAAJoAQeZAwVV8bb8eU43Rh_8K4dRab47nrp9Ujk6tbPkCFDVEXifn58nSwKKoLjPYx9ajIjkATJt7poLJ5uYRaLRKsuBGToG4DTyz2vP70SgJr5PYHSl_5OiivUqZPGIS19xRgiQuWjKmZgsEMuomyOrETwVBncD3nqfvsK4wvjaC9Zz2eQxf_WCAhFx0GTByI2ahZD9A6gch-mMTDGYnGuIX_V-jdguGIJhs9wRh_qiMH9cW1f73xVHeJFuun6zrTItJ0g7xReqeffG45IsrTeeO6bOj0ZLFP-6c_WpwHkKuQQjwpmgBjh8rDYNb_vALBQybiiW9qUGmfvWcLLwFy7Ui9zPTGH3dpK6_dCO4hGHE8V1lctllg2liGb52SkKVl73c0ih03yJq3DjrEFCzay2bdguYUrCJ5tblR9PpGD-pkg8Y37V13eKbsxb0k89imBwaqAe_Jh4R4IUBmytrY8ubNITA-t1LmK_l8hJJUDW1VZ2f0jdyT-GC06A2EXXwFr0FljA_hx0bC3PxVtRvsjFbHlHo8LQMlzMQT6Wx6IKnV8m2goU4JwxzS4x-K__4_7h00p-zDXmq9rL_xh_Y4BaLY3QJHDCQU2Fg2xkXoiLG_iYC2ZwR601zwo32PWca2Lgdat4P_fxa2arTnj3HHqkZuTaiFAqwnqJFWt48mG0_zJg-W0i6LuarkLqK2unHSQ6bO4oA4xF2mOW88oEz0p21ndAWerDx_cYqXqqmwdNihpdzycCr9RwqQzGe3FVv6p79M2TrRtVlJSS_r_kF6lLE8uQR7OcNYLV84ZGM-DTh1jFJQx3JFGw9RJc9mlo4baBHiRRuBV_2lZRaQZFcBX5oPEWLugrIIQiB1QEtXljE5C_DHMJc4k84kNNqOQ0aYCSf0eBbVMucW2kbCqAFJKKC48n5fsoU4tNA1Mm7ls7br4HobnZ4yqxIIYxPLidKekUlB1-vkZETCz5tUYvofp77277HA_2Qcu_EGuffxSCWeUIlYOioQA18zrwYcnYFklemI4nKvniy-PYzw

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EC9 0
20 B 196ms
195ms Image
image/gif 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWPW9wZxvY4eRDYHyvQT9nJboDgAAAAA4AeAEAg&bg=!Y2ClYCTNAAbvMpMzzzI7ACkAdvg8Wj8Aw6Z3OfV30Oge50ZdRV8enRXr1T2jCMM1qDz_gsoSwEtdEgIAAABcUgAAAAJoAQeZAvl5JKQy_2Rdo7vdotW1-TY3RM7H-UFW1HIFTpqLN-i17iQDfOJhCyCJn4gPecl08gB02PN1QIYX_vYTOLCk3KbdRldBCFE-whAjQmaJiZWJgBKaC_MkBV2Pc0dJJPL6mdjr_JJwVf_wb1XgSvnHfPOrD7Br5Gn5OMbbzPGUybWKbyZWfDDWs7YwRqXk_b3tijxQ9bzhTIM2WNrODN5q9W2rTPLKImQIdS9rtbQqsepU3E9PG96VERm2RbnMEz8i526X8GlsiybnolMRozSr_Uutdu0KiNyzf1Ajdvj1gc_t5Q3728PZwCq9JAjPZM7cN1hgqQmd8DkE1iwFQTpQAZNh-5ZpIDY_ls8DTvn_C4sFc6sb1Sar_EO8pVT679zNQ8iR8iCSs2zfmHVr-cQjQz4CnFeVYAWtXedI3b6BiGfYaUQuroQ-oydOV-fsSAGOt5l_JOUz9FKLQgKQ5eEj9d8VFGylKCPT9P8ENxV1cAWGhMm-XesPyHdCb_uQdumkihz384mzd3hCQ2CsrG3f3p83B4l6T_QG8K64RLQBuFFnfnRJzZI_6WIws6lPIh9xqzmbPCHKd8MESkn4SToDpCwkkB4juqPIdY1XklT9xwsi6fT9JTTZmuRrZsfl4UDr5tsElxkNLIk9TOxlzUqcxCutO6f-Xkr5M534ShKZBDNEiNPMgC9JcgHWErPOT8HoIt-T7Fu1CeQtDy8u5oGdgd8VSR_spnBuP4tRonlZEHX7sj_z6Bb7lPoQsaZw5_S-YqsOpHrwiSE5H7vydcPeGSq3k_NklLyvHL8ghTHsZTXYLFX75diD7_Qy_TwILh6qmFRhlQC3_j3BvCaq3Hf3dIHHUH5Kw5ENeAEsRosyd3TLCX-kUyTOF0WglBzhrQhWlrfMBaGNqOA9kY3a9BqAaCc7p_r0D200uxOx27M6ed73jR9N01q5vkVBj1ykuF4JEvfgl1kJYCtPhrQG7N2UKo-XzVV0KviVi8pToxNzSADyai8cb45KL8J1sw

Requested by

Host: 06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
URL: https://06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ef55a09f66d0aa122161df9b64c338a7.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 22 KB
22 KB 224ms
223ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/ef55a09f66d0aa122161df9b64c338a7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

ce1ff810d526acf7451280109cddb94e649fda5fc4838ca566380abb39377b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22766
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 f922aed8b08534c2053e36805e578e82.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 23 KB
23 KB 413ms
411ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/f922aed8b08534c2053e36805e578e82.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2f5ff25e4ac6c680405ee5555ec8534a9ef2b49504054ea0974a30f753bd84d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23349
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 bbdd388ba50e0e8b2e6beecec09df899.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 4 KB
2 KB 220ms
217ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/bbdd388ba50e0e8b2e6beecec09df899.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

b2877dc3ad113488272acc0a80c066e203955c7b2a61b545265dcaf11afb8b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1631
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 93720b31ce0b6f88fd4e5e64e2705eaf.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 2 KB
2 KB 254ms
252ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/93720b31ce0b6f88fd4e5e64e2705eaf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

5e0f8fb707f75d6369464a266016218dc454a1c22295f2866da0f59d05c7e7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1926
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 391ddc9f2572e118349232d2acc4bf35.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 2 KB
2 KB 257ms
254ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/391ddc9f2572e118349232d2acc4bf35.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

fd67c84e99a4d7a5ad6eed25d31484916433cb60a20c5b8677e1325189f836a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 924390c26b35251cccd378af48fcf0f1.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 20 KB
20 KB 328ms
326ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/924390c26b35251cccd378af48fcf0f1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

7bdb8ccd0078c5bc18c1e5f8aed6a7263bbb085668ed7f7d7d7b2f2433907e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20042
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 e9b0a450f9f97aa43c60863b160f5c22.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 11 KB
11 KB 298ms
296ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/e9b0a450f9f97aa43c60863b160f5c22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2f42c1ef2a202ceae4ed4edbed4d5c8005593cfdd5d6de1a8ff2d589539d46a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10835
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 deca8d031f883f236ad6f87c631caf16.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 2 KB
1 KB 293ms
292ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/deca8d031f883f236ad6f87c631caf16.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

d0dd21f8c322d3a03ed96ad7c0f432978cf8c2f9a886370d3e403acd8ab7c2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 50ac8ab81424d4b2cacf511b950cd2ae.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 13 KB
4 KB 491ms
489ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/50ac8ab81424d4b2cacf511b950cd2ae.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

beb74b75060233657d64bb4a0d8274e6c2de09cfcfa13d936d7163dd2c146590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3627
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 ca978701ac8fad1c4daa6d8e56cf5aaf.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 7 KB
7 KB 207ms
205ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/ca978701ac8fad1c4daa6d8e56cf5aaf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

7f96497aa8fcbaf6789cbeddec3103e0c6b3bca2ca90ad52124669eca8c1261a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 2a8a5273067abd6dc39dac968301e184.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 15 KB
4 KB 320ms
318ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/2a8a5273067abd6dc39dac968301e184.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

a893725854c1174e0460fc0a9d4744c947e9b00b9dd23c38356b7b6fe6236233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4109
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 99fab651e27bf876ce065dbf20f02028.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 5 KB
2 KB 218ms
216ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/99fab651e27bf876ce065dbf20f02028.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

4552edb62dcae72c1ff94d1b39c67d63e91206baae09877a046b9d5d61a68525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2118
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 57c3cfc6a75556c31201aedfbbd09fa3.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 9B02 41 KB
7 KB 495ms
494ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/57c3cfc6a75556c31201aedfbbd09fa3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

aa2702f81a513a3c3f7f5f73c468b3f59d23c6a80267341a1dcbe5e1d7a0a2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET undefined4jgw0w
s0.2mdn.net/sadbundle/15901327962251256393/ Frame 9B02 0
0

GET
H3 200 ef55a09f66d0aa122161df9b64c338a7.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 22 KB
22 KB 366ms
366ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/ef55a09f66d0aa122161df9b64c338a7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

ce1ff810d526acf7451280109cddb94e649fda5fc4838ca566380abb39377b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22766
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 f922aed8b08534c2053e36805e578e82.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 23 KB
23 KB 445ms
443ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/f922aed8b08534c2053e36805e578e82.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2f5ff25e4ac6c680405ee5555ec8534a9ef2b49504054ea0974a30f753bd84d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23349
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 bbdd388ba50e0e8b2e6beecec09df899.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 4 KB
2 KB 249ms
247ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/bbdd388ba50e0e8b2e6beecec09df899.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

b2877dc3ad113488272acc0a80c066e203955c7b2a61b545265dcaf11afb8b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1631
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 93720b31ce0b6f88fd4e5e64e2705eaf.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 2 KB
2 KB 389ms
387ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/93720b31ce0b6f88fd4e5e64e2705eaf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

5e0f8fb707f75d6369464a266016218dc454a1c22295f2866da0f59d05c7e7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1926
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 391ddc9f2572e118349232d2acc4bf35.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 2 KB
2 KB 390ms
387ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/391ddc9f2572e118349232d2acc4bf35.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

fd67c84e99a4d7a5ad6eed25d31484916433cb60a20c5b8677e1325189f836a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 924390c26b35251cccd378af48fcf0f1.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 20 KB
20 KB 429ms
426ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/924390c26b35251cccd378af48fcf0f1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

7bdb8ccd0078c5bc18c1e5f8aed6a7263bbb085668ed7f7d7d7b2f2433907e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20042
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 e9b0a450f9f97aa43c60863b160f5c22.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 11 KB
11 KB 393ms
391ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/e9b0a450f9f97aa43c60863b160f5c22.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

2f42c1ef2a202ceae4ed4edbed4d5c8005593cfdd5d6de1a8ff2d589539d46a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10835
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 deca8d031f883f236ad6f87c631caf16.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 2 KB
1 KB 392ms
390ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/deca8d031f883f236ad6f87c631caf16.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

d0dd21f8c322d3a03ed96ad7c0f432978cf8c2f9a886370d3e403acd8ab7c2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1093
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET 50ac8ab81424d4b2cacf511b950cd2ae.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 0
0

GET
H3 200 ca978701ac8fad1c4daa6d8e56cf5aaf.png
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 7 KB
7 KB 252ms
250ms Image
image/png 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/ca978701ac8fad1c4daa6d8e56cf5aaf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

7f96497aa8fcbaf6789cbeddec3103e0c6b3bca2ca90ad52124669eca8c1261a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 2a8a5273067abd6dc39dac968301e184.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 15 KB
4 KB 424ms
423ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/2a8a5273067abd6dc39dac968301e184.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

a893725854c1174e0460fc0a9d4744c947e9b00b9dd23c38356b7b6fe6236233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4109
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 99fab651e27bf876ce065dbf20f02028.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 5 KB
2 KB 286ms
284ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/99fab651e27bf876ce065dbf20f02028.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

4552edb62dcae72c1ff94d1b39c67d63e91206baae09877a046b9d5d61a68525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2118
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET
H3 200 57c3cfc6a75556c31201aedfbbd09fa3.svg
s0.2mdn.net/sadbundle/15901327962251256393/media/ Frame 5C15 41 KB
7 KB 508ms
507ms Image
image/svg+xml 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15901327962251256393/media/57c3cfc6a75556c31201aedfbbd09fa3.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/f0f20b08f6bbd0f7ecd602a460e9931c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15901327962251256393/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6875
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 05:13:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 13:16:51 GMT

GET undefined4jgw0w
s0.2mdn.net/sadbundle/15901327962251256393/ Frame 5C15 0
0

GET view
googleads4.g.doubleclick.net/pcs/ Frame B99C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.aliexpress.com
URL: https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fsale.aliexpress.ru%2Fru%2F__pc%2Fcontinuation_default.htm%3Faf%3Da%2668432%26cn%3Ddallas%26cv%3D320403%26dp%3D173.245.209.46%26aff_fcid%3Dc8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%26tt%3DCPS_NORMAL%26aff_fsk%3D_DkvbRPd%26aff_platform%3Dportals-tool%26sk%3D_DkvbRPd%26aff_trace_key%3Dc8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%26terminal_id%3D4682d81db7724626b186ace0f3034bdf

Domain: ps.eyeota.net
URL: https://ps.eyeota.net/match?bid=9sn4omv&uid=IKJAsrSD1OTQnp5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=i0r4o4v&

Domain: www.wish.com
URL: https://www.wish.com/?irclickid=w09wlS3R7xyNWLpwfg0VZSHFUkDSnVznXUjWwE0&utm_source=Impact&utm_medium=affiliate&utm_campaign=CITYADS%20MEDIA%20POLSKA%E2%80%8A&utm_term=1234031&utm_content=966Z1XtJexZA3g2&from_ad=1234031&irgwc=1

Domain: www.claires.com
URL: https://www.claires.com/?utm_source=affiliatewindow&utm_campaign=922583&utm_medium=affiliates%20&awc=5387_1668250082_05c38ccf036adb03312dd003d6ccdc1d

Domain: www.tiqets.com
URL: https://www.tiqets.com/en/?partner=mtac

Domain: www.saksfifthavenue.com
URL: https://www.saksfifthavenue.com/?site_refer=AFF001&mid=38707&siteID=xALzvpIGBAw-ElIq16LAzYJ775b6wiv.aw

Domain: www.iherb.com
URL: https://www.iherb.com/?utm_source=agruna&utm_medium=affiliate&utm_campaign=1011l44232

Domain: www.agoda.com
URL: https://www.agoda.com/deals?pcs=1&cid=1818886

Domain: de.dhgate.com
URL: https://de.dhgate.com/?f=bm|aff|admitad|1019090|1d26e7a58f38e788b551189e46ce8eb7|197649||

Domain: www.zulily.com
URL: https://www.zulily.com/?irclickid=S9Exyh3R5xyNRw2xKQ3XYSymUkDSnTxPXUjWwE0&irgwc=1&tid=33338180_1020116_2334778_Linkbux_9643_zcvp2_&linkName=Beachy%20Picks%20by%20Personalized%20Planet&SID=

Domain: hlmiq.com
URL: https://hlmiq.com/to2/ticketnetwork.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/nolo.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/smartfares.com/

Domain: drop.com
URL: https://drop.com/?clickid=wqvV7Y3W3xyNWLpwfg0VZSHFUkDSnCTOXUjWwE0&irgwc=1&utm_term=252901&utm_content=Admitad%20-%201310690&utm_medium=affiliate&utm_source=impactradius&utm_placement=656490&utm_keyword=&mode=shop_open&utm_campaign=1310690&utm_network=4148

Domain: www.rentalcars.com
URL: https://www.rentalcars.com/?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1XtK9CZmPXY&utm_source=ca&aip=1jf&click_id=5hnZ1XtK9CZmPXY

Domain: hlmiq.com
URL: https://hlmiq.com/to2/menswearhouse.com/

Domain: is.gd
URL: https://is.gd/CZKad8

Domain: hlmiq.com
URL: https://hlmiq.com/to2/tirerack.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/hsn.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/myheritage.com/

Domain: www.bluejeans.com
URL: https://www.bluejeans.com/?gspk=YW5pdGFidXJpbGluYTc4MTc&gsxid=NrKEesXEbgoA&utm_content=affiliate&utm_medium=partnerstack&utm_source=anitaburilina7817

Domain: hlmiq.com
URL: https://hlmiq.com/to2/appliancepartspros.com/

Domain: www.lightinthebox.com
URL: https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=Xq0zrv3WzxyNWLpwfg0VZSHFUkDSnDT%3AXUjWwE0&irgwc=1

Domain: hlmiq.com
URL: https://hlmiq.com/to2/coursera2.org/

Domain: www.modlily.com
URL: https://www.modlily.com/?lkid=26554

Domain: www.kraken.com
URL: https://www.kraken.com/?clickid=0ZGwNh3RLxyNWLpwfg0VZSHFUkDSle0GXUjWwE0&utm_source=Impact&utm_medium=Affiliate&utm_campaign=1394953&utm_content=Online%20Tracking%20Link&irgwc=1&mpid=1394953

Domain: hlmiq.com
URL: https://hlmiq.com/to2/gentleherd.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/ashleymadison.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/princetonreview.com/

Domain: www.hotels.com
URL: https://www.hotels.com/?locale=en_US&pos=HCOM_US&rffrid=aff.hcom.US.038.000.1100l95727.kwrd=1101lwi9r9Ty&affcid=HCOM-US.DIRECT.PHG.1100l95727&afflid=1101lwi9r9Ty

Domain: www.rotita.com
URL: https://www.rotita.com/plus-size-clothes-vc-23-1.html?lkid=34745

Domain: sproutsocial.com
URL: https://sproutsocial.com/pricing/?gspk=YW5pdGFidXJpbGluYTc4MTc&gsxid=IXaEVvt535M3&utm_campaign=referral-tracking-partnerstack-2021&utm_content=partnerstack-pricing-page&utm_medium=Link&utm_source=Partnerships

Domain: hlmiq.com
URL: https://hlmiq.com/to2/anntaylor.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/crocs.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/forhims.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/revzilla.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/hotwire.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/priceline.com/

Domain: monday.com
URL: https://monday.com/?gspk=YW5pdGFidXJpbGluYTc4MTc&gsxid=aLhRTJXvwiG4&utm_campaign=partnerstack&utm_medium=anitaburilina7817&utm_source=partner

Domain: hlmiq.com
URL: https://hlmiq.com/to2/seatgeek.com/

Domain: changelly.com
URL: https://changelly.com/?from=btc&to=eth&amount=0.1&ref_id=t68bpi9bnrma1q8f

Domain: elementor.com
URL: https://elementor.com/pages/elementor-cloud-website-c/?cxd=63991_439729&utm_source=elementor&utm_medium=affiliate&utm_campaign=63991&utm_content=cx&affid=63991

Domain: wise.com
URL: https://wise.com/?clickref=1101lwi8MUce&partnerID=1100l95727&utm_medium=affiliate&utm_campaign=0&adref=&utm_source=phgagru&partnerizecampaignID=1100l645

Domain: hlmiq.com
URL: https://hlmiq.com/to2/ziprecruiter.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/ancestry.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/bookoutlet.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/skinstore.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/forever21.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/justfly.com/

Domain: www.vrbo.com
URL: https://www.vrbo.com/?CID=a_ph_6&utm_source=aff_ph&utm_medium=partner&utm_campaign=phgagru_1101l252&utm_content=0&k_clickid=1100lwhNUDQ3&affcid=VRBO-US.DIRECT.PHG.1100l95727

Domain: hlmiq.com
URL: https://hlmiq.com/to2/screencast-o-matic.com/

Domain: www.trip.com
URL: https://www.trip.com/?allianceid=849555&sid=1415694&ouid=1101lwi9NhjR

Domain: hlmiq.com
URL: https://hlmiq.com/to2/hulu.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/mango.us/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/shopbop.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/1800petmeds.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/finishline.com/

Domain: chaturbate.com
URL: https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n

Domain: hlmiq.com
URL: https://hlmiq.com/to2/bloomingdales.com/

Domain: www.aweber.com
URL: https://www.aweber.com/easy-email.htm?id=473824

Domain: hlmiq.com
URL: https://hlmiq.com/to2/caesars.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/fragrancenet.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/extendedstayamerica.com/

Domain: buyee.jp
URL: https://buyee.jp/?utm_medium=cpa&utm_source=affiliates&utm_term=fbfe3f4f2c962aabc953a7b577f0f7c6&vtm_channel=affiliatescomtw&vtm_stat_id=fbfe3f4f2c962aabc953a7b577f0f7c6&vtmz=true

Domain: hlmiq.com
URL: https://hlmiq.com/to2/allbeauty.us/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/onetravel.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/prettylittlething.us/

Domain: www.canva.com
URL: https://www.canva.com/q/pro/?clickId=zZiyi73RKxyNWLpwfg0VZSHFUkDSl50fXUjWwE0&utm_medium=affiliate&utm_source=korfoorg_1394953&irgwc=1

Domain: www.expedia.com
URL: https://www.expedia.com/?clickref=1101lwi9w8hy&affcid=US.DIRECT.PHG.1100l95727.0&ref_id=1101lwi9w8hy&my_ad=AFF.US.DIRECT.PHG.1100l95727.0

Domain: hlmiq.com
URL: https://hlmiq.com/to2/nike.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/cupshe.us/

Domain: www.itcosmetics.com
URL: https://www.itcosmetics.com/?utm_medium=all_affiliate&utm_source=rakuten&utm_content=Admitad&utm_keyword=eWwXyydyhzs-bl4pXZgVLFLIl2MqyJRtmQ&ranMID=42479&ranEAID=eWwXyydyhzs&ranSiteID=eWwXyydyhzs-bl4pXZgVLFLIl2MqyJRtmQ

Domain: hlmiq.com
URL: https://hlmiq.com/to2/shoedazzle.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/remitly.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/homary.com/

Domain: www.getyourguide.com
URL: https://www.getyourguide.com/?partner_id=ZUZJJY5&utm_medium=online_publisher&placement=%22banner%22

Domain: hlmiq.com
URL: https://hlmiq.com/to2/booking.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/alibris.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/kobo.us/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/reverb.com/

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=069f85d699f9dc55c88f1fd76886c222&pid=656490

Domain: hlmiq.com
URL: https://hlmiq.com/to2/globalexpress.rakuten.co.jp/

Domain: www.binance.us
URL: https://www.binance.us/en/register?ref=KZTDOPQP

Domain: hlmiq.com
URL: https://hlmiq.com/to2/udemy.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/myfreecams.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/ssense.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/bestwestern.com/

Domain: www.rosewe.com
URL: https://www.rosewe.com/&lkid=69324

Domain: hlmiq.com
URL: https://hlmiq.com/to2/mybookie.ag/

Domain: www.miniinthebox.com
URL: https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=0sayb63W1xyNWLpwfg0VZSHFUkDSnFR%3AXUjWwE0&irgwc=1

Domain: resistcorrectly.com
URL: https://resistcorrectly.com/m

Domain: bongacams.com
URL: https://bongacams.com/track?c=287325

Domain: hlmiq.com
URL: https://hlmiq.com/to2/princess.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/armani.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/hp.us/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/feverup.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/nordvpn.com/

Domain: www.viator.com
URL: https://www.viator.com/?pid=P00062740&mcid=42383&medium=link

Domain: hlmiq.com
URL: https://hlmiq.com/to2/abebooks.com/

Domain: kinsta.com
URL: https://kinsta.com/?kaid=ARRPTWYMWIMC

Domain: cex.io
URL: https://cex.io/r/0/up111785894/0/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/eventticketscenter.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/thumbtack.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/maccosmetics.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/underarmour.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/travelocity.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/swansonvitamins.com/

Domain: www.hotelscombined.com
URL: https://www.hotelscombined.com/?a_aid=172493

Domain: www.thelotter.net
URL: https://www.thelotter.net/?tl_affid=9175

Domain: hlmiq.com
URL: https://hlmiq.com/to2/dressbarn.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/childrensplace.com/

Domain: www.walmart.com
URL: https://www.walmart.com/?irgwc=1&sourceid=imp_3Fq3B83WyxyNWLpwfg0VZSHFUkDSnpRvXUjWwE0&veh=aff&wmlspartner=imp_1911769&clickid=3Fq3B83WyxyNWLpwfg0VZSHFUkDSnpRvXUjWwE0&sharedid=&affiliates_ad_id=565706&campaign_id=9383

Domain: www.freshworks.com
URL: https://www.freshworks.com/live-chat-software/?gspk=YW5pdGFidXJpbGluYTc4MTc&gsxid=MbOMGjuSgQ7a&utm_campaign=Growsumo&utm_medium=anitaburilina7817-Growsumo&utm_source=Growsumo&utm_tactic_id=3667546

Domain: hlmiq.com
URL: https://hlmiq.com/to2/fiverr/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/bhphotovideo.com/

Domain: hlmiq.com
URL: https://hlmiq.com/to2/dermstore.com/

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/undefined4jgw0w

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/media/50ac8ab81424d4b2cacf511b950cd2ae.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15901327962251256393/undefined4jgw0w

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTr5h9Bq-8wXOMnYhowb64DI-ElWBtXklRzUn9YjqnGnc3-Hcp9up-3wehECqRWjNiDkpaBBx96NMYgwb18k_tjgI5BgWjtyI-ZP4XkxBFZcZYccbAGjKjekswREMYWZKI3HXGcqU3XaXo209NMM8Shyun8pTOpL3V5XF7LItHRVZN_8w3Vb9_-i0tc1ohLx6tW0xAlkcHebozsrLW5nmAPH_3zWOFDUFZom44RrV-7we9DvGewA_kKg29St7HiGv5ogsBSJl6IOOeIZRVbe98sRB2VOT8i5v0P6M2dTlaHIAimtiQBgckTMSnXeRDxSNhsUWpQPHZF61zWPDLO8msTLJ7UCJ20bYyeb3iAG_ED9hOyj8tsziKts5t9RtozzkNgkiq_w9McpxvHZjKZM-T5MBY9KDoQo7rsvhUU596hJQA5UwxzLtmtlTeP-3J4dhP_bikkNsnoj8aWpVJpVpfQfJb8B1veb8x1W_h6Z-DknHBTIn6hY0n94B1l2Q4sm47lARwO89movFE3lgQODYxaN3mfDkcct4QNO0q_0UR9VCYBPRvKTDYicq6jYyyu0NWorv4D6MECIwTBITkTWe_8nv-z98sW-1D-kDU5zxXMk1jZ3O8Vi5DYDAuvU9mt50uVMg3KXggfJatI4Z8va8t6Vs9B6cCmgvPuhEEvaGyp_KTmceImY_79AItUaGg5WuoGbef-av0P15hDzCJXVZYRTN9c3xD1pEFLsCD1s5JB7tjQlTQRtzVyR7F_POP8QS2J_8wXS7JjaVZzh0oNiScdXIZJPdsASYZ91Y2Wpbzah2T-YO2B4TR26tVYT6vKIh6uvggrQJlHtrT_yTCUhz5vMXOknechDmAZAQBXkxlhf16EvHD6jfURkUVAAvMI6qgf2uKvPNgLAN-FwmRZHgKRNoFl1NCLXGjWCDOx64m0c4M0KZBdIoQ0e77QG-Uo3IbZV1mNMrL6XPqmVmjAqhzH_Vic55_msZEQWiIvZFWgJNzfe0IVX-pDZn7NtaFojU76zr-t67-oOMCLiV0FT-6NXZFYvYVE7EYJHJjwUFdvOp1D6nsxJA1d9nP578nLEQc8Tq61mKEEzl_lIVzeo7POKwdMUulMAjzMlAmaoaJucU_4OqHNR1Rk4v7VuXxWaiyo6XpuWTYUHIqhWYSWQlZSiA5odRHDbR4vaAOMcdpuT83GTeqinGj1VeEPxb4UHkcG8ApQb91m-Pzmgs&sai=AMfl-YRdi-HIrQ8GDl2iDVDrcoRZJx7gWhWFaSFKVA3W9L56kfy2aOhi1WyhaOQaSTPnRorOwyHI2Yc0nm0uzdoqo1Qy0iEHvC_Ul-6xc_JcUemxrA1ZnPQSnrGcIJb0m-mytsB5_AOIU__7C836NrVQCjiPXiG02TomsEoNgQw0pI5rjxvfVqEVI2CosgrzpdAL9hPBCXXmhd7ejjWd86Tk4dsz_UuxCJSpTg91B8WDPJYh_YuRdsb4tUTBiYB0jSFNqhMml8L-bemLFv1vSy-ThCk&sig=Cg0ArKJSzHmgv0WlMO2UEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2174&vt=11&dtpt=1340&dett=3&cstd=832&cisv=r20221109.40839&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.farmonlineweather.com.au/	1970-01-20 17:00:19	Name: __utma Value: 243469466.1946891184.1668259006.1668259006.1668259006.1
.farmonlineweather.com.au/	1969-12-31 23:59:59	Name: __utmc Value: 243469466
.farmonlineweather.com.au/	1970-01-20 11:47:07	Name: __utmz Value: 243469466.1668259006.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.farmonlineweather.com.au/	1970-01-20 07:24:19	Name: __utmt Value: 1
.farmonlineweather.com.au/	1970-01-20 07:24:20	Name: __utmb Value: 243469466.1.10.1668259006
.imrworldwide.com/	1970-01-20 16:45:55	Name: IMRID Value: 42143f00-628c-11ed-bf73-35de4fd20c28
.krxd.net/	1970-01-20 11:43:31	Name: _kuid_ Value: PMceEq7x
.farmonlineweather.com.au/	1970-01-20 11:43:31	Name: nol_fpid Value: ev5ialjtm8u2rhukdbh1s4xmsr3ui1668259007\|1668259007153\|1668259007153\|1668259007153
.casalemedia.com/	1970-01-20 16:09:55	Name: CMID Value: Y2.cvyf-eBIUGoJ.n3zqXgAA
.casalemedia.com/	1970-01-20 09:33:55	Name: CMPS Value: 4692
.casalemedia.com/	1970-01-20 09:33:55	Name: CMPRO Value: 4692
.rlcdn.com/	1970-01-20 16:09:55	Name: rlas3 Value: xFHdjhspAJYMucciQmXr0U1Sh0nSN9kke6vkl1brR1o=
.rlcdn.com/	1970-01-20 08:50:43	Name: pxrc Value: CAA=
.scorecardresearch.com/	1970-01-20 17:00:19	Name: UID Value: 1784b50affb893ae2ed394a1668259007
.rubiconproject.com/	1970-01-20 16:09:55	Name: khaos Value: LADYC8VR-1C-FN35
.rubiconproject.com/	1970-01-20 16:09:55	Name: audit Value: 1\|Jj+ai8dMh+3GeQNsal3bXY/atv77AHWdxqg4XB1t4bS1Mnm1d2tbLbvyaML4Nmplm8O4fH4Ue+ZBK03vAHceEPr3WPd2E0YenpU6Ba30WRJdnSoRwMVlFZE7jmj16+GK+fGjVWLbzJSjN0JEdN7yIw==
.eyeota.net/	1970-01-20 16:09:55	Name: mako_uid Value: 1846bfc4e0d-2287000001084411
.eyeota.net/	1970-01-20 07:24:19	Name: SERVERID Value: 17425~DM
.crwdcntrl.net/	1970-01-20 13:53:06	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 13:53:06	Name: _cc_id Value: 3ac88d4a06c085bc5b6ac5a37931a06f
.farmonlineweather.com.au/	1970-01-20 16:45:55	Name: __gads Value: ID=888cffb6adfe436e-22f7b21b55d80032:T=1668259007:S=ALNI_MZRhrXGAbQudjDHwoCAM0KEA4vuKQ
.farmonlineweather.com.au/	1970-01-20 16:45:55	Name: __gpi Value: UID=00000b7a5285756f:T=1668259007:RT=1668259007:S=ALNI_MaxO9maDlR3R-r6nTjYT1gJ7cYqcw
.pubmatic.com/	1970-01-20 07:25:45	Name: KTPCACOOKIE Value: YES
.doubleclick.net/	1970-01-20 17:00:19	Name: IDE Value: AHWqTUn_-oBMGIaWsOdFwCopQld1IT5NR_Dgxymhqy-PqAQikhK_j9slnSuQEDZ6mXI
.pubmatic.com/	1970-01-20 09:33:55	Name: KADUSERCOOKIE Value: 3616D0D7-6C29-49AD-8E35-062628BBBC19
.bluekai.com/	1970-01-20 11:44:57	Name: bku Value: 2VR991Yzqtmiq4TQ
.bluekai.com/	1970-01-20 11:44:57	Name: bkpa Value: KJy9ayeGd02pSUHknp/t1pDlwtkAwPOBRtPazE5T9yOEyyzr
.agkn.com/	1970-01-20 16:09:55	Name: ab Value: 0001%3AhkGlnwaQEdirfkj9%2Bzn961sdtFR9asZe
.pubmatic.com/	1970-01-20 08:07:31	Name: SPugT Value: 1668259009
.aliexpress.com/	1970-01-20 17:00:19	Name: xman_us_f Value: x_l=0&x_as_i=%7B%22aeuCID%22%3A%22c8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_DkvbRPd%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22716815331%22%2C%22tagtime%22%3A1668259009604%7D&acs_rt=4682d81db7724626b186ace0f3034bdf
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=dpsuxmwh25_a&acs_rt=4682d81db7724626b186ace0f3034bdf
.aliexpress.com/	1970-01-20 17:00:19	Name: aeu_cid Value: c8b17791c16f42fbb04e3c96d39fabc7-1668259009604-05677-_DkvbRPd
.aliexpress.com/	1970-01-20 09:33:55	Name: xman_t Value: Az9wEys7rKK2u6TufH+XC7uINgvt8wBF6hGay5qP8TOUATlRFlj+63waog6frA0Z
.aliexpress.com/	1970-01-20 17:00:19	Name: xman_f Value: ZynnN6vzvpydhMh3dMZF/2qp6Xyz2ie5jtDdR8dnL3t+IWnJBXzF8+x1NutJvALu+hpyC1AAbjG/Hff6CLCgs5lpif/dDVsAyx1INqRKXBCqMbx8JouVgg==
.aliexpress.com/	1970-01-20 17:00:19	Name: af_ss_a Value: 1
.doubleclick.net/	1970-01-20 07:24:22	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 16:09:55	Name: i Value: 508ba576-8217-4328-80e6-8ae914797b01\|1668259010
.adnxs.com/	1970-01-20 09:33:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hbzv=PwC!@wnfH8K6pQK`!5=E<L5?%M5/N^bbgC`):3Ork7jOeKd5uFv2?wL%NMG'XTbpRzqF1`b`1H*+0eO
.adnxs.com/	1970-01-20 09:33:55	Name: uuid2 Value: 7777872721772320419
.casalemedia.com/	1970-01-20 09:33:55	Name: CMTS Value: 4823
.teads.tv/	1970-01-20 16:08:28	Name: tt_viewer Value: 90e0e41b-ef46-49a2-a6f3-4ea0585d12e8

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://resources.weatherzone.com.au/wz/includes/js/glob_navigation.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://resources.weatherzone.com.au/wz/includes/jquery/jqmodal.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://resources.weatherzone.com.au/wz/includes/js/glob_util.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://resources.weatherzone.com.au/wz/includes/css/jqmodal.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://resources.weatherzone.com.au/wz/includes/jquery/jquery.cookies.2.2.0.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://resources.weatherzone.com.au/wz/includes/jquery/jMyCarousel.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://data.weatherzone.com.au/data/hourly/images/satellite/wz_sat_aus_116x87.latest.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://resources.weatherzone.com.au/wz//images/ads/wzservices/weatherzone_rss_350x160.jpg Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06a8e13174ffc8e5b384fabc4187a3eb.safeframe.googlesyndication.com
aa.agkn.com
adservice.google.com
adservice.google.com.au
as-sec.casalemedia.com
assets.adobedtm.com
beacon.krxd.net
bee.imrworldwide.com
bongacams.com
buyee.jp
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
cex.io
changelly.com
chaturbate.com
cm.g.doubleclick.net
consumer.krxd.net
content.dl-rms.com
data.weatherzone.com.au
de.dhgate.com
drop.com
dsum-sec.casalemedia.com
elementor.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gyhyygz6ebrjjnunoz8x07vfjorfd1668259007.nuid.imrworldwide.com
hbx.com
hlmiq.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image4.pubmatic.com
image6.pubmatic.com
is.gd
js-sec.indexww.com
kinsta.com
login.aliexpress.com
monday.com
odnaknopka.ru
offer.alibaba.com
otf.weatherzone.com.au
pagead2.googlesyndication.com
ps.eyeota.net
resistcorrectly.com
resources.weatherzone.com.au
s0.2mdn.net
sb.scorecardresearch.com
secure-au.imrworldwide.com
securepubads.g.doubleclick.net
sproutsocial.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
stripchat.com
sync.crwdcntrl.net
sync.teads.tv
token.rubiconproject.com
tpc.googlesyndication.com
us-u.openx.net
usermatch.krxd.net
wise.com
www.agoda.com
www.aweber.com
www.binance.us
www.bluejeans.com
www.buckle.com
www.canva.com
www.claires.com
www.ebay.com
www.expedia.com
www.farmonlineweather.com.au
www.freshworks.com
www.getyourguide.com
www.google.com
www.googletagservices.com
www.hotels.com
www.hotelscombined.com
www.iherb.com
www.itcosmetics.com
www.kraken.com
www.lightinthebox.com
www.miniinthebox.com
www.modlily.com
www.olly.com
www.rentalcars.com
www.rosewe.com
www.rotita.com
www.saksfifthavenue.com
www.semrush.com
www.thelotter.net
www.tiqets.com
www.trip.com
www.viator.com
www.vrbo.com
www.walmart.com
www.wish.com
www.zulily.com
bongacams.com
buyee.jp
cex.io
changelly.com
chaturbate.com
de.dhgate.com
drop.com
elementor.com
googleads4.g.doubleclick.net
hlmiq.com
is.gd
kinsta.com
login.aliexpress.com
monday.com
offer.alibaba.com
ps.eyeota.net
resistcorrectly.com
s0.2mdn.net
sproutsocial.com
wise.com
www.agoda.com
www.aweber.com
www.binance.us
www.bluejeans.com
www.canva.com
www.claires.com
www.expedia.com
www.freshworks.com
www.getyourguide.com
www.hotels.com
www.hotelscombined.com
www.iherb.com
www.itcosmetics.com
www.kraken.com
www.lightinthebox.com
www.miniinthebox.com
www.modlily.com
www.rentalcars.com
www.rosewe.com
www.rotita.com
www.saksfifthavenue.com
www.thelotter.net
www.tiqets.com
www.trip.com
www.viator.com
www.vrbo.com
www.walmart.com
www.wish.com
www.zulily.com
104.18.13.76
104.18.19.126
104.18.63.130
104.254.151.120
13.224.250.61
13.33.88.104
13.33.88.113
13.33.88.47
139.5.84.243
142.132.202.70
142.250.4.154
142.250.4.155
142.251.10.155
142.251.12.132
142.251.12.154
142.251.12.155
151.101.130.133
172.217.194.155
172.217.194.157
172.217.194.97
176.9.60.211
18.155.68.48
18.155.68.58
18.155.68.71
18.155.68.94
192.229.189.136
23.207.37.206
23.227.38.74
23.36.48.244
23.53.160.118
23.53.160.138
3.0.197.111
34.120.45.191
34.98.64.218
35.190.60.146
52.199.182.20
52.76.128.105
54.192.150.117
54.192.150.129
54.202.29.137
54.85.225.242
67.199.150.81
67.199.150.85
69.173.158.64
74.125.24.148
74.125.24.156
74.125.24.157
74.125.68.132
74.125.68.147
0114f37149f6157ef2a2c05817065b0ed99b1efc3386e25b7a99a2b6c1a017d8
0599d1678c7d235c258d74876dc842f187fc0dd0660ee4a744341fcfd00eac5f
0915578e3545433f07867c65210b4bec0d8e30f64dd37884ae4ed65504b3ea2a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ebc9e5f79ed26564a6acddc85dbe47622235a985d6acc64ddd69c2450055c55
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
171658a9c9a8c38dd55fe0dacfc775ebe0ca848dd991d4fb388c4170343fcd36
17e5f98fa90703bf789da01433726b59fa4ccee9ef3b277be4bfef111c7338a7
1a4ffad6583250964086e41d380ffa62056d98c17448dc21dc12a108a880f6b5
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
2476a5d9da615bbb3f86bf6cb783f6fef2e6f5235725d5081aa1f16232a67f1f
29423cb4bcb324cf7ea3e069b79aacedf4e7cfce818c479128600b123a9204d3
2a7bac7b06d018f2f546d64c83cd08fd8cf683682797f5fe83ca09715f3949e0
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2d2b44f435cad466588f4071af9e409219c813e97d102a64cbebf8303224ca8b
2d329c98c9396b4493cbc4853e777afd2b6247e379da0f1c34383cc161279496
2d3479dc845f993ad53af5c69ff2781b477f58381f1d69f2a7b03bd7ce92ab1b
2d9c585d2e6a29419830253b20e33780819b800179c7f5f00ae31d545511c339
2db52ed661db0fa7ae7a99f288d8edc8de191160e83f6e17c39e89bbd06e7a39
2f42c1ef2a202ceae4ed4edbed4d5c8005593cfdd5d6de1a8ff2d589539d46a6
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5ff25e4ac6c680405ee5555ec8534a9ef2b49504054ea0974a30f753bd84d8
3051ffa764cf6837df04cf7a3f9492c4d74f2e82e4388a41c2cf3b23786ac54e
30ebafd8f1df6d9a645caa3c52d95e516649ae73ef257f08bf811bbd37c78364
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8
39532e54b5b4f90cf0429ff3131fb0e590c78fac028e8b6e0221737085a601f9
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420
4552edb62dcae72c1ff94d1b39c67d63e91206baae09877a046b9d5d61a68525
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
494e75f228f4ada66acec72ea644bc6f64c80c244f54506bea77de2fa56aaac2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd289b647bf0b798e05dd30f53518cfd4843cb1321b3dc815b2494fac6202ac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5310fc6d6947237399129ad86bfa9fa1a58b0d68bbfc3b44cbe717e17c3d4cc2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53deeda9ac29445a49081d49f76e445b2d33a70e25b16169e993f045071ca540
559eb1d11b28dc7cdf3968b2f24be18cc6957d107d58fa800ed24dc937e56b5d
5b58d2ef9be11bdad19cb90e0fc099e8e975aa4a5d9a139205dbaefa3ee033b0
5b5c46ec6c30e23f190a7415341061e5927b2623845e952c497bde96d9b46486
5c91d27482b12873bdef8486d9d4cc653abe0d18c856e65d9fc2eb814237b633
5e0f8fb707f75d6369464a266016218dc454a1c22295f2866da0f59d05c7e7d3
5e63d94fd54f0a9669351a0d8e4dcd3e84d46ce48af1faa2bbd312e9afa8a7ac
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fda48c729ba08756e2013e240dd09b0f21b33ef3b6722efa601bb22acef315f
66f1780cdf327373c70f5845e8465afe896d3bff16f82b2075e650b4836cbd0b
683eb28def345d55e3c4f389fdd07bdd6e035161463bb3138388c51a90cbdb7a
6a82d92cf0fe04d9abbe41964c63777c9ce7de4ff79a93e4bab13934db3fc2ee
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
776e2f71190ac8e9e36d0ed782bcf8722c557c25b62dcd9e9abc5de7e2058433
77752e81f00674523ab56f2117ff416da20faa95b0c1e9ba1b371cc63bd5c81d
7a81e10bee53a7993bb306ab4e74c1160aa411b1eb378881100f4156be00c76c
7bdb8ccd0078c5bc18c1e5f8aed6a7263bbb085668ed7f7d7d7b2f2433907e13
7ed0e36b80c93f14bf25b7bbd06842e0eb07b4e58d63adc0d10cc056694defc0
7f96497aa8fcbaf6789cbeddec3103e0c6b3bca2ca90ad52124669eca8c1261a
8034e05b2d1392383bd63760e194319a83d4a0a46cd47576c67265f5a5e16756
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850c0413e9cf0be466b6842267f5096b766ef142d192decacdda8b19b2af3dfa
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
86ececb795f37ae370f5e8cac77b770a980a638a1853f2019f864d52cdb2a33d
876ddfca3675be0a637989ddc207954e3e9cc4f7e491a6fc85f1a3a6ad65ae2f
881a47e1b01340e2d58b636ca8c2873e3ffa01debd4faff5c6c620b7aa293c8e
88fdbf02fcbe660b66c6893fc709ad674299c534e9c54df4009615c752b927f6
8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d
90cf0cdf42ccc6f9a313b12387b2c0ea813a48d75e32f4be83ffcbd1325bb9a5
91acdccd53d56fac97c1852c6024b19aee2d98d30a534ab99a56f0d673d594d4
91f065334c658a997ca4edad0686689852838e1294a87448e56a2784b66edd5b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04
a893725854c1174e0460fc0a9d4744c947e9b00b9dd23c38356b7b6fe6236233
a8e03a070279f944f7a497142ca614d011f53ec2a9a07d2a54f5a4283877ef40
aa2702f81a513a3c3f7f5f73c468b3f59d23c6a80267341a1dcbe5e1d7a0a2d5
aca812459d3c2ab7544d53f93c7ba6acb51d27ce78fc3943b2091c88e7784d98
af202d13dcbafcebd49733fdb79729b4bfc90920aa2163932054b217494af2f7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2877dc3ad113488272acc0a80c066e203955c7b2a61b545265dcaf11afb8b0a
b5ce9ea266d9a7620b873c72ce4794bfd65c65b3be191d00639e9389276bf446
b91af4df8b807f687a9596fe0845445047ee08f65bc15d70afb695d84ca9b81d
b9200935e1c176ad5941bbf242d93811401ebe2924217dfe89cbaf140e7bf4bf
b9f9c6d0ad72d7fc33cd1558c00489f65d45bc61e2e6bf159e3f9956101e38c3
ba63e246385bb9b278c02256c49ccf80b8827b45035e9b5a6e80110955e43878
beb74b75060233657d64bb4a0d8274e6c2de09cfcfa13d936d7163dd2c146590
bf0608bf8dd716388c00ca8223bee994e2d25226aa8e4e32da70a525613fdf4b
bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5
c0b24ffda884f826ade7d9bf5890779d07809d256a5e8a75fedfcfd96eaf23ed
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c23c1f75741056ad8d50312f92a40cf4b78a258e5a4a8d81d7b55d54f2a0f0e6
c5023ba0eb7b42e9c362c60c31dca10fe5507fbe90809324cddd188ecef03ea7
c5228194e752991d57e7454ac01a3297b588cefc1cd796a1318a8f1f839ae908
c576c76548bc1f401c700ae01d9906954788a89d81cbfeb2a1788dc62e4e03e4
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c8ec417030d2ef6219261533519ac874d8ab876ec6f1e9f06738bb43e862f7cd
cbae66d39827be563de7a30b908fb58db7f31e65424d1dad3b49b9ca94bfdf9c
ce1ff810d526acf7451280109cddb94e649fda5fc4838ca566380abb39377b79
d0dd21f8c322d3a03ed96ad7c0f432978cf8c2f9a886370d3e403acd8ab7c2e6
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d525395d3f25e757575b00dda62356295d1f701dddac9d3f5333f7c99e953eae
d70a7c44155278839f951fb1fac74d75c1fe373e3cea0292c8b59c18b3a0c8c9
d99273766e6b52bbca7ada61e92bc4f6b1c482b05d7e90301869700d1e6f69aa
db41849923e429c11078afa9fb9fc3dbccffa6c3875178b99311f9ed73fb460b
e0be780bef183e52fbd511546ce9c2992467a24930c9c51766dcc99d08a2b95b
e2ddce8d20789ac78878d4a0a65cabb31563901dc7f5f81c42365fffdad92de3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
ea0608a11ab491b62ef01eb6a704f921db83a535dcbda2c4ba037f17f6fea3d6
ea12811af4fa5dc577286d86d8a340182b9bd6323b0ba3f4f25919e916d26df3
ebab3ba6b649a724873c8a04e230b316640e9dc4b684bd064ede6bf619dda045
ec90e62528b7355dfcb1069f6c07e33320bbda391a4e2a56c59c0653b9f8b3bd
ed4bfa5c1875ce3b632e0aca6b0228f577800e411cb5911fcdb50a385816e49d
ee6ca4a9ec51cb637ca6d5ada94a0c94d5270a1962feb960ed07835f564bb65f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f115ce3ac402aff5da4a00d48fc702c90157411cd1b6a464a95cfb17f65ba30f
f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8
f45e7b9e1511124991ea0818692a7c4f42e2add899c16c983467d42f40ac37cc
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
f910edb7e9631bb5b7894a6698160508e200e75d65ca4b49e7567cbd2335d017
fd67c84e99a4d7a5ad6eed25d31484916433cb60a20c5b8677e1325189f836a5
ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

www.farmonlineweather.com.au Open in urlscan Pro 18.155.68.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

336 Requests

57 %HTTPS

0 %IPv6

80 Domains

99 Subdomains

46 IPs

8 Countries

2231 kBTransfer

4851 kBSize

41 Cookies

25 Outgoing links

Page URL History

Redirected requests

336 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.farmonlineweather.com.au Open in urlscan Pro
18.155.68.94 Public Scan

Screenshot
Live screenshot

Full Image

336
Requests

57 %
HTTPS

0 %
IPv6

80
Domains

99
Subdomains

46
IPs

8
Countries

2231 kB
Transfer

4851 kB
Size

41
Cookies

336 HTTP transactions
4 data transactions