urlscan.io logo urlscan.io
SecurityTrails logo

supercoach.heraldsun.com.au Open in urlscan Pro
13.33.88.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://supercoach.heraldsun.com.au/
Effective URL: https://supercoach.heraldsun.com.au/
Submission: On February 22 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 9 countries across 93 domains to perform 456 HTTP transactions. The main IP is 13.33.88.123, located in United States and belongs to AMAZON-02, US. The main domain is supercoach.heraldsun.com.au.
TLS certificate: Issued by Amazon on November 2nd 2022. Valid for: a year.
This is the only time supercoach.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.33.88.80 16509 (AMAZON-02)
37 13.33.88.123 16509 (AMAZON-02)
2 172.217.194.95 15169 (GOOGLE)
16 23.207.180.112 16625 (AKAMAI-AS)
10 23.207.180.247 16625 (AKAMAI-AS)
13 23.207.180.192 16625 (AKAMAI-AS)
4 157.240.15.13 32934 (FACEBOOK)
2 172.217.194.94 15169 (GOOGLE)
2 192.229.237.25 15133 (EDGECAST)
1 172.217.194.157 15169 (GOOGLE)
1 23.207.181.29 16625 (AKAMAI-AS)
5 52.84.45.86 16509 (AMAZON-02)
1 52.84.251.33 16509 (AMAZON-02)
2 18.155.68.8 16509 (AMAZON-02)
1 104.244.42.200 13414 (TWITTER)
19 13.226.70.184 16509 (AMAZON-02)
24 104.20.106.62 13335 (CLOUDFLAR...)
2 5 52.222.144.98 16509 (AMAZON-02)
2 142.251.10.148 15169 (GOOGLE)
4 74.125.200.97 15169 (GOOGLE)
1 65.9.158.139 16509 (AMAZON-02)
2 72.247.81.162 20940 (AKAMAI-ASN1)
1 18.155.68.87 16509 (AMAZON-02)
2 107.22.40.64 14618 (AMAZON-AES)
2 151.101.65.175 54113 (FASTLY)
2 172.67.38.106 13335 (CLOUDFLAR...)
1 23.207.180.236 16625 (AKAMAI-AS)
9 20 142.250.4.156 15169 (GOOGLE)
5 13.33.79.24 16509 (AMAZON-02)
1 13.227.254.27 16509 (AMAZON-02)
2 172.64.101.9 13335 (CLOUDFLAR...)
1 151.101.193.140 54113 (FASTLY)
4 184.50.85.210 20940 (AKAMAI-ASN1)
2 13.35.14.254 16509 (AMAZON-02)
2 199.232.44.157 54113 (FASTLY)
1 34.120.195.249 396982 (GOOGLE-CL...)
3 52.84.251.126 16509 (AMAZON-02)
4 52.84.251.118 16509 (AMAZON-02)
1 13 13.250.236.77 16509 (AMAZON-02)
1 52.84.251.86 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
10 74.125.68.154 15169 (GOOGLE)
3 74.125.130.154 15169 (GOOGLE)
2 35.174.222.86 14618 (AMAZON-AES)
2 172.217.194.138 15169 (GOOGLE)
3 157.240.15.35 32934 (FACEBOOK)
1 18.155.68.45 16509 (AMAZON-02)
4 142.251.12.157 15169 (GOOGLE)
4 162.19.138.82 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 13.227.248.101 16509 (AMAZON-02)
2 18.161.111.49 16509 (AMAZON-02)
2 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
2 7 104.254.148.252 29990 (ASN-APPNEX)
1 104.18.25.185 13335 (CLOUDFLAR...)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 104.244.42.197 13414 (TWITTER)
2 104.244.42.131 13414 (TWITTER)
1 5 35.190.43.134 15169 (GOOGLE)
5 54.151.157.82 16509 (AMAZON-02)
1 35.241.45.82 15169 (GOOGLE)
1 18.155.68.116 16509 (AMAZON-02)
1 13.228.15.221 16509 (AMAZON-02)
1 151.101.129.140 54113 (FASTLY)
2 13.211.184.0 16509 (AMAZON-02)
1 18.138.86.105 16509 (AMAZON-02)
3 63.140.48.134 16509 (AMAZON-02)
1 1 54.179.29.59 16509 (AMAZON-02)
6 142.251.10.99 15169 (GOOGLE)
4 142.251.12.94 15169 (GOOGLE)
2 9 52.46.155.104 16509 (AMAZON-02)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
2 52.76.107.159 16509 (AMAZON-02)
1 52.84.251.38 16509 (AMAZON-02)
8 12 69.173.158.64 26667 (RUBICONPR...)
4 15 15.197.193.217 16509 (AMAZON-02)
4 13.35.15.213 16509 (AMAZON-02)
1 23.45.116.82 20940 (AKAMAI-ASN1)
2 151.101.1.108 54113 (FASTLY)
1 2 172.217.194.149 15169 (GOOGLE)
1 74.125.24.157 15169 (GOOGLE)
1 2 103.43.90.54 29990 (ASN-APPNEX)
4 23.207.180.199 16625 (AKAMAI-AS)
2 6 104.18.24.185 13335 (CLOUDFLAR...)
1 1 199.127.207.184 26120 (RHYTHMONE)
2 2 18.141.80.142 16509 (AMAZON-02)
1 1 34.198.254.80 14618 (AMAZON-AES)
1 44.230.85.187 16509 (AMAZON-02)
1 13.33.88.96 16509 (AMAZON-02)
3 5 13.107.42.14 8068 (MICROSOFT...)
1 74.125.130.157 15169 (GOOGLE)
2 142.251.12.155 15169 (GOOGLE)
1 142.251.12.132 15169 (GOOGLE)
2 2 104.69.166.9 16625 (AKAMAI-AS)
1 18.198.226.167 16509 (AMAZON-02)
2 182.161.73.129 55569 (CRITEO-AS...)
8 9 151.101.66.49 54113 (FASTLY)
1 9 139.5.84.243 27381 (CASALE-MEDIA)
6 23.39.5.30 16625 (AKAMAI-AS)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
8 172.253.118.132 15169 (GOOGLE)
6 74.125.24.156 15169 (GOOGLE)
5 103.231.98.194 62713 (AS-PUBMATIC)
2 103.231.98.196 62713 (AS-PUBMATIC)
5 5 52.74.162.2 16509 (AMAZON-02)
1 2 103.71.26.126 132134 (SPOTX-AS-...)
2 182.161.73.136 55569 (CRITEO-AS...)
2 2 50.31.142.95 23352 (SERVERCEN...)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 52.84.251.103 16509 (AMAZON-02)
1 151.101.65.44 54113 (FASTLY)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 145.40.73.5 54825 (PACKET)
1 3 18.138.150.118 16509 (AMAZON-02)
1 52.95.125.22 16509 (AMAZON-02)
2 2 103.229.205.242 30419 (MEDIAMATH...)
5 67.199.150.86 3257 (GTT-BACKB...)
3 3 35.190.60.146 15169 (GOOGLE)
1 2 107.178.254.65 396982 (GOOGLE-CL...)
1 34.124.209.251 396982 (GOOGLE-CL...)
7 52.119.187.0 16509 (AMAZON-02)
2 13.112.47.49 16509 (AMAZON-02)
2 104.18.10.47 13335 (CLOUDFLAR...)
1 69.173.158.67 26667 (RUBICONPR...)
1 106.10.218.42 56173 (YAHOO-SG3...)
2 119.161.10.12 38032 (YAHOO-HK2...)
1 106.10.236.40 56173 (YAHOO-SG3...)
2 2 13.115.235.137 16509 (AMAZON-02)
2 2 23.106.69.72 59253 (LEASEWEB-...)
15 3.211.174.139 14618 (AMAZON-AES)
17 142.250.4.149 15169 (GOOGLE)
3 103.231.98.195 62713 (AS-PUBMATIC)
1 1 18.138.18.111 ()
1 1 103.229.10.247 ()
1 1 182.161.73.146 ()
1 1 172.104.45.159 ()
1 220.150.223.50 ()
1 2 13.228.146.168 ()
2 2 35.213.12.39 ()
1 34.111.79.67 ()
456 123
1    13.33.88.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-80.sin2.r.cloudfront.net
supercoach.heraldsun.com.au
37    13.33.88.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-123.sin2.r.cloudfront.net
supercoach.heraldsun.com.au
2    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
16    23.207.180.112 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-112.deploy.static.akamaitechnologies.com
www.news.com.au
content.api.news
10    23.207.180.247 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-247.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
13    23.207.180.192 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-192.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
tags.news.com.au
4    157.240.15.13 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net
2    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
2    192.229.237.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
pubads.g.doubleclick.net
1    23.207.181.29 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-29.deploy.static.akamaitechnologies.com
players.brightcove.net
5    52.84.45.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-86.mrs52.r.cloudfront.net
static.adsafeprotected.com
1    52.84.251.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-33.sin5.r.cloudfront.net
assets.vidora.com
2    18.155.68.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-8.sin52.r.cloudfront.net
tips.com.au
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
19    13.226.70.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-70-184.mnl50.r.cloudfront.net
d32guktqcrn2b4.cloudfront.net
24    104.20.106.62 (None, )

ASN13335 (CLOUDFLARENET, US)
omny.fm
5    52.222.144.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-144-98.mrs52.r.cloudfront.net
www.omnycontent.com
2    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
ad.doubleclick.net
4    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
1    65.9.158.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-158-139.bkk50.r.cloudfront.net
static.chartbeat.com
2    72.247.81.162 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-162.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
1    18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net
au.tags.newscgp.com
2    107.22.40.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-40-64.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.65.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.207.180.236 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-236.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
20    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
5    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    13.227.254.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-27.sin52.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.64.101.9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
4    184.50.85.210 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-50-85-210.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    13.35.14.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-14-254.sin5.r.cloudfront.net
sc-static.net
2    199.232.44.157 (Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o479328.ingest.sentry.io
3    52.84.251.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-126.sin5.r.cloudfront.net
cdn-gl.imrworldwide.com
4    52.84.251.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-118.sin5.r.cloudfront.net
au-script.dotmetrics.net
13    13.250.236.77 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
dpm.demdex.net
1    52.84.251.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-86.sin5.r.cloudfront.net
cdn.adsafeprotected.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
10    74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net
pagead2.googlesyndication.com
3    74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
googleads4.g.doubleclick.net
2    35.174.222.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-222-86.compute-1.amazonaws.com
ping.chartbeat.net
2    172.217.194.138 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f138.1e100.net
www.google-analytics.com
3    157.240.15.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-sin6.facebook.com
www.facebook.com
1    18.155.68.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-45.sin52.r.cloudfront.net
ncg.tags.news.com.au
4    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
googleads.g.doubleclick.net
4    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    13.227.248.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-248-101.sin52.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
aax.amazon-adsystem.com
2    18.161.111.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-49.mrs52.r.cloudfront.net
geo.privacymanager.io
2    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
7    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
5    54.151.157.82 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-157-82.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
1    18.155.68.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-116.sin52.r.cloudfront.net
rm-script.dotmetrics.net
1    13.228.15.221 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-15-221.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    13.211.184.0 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-211-184-0.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.138.86.105 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-86-105.ap-southeast-1.compute.amazonaws.com
newscorpau.demdex.net
3    63.140.48.134 (United States)

ASN16509 (AMAZON-02, US)
metrics.heraldsun.com.au
edge.adobedc.net
1    54.179.29.59 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-29-59.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
6    142.251.10.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f99.1e100.net
www.google.com
4    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.google.com.au
9    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.76.107.159 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-107-159.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    52.84.251.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-38.sin5.r.cloudfront.net
y6vdtbezmcosf0en7rera5gnmoy4v1677108358.nuid.imrworldwide.com
12    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
15    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
4    13.35.15.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-15-213.sin5.r.cloudfront.net
js.adsrvr.org
1    23.45.116.82 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-116-82.deploy.static.akamaitechnologies.com
snap.licdn.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
8228261.fls.doubleclick.net
1    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
www.googleadservices.com
2    103.43.90.54 (Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
4    23.207.180.199 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-199.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
6    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    199.127.207.184 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    18.141.80.142 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    34.198.254.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-254-80.compute-1.amazonaws.com
usermatch.krxd.net
1    44.230.85.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-187.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    13.33.88.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-96.sin2.r.cloudfront.net
cdn.linkedin.oribi.io
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
adservice.google.com.au
2    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com
1    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com
2    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    18.198.226.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-226-167.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
9    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    23.39.5.30 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-5-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
8    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
tpc.googlesyndication.com
6    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
www.googletagservices.com
ade.googlesyndication.com
5    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    52.74.162.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    103.71.26.126 (Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    50.31.142.95 (Itasca, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    52.84.251.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-103.sin5.r.cloudfront.net
check.analytics.rlcdn.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    145.40.73.5 (Queenstown Estate, Singapore)

ASN54825 (PACKET, US)
sync.1rx.io
3    18.138.150.118 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-150-118.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.124.209.251 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
7    52.119.187.0 (Singapore)

ASN16509 (AMAZON-02, US)
aax-fe-sin.amazon-adsystem.com
2    13.112.47.49 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-47-49.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    69.173.158.67 (Singapore)

ASN26667 (RUBICONPROJECT, US)
beacon-sin1.rubiconproject.com
1    106.10.218.42 (Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: pr-ats-ing.pbp.vip.sg3.yahoo.com
pn.ybp.yahoo.com
2    119.161.10.12 (Singapore)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)
PTR: e2.ycpi.vip.sgb.yahoo.com
cdn.js7k.com
beap-bc.yahoo.com
1    106.10.236.40 (Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: o2.ycpi.vip.sg3.yahoo.com
s.yimg.com
2    13.115.235.137 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-235-137.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    23.106.69.72 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
15    3.211.174.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-174-139.compute-1.amazonaws.com
dt.adsafeprotected.com
17    142.250.4.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f149.1e100.net
s0.2mdn.net
3    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    103.229.10.247 (None, )

ASN- ()
cms.quantserve.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
1    172.104.45.159 (None, )

ASN- ()
gocm.c.appier.net
1    220.150.223.50 (None, )

ASN- ()
sync-dsp.ad-m.asia
2    13.228.146.168 (None, )

ASN- ()
sync.crwdcntrl.net
2    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
1    34.111.79.67 (None, )

ASN- ()
odr.mookie1.com
Apex Domain
Subdomains		 Transfer
40 heraldsun.com.au
supercoach.heraldsun.com.au
metrics.heraldsun.com.au — Cisco Umbrella Rank: 965711
2 MB
32 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 428
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 200420
225 KB
26 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 571
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3177
pixel.adsafeprotected.com — Cisco Umbrella Rank: 679
dt.adsafeprotected.com — Cisco Umbrella Rank: 531
214 KB
24 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 542
pixel.rubiconproject.com — Cisco Umbrella Rank: 316
eus.rubiconproject.com — Cisco Umbrella Rank: 528
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1021
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2871
beacon-sin1.rubiconproject.com — Cisco Umbrella Rank: 16063
43 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 477
s.amazon-adsystem.com — Cisco Umbrella Rank: 274
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 936
aax-fe-sin.amazon-adsystem.com — Cisco Umbrella Rank: 19548
aax.amazon-adsystem.com — Cisco Umbrella Rank: 778
115 KB
24 omny.fm
omny.fm — Cisco Umbrella Rank: 13456
404 KB
20 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 441
image5.pubmatic.com — Cisco Umbrella Rank: 86748
ads.pubmatic.com — Cisco Umbrella Rank: 463
image2.pubmatic.com — Cisco Umbrella Rank: 882
image6.pubmatic.com — Cisco Umbrella Rank: 731
simage2.pubmatic.com — Cisco Umbrella Rank: 657
simage4.pubmatic.com — Cisco Umbrella Rank: 1166
image4.pubmatic.com
23 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
ade.googlesyndication.com
150 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
js.adsrvr.org — Cisco Umbrella Rank: 1442
insight.adsrvr.org — Cisco Umbrella Rank: 568
17 KB
19 cloudfront.net
d32guktqcrn2b4.cloudfront.net
273 KB
17 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 270
213 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 474
ssum.casalemedia.com — Cisco Umbrella Rank: 1360
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421
dsum.casalemedia.com — Cisco Umbrella Rank: 1293
11 KB
15 api.news
content.api.news — Cisco Umbrella Rank: 53781
2 MB
14 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 199
newscorpau.demdex.net — Cisco Umbrella Rank: 106893
18 KB
13 news.com.au
www.news.com.au — Cisco Umbrella Rank: 83992
tags.news.com.au — Cisco Umbrella Rank: 54382
ncg.tags.news.com.au — Cisco Umbrella Rank: 136587
353 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 535
secure.adnxs.com — Cisco Umbrella Rank: 385
30 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 273
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422
pn.ybp.yahoo.com — Cisco Umbrella Rank: 985
beap-bc.yahoo.com — Cisco Umbrella Rank: 756
7 KB
10 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1029
sync-tm.everesttech.net — Cisco Umbrella Rank: 586
2 KB
10 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1011
38 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2752
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7821
y6vdtbezmcosf0en7rera5gnmoy4v1677108358.nuid.imrworldwide.com
68 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
174 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 359
www.linkedin.com — Cisco Umbrella Rank: 567
3 KB
5 google.com.au
www.google.com.au — Cisco Umbrella Rank: 25313
adservice.google.com.au — Cisco Umbrella Rank: 97424
1 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 833
1 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 787
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3931
idsync.rlcdn.com — Cisco Umbrella Rank: 340
id.rlcdn.com — Cisco Umbrella Rank: 614
2 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 48302
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5710
20 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 927
id5-sync.com — Cisco Umbrella Rank: 396
36 KB
5 omnycontent.com
www.omnycontent.com — Cisco Umbrella Rank: 18909
82 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 735
syndication.twitter.com — Cisco Umbrella Rank: 1007
analytics.twitter.com — Cisco Umbrella Rank: 617
133 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 426
1 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 725
gum.criteo.com — Cisco Umbrella Rank: 391
dis.criteo.com
7 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 765
99 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2336
bs.serving-sys.com — Cisco Umbrella Rank: 1473
lm.serving-sys.com — Cisco Umbrella Rank: 2335
80 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
225 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
223 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
315 B
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3771
geo.privacymanager.io — Cisco Umbrella Rank: 1630
53 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4546
udc-neb.kampyle.com — Cisco Umbrella Rank: 2469
88 KB
3 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 116474
au.pixel.newscgp.com — Cisco Umbrella Rank: 127727
48 KB
2 bidswitch.net
x.bidswitch.net
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
576 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1041
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 514
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1384
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 715
537 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 460
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 520
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 693
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 420
499 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 630
57 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 553
stags.bluekai.com — Cisco Umbrella Rank: 489
963 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1417
beacon.krxd.net — Cisco Umbrella Rank: 581
529 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 993
1 KB
2 t.co
t.co — Cisco Umbrella Rank: 522
471 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1204
401 B
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 623
30 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 867
27 KB
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3059
18 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 17241
3 KB
2 tips.com.au
tips.com.au
5 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 92103
144 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 mookie1.com
odr.mookie1.com
213 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 appier.net
gocm.c.appier.net
393 B
1 quantserve.com
cms.quantserve.com
593 B
1 ambientdsp.com
cm.ambientdsp.com
653 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 459
1 KB
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 852
15 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 726
612 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 518
99 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 644
369 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1489
349 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 824
374 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 30594
698 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
17 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 729
5 KB
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7334
835 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1525
157 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1014
414 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
2 KB
1 sentry.io
o479328.ingest.sentry.io — Cisco Umbrella Rank: 24296
271 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1390
8 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 19092
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1441
24 KB
1 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 16692
5 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3864
250 KB
0 semasio.net Failed
uipglob.semasio.net Failed
0 adform.net Failed
c1.adform.net Failed
0 turn.com Failed
d.turn.com Failed
ad.turn.com Failed
456 93
Domain Requested by
38 supercoach.heraldsun.com.au 1 redirects supercoach.heraldsun.com.au
24 omny.fm supercoach.heraldsun.com.au
omny.fm
19 d32guktqcrn2b4.cloudfront.net supercoach.heraldsun.com.au
17 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
15 dt.adsafeprotected.com
15 content.api.news
13 match.adsrvr.org 4 redirects js.adsrvr.org
ssum-sec.casalemedia.com
eus.rubiconproject.com
13 dpm.demdex.net 1 redirects supercoach.heraldsun.com.au
ssum-sec.casalemedia.com
12 cm.g.doubleclick.net 9 redirects eus.rubiconproject.com
11 tags.news.com.au resourcesssl.newscdn.com.au
tags.tiqcdn.com
supercoach.heraldsun.com.au
10 pagead2.googlesyndication.com ad.doubleclick.net
supercoach.heraldsun.com.au
tpc.googlesyndication.com
www.googletagservices.com
10 tags.tiqcdn.com supercoach.heraldsun.com.au
tags.tiqcdn.com
9 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
9 sync-tm.everesttech.net 8 redirects ads.pubmatic.com
9 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
8 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
8 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
supercoach.heraldsun.com.au
www.googletagservices.com
7 aax-fe-sin.amazon-adsystem.com c.amazon-adsystem.com
aax-fe-sin.amazon-adsystem.com
7 ib.adnxs.com 2 redirects supercoach.heraldsun.com.au
acdn.adnxs.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
aax-fe-sin.amazon-adsystem.com
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 token.rubiconproject.com 5 redirects aax-fe-sin.amazon-adsystem.com
6 www.google.com supercoach.heraldsun.com.au
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 simage2.pubmatic.com ads.pubmatic.com
5 ups.analytics.yahoo.com 5 redirects
5 image2.pubmatic.com ads.pubmatic.com
5 www.googletagservices.com securepubads.g.doubleclick.net
pn.ybp.yahoo.com
www.googletagservices.com
s0.2mdn.net
5 pixel.adsafeprotected.com supercoach.heraldsun.com.au
5 tr.snapchat.com 1 redirects sc-static.net
5 c.amazon-adsystem.com tags.tiqcdn.com
supercoach.heraldsun.com.au
c.amazon-adsystem.com
aax-fe-sin.amazon-adsystem.com
5 www.omnycontent.com 2 redirects omny.fm
5 static.adsafeprotected.com resourcesssl.newscdn.com.au
pixel.adsafeprotected.com
supercoach.heraldsun.com.au
4 px.ads.linkedin.com 2 redirects supercoach.heraldsun.com.au
eus.rubiconproject.com
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 pixel.tapad.com 3 redirects
4 www.google.com.au supercoach.heraldsun.com.au
4 googleads.g.doubleclick.net www.googletagmanager.com
www.googleadservices.com
4 au-script.dotmetrics.net tags.news.com.au
au-script.dotmetrics.net
4 analytics.tiktok.com tags.tiqcdn.com
analytics.tiktok.com
4 www.googletagmanager.com tags.tiqcdn.com
www.googletagmanager.com
secure-ds.serving-sys.com
4 connect.facebook.net supercoach.heraldsun.com.au
connect.facebook.net
tags.tiqcdn.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
3 id5-sync.com supercoach.heraldsun.com.au
3 www.facebook.com
3 googleads4.g.doubleclick.net supercoach.heraldsun.com.au
ad.doubleclick.net
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
2 x.bidswitch.net 2 redirects
2 sync.crwdcntrl.net 1 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 gu.dyntrk.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 prebid-a.rubiconproject.com supercoach.heraldsun.com.au
2 pippio.com 1 redirects ads.pubmatic.com
2 idsync.rlcdn.com 2 redirects
2 sync.mathtag.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 sync.search.spotxchange.com 1 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 us-u.openx.net 1 redirects
2 insight.adsrvr.org js.adsrvr.org
2 static.criteo.net tags.news.com.au
supercoach.heraldsun.com.au
2 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 secure.adnxs.com 1 redirects
2 8228261.fls.doubleclick.net 1 redirects supercoach.heraldsun.com.au
2 acdn.adnxs.com supercoach.heraldsun.com.au
tags.news.com.au
2 secure-sdk.imrworldwide.com
2 metrics.heraldsun.com.au supercoach.heraldsun.com.au
tags.news.com.au
2 au.pixel.newscgp.com supercoach.heraldsun.com.au
2 analytics.twitter.com supercoach.heraldsun.com.au
2 t.co supercoach.heraldsun.com.au
2 fastlane.rubiconproject.com supercoach.heraldsun.com.au
2 geo.privacymanager.io supercoach.heraldsun.com.au
2 www.google-analytics.com www.googletagmanager.com
supercoach.heraldsun.com.au
2 ping.chartbeat.net
2 static.ads-twitter.com tags.tiqcdn.com
supercoach.heraldsun.com.au
2 sc-static.net tags.tiqcdn.com
tr.snapchat.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
supercoach.heraldsun.com.au
2 ad.doubleclick.net tags.tiqcdn.com
www.googletagservices.com
2 tips.com.au supercoach.heraldsun.com.au
2 platform.twitter.com supercoach.heraldsun.com.au
platform.twitter.com
2 fonts.gstatic.com fonts.googleapis.com
2 resourcesssl.newscdn.com.au supercoach.heraldsun.com.au
2 fonts.googleapis.com supercoach.heraldsun.com.au
1 ade.googlesyndication.com
1 odr.mookie1.com
1 image4.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 cms.quantserve.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 beap-bc.yahoo.com cdn.js7k.com
1 aax.amazon-adsystem.com supercoach.heraldsun.com.au
1 cdn.indexww.com ssum-sec.casalemedia.com
1 id.rlcdn.com 1 redirects
1 s.yimg.com aax-fe-sin.amazon-adsystem.com
1 cdn.js7k.com pn.ybp.yahoo.com
1 pn.ybp.yahoo.com aax-fe-sin.amazon-adsystem.com
1 beacon-sin1.rubiconproject.com aax-fe-sin.amazon-adsystem.com
1 js-sec.indexww.com tags.news.com.au
1 um.simpli.fi ads.pubmatic.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 sync.1rx.io
1 pixel-us-east.rubiconproject.com 1 redirects
1 trc.taboola.com
1 check.analytics.rlcdn.com supercoach.heraldsun.com.au
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 stags.bluekai.com 1 redirects
1 lm.serving-sys.com secure-ds.serving-sys.com
1 tags.bluekai.com 1 redirects
1 22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com.au securepubads.g.doubleclick.net
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com
1 www.googleadservices.com secure-ds.serving-sys.com
1 snap.licdn.com supercoach.heraldsun.com.au
1 edge.adobedc.net supercoach.heraldsun.com.au
1 y6vdtbezmcosf0en7rera5gnmoy4v1677108358.nuid.imrworldwide.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 alb.reddit.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 rm-script.dotmetrics.net
1 udc-neb.kampyle.com
1 lb.eu-1-id5-sync.com supercoach.heraldsun.com.au
1 hbopenbid.pubmatic.com supercoach.heraldsun.com.au
1 htlb.casalemedia.com supercoach.heraldsun.com.au
1 bidder.criteo.com supercoach.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com supercoach.heraldsun.com.au
1 api.rlcdn.com supercoach.heraldsun.com.au
1 ncg.tags.news.com.au au.tags.newscgp.com
1 cdn.jsdelivr.net supercoach.heraldsun.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 o479328.ingest.sentry.io omny.fm
1 www.redditstatic.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 syndication.twitter.com platform.twitter.com
1 assets.vidora.com resourcesssl.newscdn.com.au
1 players.brightcove.net resourcesssl.newscdn.com.au
1 pubads.g.doubleclick.net supercoach.heraldsun.com.au
1 www.news.com.au supercoach.heraldsun.com.au
0 uipglob.semasio.net Failed ads.pubmatic.com
0 c1.adform.net Failed ads.pubmatic.com
0 ad.turn.com Failed ssum-sec.casalemedia.com
0 d.turn.com Failed
456 162
Subject Issuer Validity Valid
supercoach.heraldsun.com.au
Amazon		 2022-11-02 -
2023-12-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-15 -
2024-01-14		 a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-07-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.vidora.com
Amazon		 2023-01-11 -
2024-02-09		 a year crt.sh
tips.com.au
Amazon		 2022-11-17 -
2023-12-17		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
omny.fm
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
secure-ds.serving-sys.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-12-26 -
2024-01-23		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-11-17		 9 months crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.brandmetrics.com
GTS CA 1P5		 2023-01-12 -
2023-04-12		 3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-15		 6 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2022-12-15 -
2024-01-15		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.ingest.sentry.io
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
omnycontent.com
Amazon		 2022-04-02 -
2023-05-01		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-05-27		 4 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M02		 2023-02-03 -
2023-05-24		 4 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-14		 6 months crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M01		 2023-02-13 -
2023-05-08		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
aax-fe-sin.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-08 -
2023-05-10		 3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-19 -
2023-03-08		 2 months crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh

This page contains 60 frames:

Primary Page: https://supercoach.heraldsun.com.au/
Frame ID: 933018BB72AA74EBC7A8A1B9201B9694
Requests: 219 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsupercoach.heraldsun.com.au
Frame ID: 756499F78CA70B7882A0C5EF3CF0AE51
Requests: 2 HTTP requests in this frame

Frame: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Frame ID: BA9B6EAB7608C2A7D42731FF057801C9
Requests: 28 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 151400273F40670BF346AF3CB0BDA12D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=4dd63809-64d7-47eb-8c17-1b1e3ac5bd62&u_scsid=afedab2d-623b-489a-bbd8-3a756230c994&u_sclid=82a4fa50-5205-4ce8-819f-d74357ddf8ba
Frame ID: F4B0C5CEB9F31E2E3D05FACA32BF1649
Requests: 2 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 61A80DFBB378B8459322341F889372C5
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 18484CDE9179AD2B190255DE654B0DB8
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 5B4F0D4A6A731DC66C29164576DEBC6E
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1677055474946&pnid=140&pcid=6ee82581-78ce-4536-97c9-0cc14e785ed4
Frame ID: 2B1DA4727ACF557ABE847B899828B10A
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: C497F6D55A207DAC3DE648483F0B3760
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 99F00BE7163F3B429B7A02BD4142B8E9
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: C5591A00E24CA5898A1515365F9782BE
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 675945249BE3438A16E75901DC6B3171
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 0F1917561860C6C6FE159F3B878ACD5E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 0610639D0F9DA9DC65BC8F53668C8DED
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254
Frame ID: E9827A719A66E96A2BDF17BBE861D649
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 7C42F0263F2B4942B4351F05FEC693D0
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 6B861397B64ECA41C7AA12532B9928AF
Requests: 4 HTTP requests in this frame

Frame: https://22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A24953A12F6EF2D1F67A6639B1974F0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 9CD39B06FE8B0ECD519247BEAFEF0C92
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 1B5F9406AFDBE3CB2F219BCD004B732E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 75FDBA488C9F6D2D69A4FBCFB6EBF340
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 7FF912FF5790B9D9978091038C3B1FF5
Requests: 10 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: BF8879681C3D02566643EBFD2BD7012C
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 9B0669EC4A251D633E8E71348807E218
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumA75e24fECjfW_M05exGOcftAWQFWkXf05cU4d-xkuSYll_tA_IXJQvc7Uj4Zg5cWps6fAR2rCYozsGoHOS_B05CgHYxjt-7_PUXGygy_qIG2X37JaeTcB8ArrO7jckaFpYiJjFMeuLWGwR2s574zQlWeVUNdIM4KLv3Rrmfs_Wup8hyjHCnkwzB0Kji3KjBRfemLBMcbVzd8FEb8atIkZNNvVb0gkcIJ20FlQZFgtaVwjEfYjOiayvqKDV9i33Etogw6N2zjKjA6jlO8oIQcSuFslXpep3x2Zv-Nk2eAu2505cy5m3-8tkY1x5pUN3PHMsJJ2tDHdMwDjJSIkwRH_arQz8aCxrhifMw-5sarL4dNuz8H9tEOLQ&sai=AMfl-YRmO8PWafdionCVOHN2ZjwWGusvFWQ2HIKeML5HmNGySkki6fR9ZyzcMxz2Y6Ir8xQewBQRXAFW3Vj2ONj81ezHf_5gFtHV93WG26M2_Cngl5z4f4s7uRaYlxnCPnI&sig=Cg0ArKJSzFMR1WFyZra1EAE&uach_m=[UACH]&adurl=
Frame ID: 32FDCD534F2CC92D198ED80375BEC118
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5Ii0IldHuQXwC-lYq3XdjBgbj-mShhu8xUyH4b9fPNVpfyzxet-JQNgH9Q28JnfqjnsDvfKSxJlUFLcFhu2_dRzHOw-VAAFKX6I8_arfoZzbb51dmJtJ6TSa6A6UWCp3fCOD3KsWb1H2lIRHC1v6n2N8NIdkZFcvOtM-QWh_jtutWG0jwST8hPuAtYh8VdzgJmOJEULeebBuqmKH8gd_4Na1dxitNPjMQcSMqhJ6XHQk633RA7bVKJBXK-hWqzmKvP1Cik6VNHMjGiGsxvAnKjdwh4s29hR2ZwymxfTCsOf-vAO8-xr_dtgQuKV5nui3t7Vv5wMXbU2rLwAyg9sPU5u86Y8--StrPAg_jlrEhojgS7zGJAyMcU1lY-Q&sai=AMfl-YTCkVQV_YoqzQ4QKN-t0pVPZJTcL1hpLBS2WYjg8zOnxhGozp8FQYRiaU7_DjmhA9IAUojF-OfoxAdeATZTQtcD1d0jWg8APUdLRPBc8V49QAyW3c82w8J-qTxiqMY&sig=Cg0ArKJSzM7fLouj64j3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E8FFEA43F9F8281B3AF70A2D79F6A222
Requests: 7 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
Frame ID: D0C5033028EB8014F647C9F049D785B7
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 24C545B9033DBAEC8534323A3C75651B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
Frame ID: F1FCAB92A35E264EDA39014849C6A14D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
Frame ID: 47F2ABEA655797D46F3ED5C0C7A4B97E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
Frame ID: B15204C19D253066C50F31C52305B58A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 364B3C94166D62697CE302E1BCE6F0FF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
Frame ID: 578DDA0336A5595FD65BBE17C51358F4
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=
Frame ID: 1C51117502D9EAC6BF7313A0C14F897D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1c863f6-a489-4e00-a619-888cbd7452d3&gdpr=0&gdpr_consent=
Frame ID: 9CC6C0C54A84A282AB12A034B743A5D3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 88530B4310A016955FAE68A0808394AA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID903B7E43-C2B2-4D66-B2CB-DCCD52297D7C
Frame ID: 6A7BF7FF4E57D20B24970B61052435B1
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=5188567880&chanId=21942072462&placementId=6085339805&pubCreative=138400684317&pubOrder=3064375127&cb=1575262712&custom=index&custom3=21851376062&adsafe_par&impId=48ca9740-b308-11ed-a508-02aa41dfc264
Frame ID: 26FDC3B736D43A21F74E92A4CC74E29F
Requests: 2 HTTP requests in this frame

Frame: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Frame ID: 5C8A2F6E156B6E05CE8648FD1E56C808
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00943CDC5795AB12ABF1273FA2CA43AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86B18932DC241CCAEB8C8D3A72C4497B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138421800276&pubOrder=2553375348&cb=1434921723&custom=index&custom3=21851376062&adsafe_par&impId=48ca973f-b308-11ed-a508-02aa41dfc264
Frame ID: D830615B94390EEFF3D098D9E65BF5F1
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 66D36C78679E4DF3D25EB11BAFAF4693
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 61C3C96858E63ECDB73BD8721FE99CCA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 02AE4894995314E1C260703BB50C8FD9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 7AEE42E28CEC44EEB7D467EA4E7C0AE8
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D7DBF5C3210F059E515053D257BBE832
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EBEF3A6477CD835D073D338657DBC86E
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Frame ID: 67F71871492B8D1AD6A32B0F357DFA53
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0E6C573D2FDE5171E102BDAF14FB6654
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Frame ID: B353C89C14236D6C3A87687FA42FA198
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 209E1619FF3416FA0DB3CF5FCE78A4CF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
Frame ID: 73AB03EA5CADEAEE16D29E7E7A4821EA
Requests: 17 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z228orvah69
Frame ID: 073716CE5C64659219C3D7807F5C1BDB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3716421066496071668&gdpr=0&gdpr_consent=
Frame ID: F82413DDD0D2EA63EADDEC83DCDB3553
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xrXvSZGysRrds79Lw7OkS8e0v0vdsb8ekrJsmMW7
Frame ID: 2726403EFD751C9EF0F174D5AB4A3907
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1557805A0FD1C8CF232A41F25979D5CA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qlo1aeCDAi-gXgcZjqT2Yw
Frame ID: B3A95EDE41964C96793535F9399C2CBE
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 15AAD68A4DE396C5C0D8D07E0647E50F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Herald Sun KFC SuperCoach

Page URL History Show full URLs

  1. http://supercoach.heraldsun.com.au/ HTTP 301
    https://supercoach.heraldsun.com.au/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

456
Requests

88 %
HTTPS

0 %
IPv6

93
Domains

162
Subdomains

123
IPs

9
Countries

7726 kB
Transfer

24287 kB
Size

140
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://supercoach.heraldsun.com.au/ HTTP 301
    https://supercoach.heraldsun.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4b09-8c70-ac2a00524b91&size=medium HTTP 302
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
Request Chain 89
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4b09-8c70-ac2a00524b91&size=thumbnail HTTP 302
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
Request Chain 133
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108357046 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108357046
Request Chain 205
  • https://cm.everesttech.net/cm/dd?d_uuid=24864091870457534263326627074444930026 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-akhwAAADsqkAN9
Request Chain 213
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 217
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1677108358830&u_scsid=ce011f3d-121c-4f1f-92de-2b6e967020b8&u_sclid=ae5c2ef7-b150-4fca-9a32-5ff5764e75a2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677055474946%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677055474946%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1677055474946&pnid=140&pcid=6ee82581-78ce-4536-97c9-0cc14e785ed4
Request Chain 221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3716421066496071668
Request Chain 226
  • https://token.rubiconproject.com/token?pid=6404&puid=24864091870457534263326627074444930026&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGB0JLT-G-DPD?gdpr=0
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjQ4NjQwOTE4NzA0NTc1MzQyNjMzMjY2MjcwNzQ0NDQ5MzAwMjY= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAJ3ZyHiuI8O2iGDgATyXJw&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 228
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=c1bb5659-86dd-4534-b6ac-f3c582eac470
Request Chain 236
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254
Request Chain 241
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697
Request Chain 244
  • https://dt.scanscout.com/ssframework/uid?UIAA=24864091870457534263326627074444930026&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0be81a86c8bd33659032bd6292cd5417
Request Chain 245
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=24864091870457534263326627074444930026&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=24864091870457534263326627074444930026&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 247
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=24864091870457534263326627074444930026 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24864091870457534263326627074444930026
Request Chain 249
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1677108360016%26url%3Dhttps%253A%252F%252Fsupercoach.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
Request Chain 256
  • https://tags.bluekai.com/site/43981?id=24864091870457534263326627074444930026&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 263
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1ha2h3QUFBRHNxa0FOOQ==
Request Chain 269
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-akhwAAADsqkAN9&expires=90
Request Chain 271
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-akhwAAADsqkAN9
Request Chain 277
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y-akhwAAADsqkAN9
Request Chain 281
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-akhwAAADsqkAN9 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-akhwAAADsqkAN9
Request Chain 292
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-akhwAAADsqkAN9
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YzFiYjU2NTktODZkZC00NTM0LWI2YWMtZjNjNTgyZWFjNDcw&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
Request Chain 295
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
Request Chain 297
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YzFiYjU2NTktODZkZC00NTM0LWI2YWMtZjNjNTgyZWFjNDcw&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
Request Chain 299
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 301
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-akhwAAADsqkAN9&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-akhwAAADsqkAN9&img=1&__user_check__=1&sync_id=450050da-b308-11ed-8b3c-1682dc250407
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_akh5Yzh6T3zdtwG7umwAAAElkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKk7mCy2q51jUTyWuBFD8Fw&google_cver=1
Request Chain 307
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-akh5Yzh6T3zdtwG7umwAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMAbB38vL9HdoznKTmGDPR8&google_cver=1
Request Chain 308
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=fpU-dTwnwsu6ogjH_RDJ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2ZTQKUWWIVDXNZ3XG5JWN5TWUSC7KJCEU HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2ZTQKUWWIVDXNZ3XG5JWN5TWUSC7KJCEU HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=fpU-dTwnwsu6ogjH_RDJ
Request Chain 309
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f316238e-7a8d-c3f7-37e8ffa1
Request Chain 313
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-akhwAAADsqkAN9&t=2592000&o=0
Request Chain 317
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LEGB0JLT-G-DPD HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LEGB0JLT-G-DPD&ex=d-rubiconproject.com&status=ok
Request Chain 321
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGB0JLT-G-DPD
Request Chain 322
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vgIQ_BEeo9cMHiCeQPspGw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EuaKp0xE2oJxsRMjI_q5095srMaCPLz6bViQuw--~A
Request Chain 323
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQjBKTFQtRy1EUEQ=
Request Chain 325
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfMrtZICxyV0EA2Y6YK0nc&google_cver=1
Request Chain 326
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MI2MrWdbSkiUzT06M1ujHQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MI2MrWdbSkiUzT06M1ujHQ
Request Chain 327
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTg2ZDU5ZTUzYzQzZTc3ZTQwZTRiNTRhNDE2MzNiMzg1ZTg0MTZmZQ
Request Chain 329
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1c863f6-a489-4e00-a619-888cbd7452d3&gdpr=0&gdpr_consent=
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kDt-Q8KyTWayy9zNUil9fA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 333
  • https://idsync.rlcdn.com/420486.gif?partner_uid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkwM0I3RTQzLUMyQjItNEQ2Ni1CMkNCLURDQ0Q1MjI5N0Q3QxAAGg0IicnanwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5dc4d688b874fbf85ddb6d90f1384469975e0c94ec8eca53bb884ae422522ada791426b5417dce21&_=2 HTTP 307
  • https://pippio.com/api/liveramp.com
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTAzQjdFNDMtQzJCMi00RDY2LUIyQ0ItRENDRDUyMjk3RDdD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 336
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDN6o11hFvUC45YuT7nbyYg&google_cver=1
Request Chain 371
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3716421066496071668
Request Chain 372
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f1c863f6-a489-4e00-a619-888cbd7452d3
Request Chain 373
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABAZ07H7UkAACBTFEc84g&expiration=1678317963
Request Chain 375
  • https://id.rlcdn.com/711587.gif HTTP 307
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Request Chain 377
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07010010_63f6a48af28d7&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07010010_63f6a48af28d7
Request Chain 431
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z228orvah69
Request Chain 432
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3716421066496071668&gdpr=0&gdpr_consent=
Request Chain 433
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xrXvSZGysRrds79Lw7OkS8e0v0vdsb8ekrJsmMW7
Request Chain 434
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 435
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qlo1aeCDAi-gXgcZjqT2Yw
Request Chain 437
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=&ct=y
Request Chain 438
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ee82581-78ce-4536-97c9-0cc14e785ed4%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c1bb5659-86dd-4534-b6ac-f3c582eac470&ttd_puid=6ee82581-78ce-4536-97c9-0cc14e785ed4%2C%2C
Request Chain 439
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=
Request Chain 440
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EF5_d_RE2uUk8khEnDgl5Qk1QVGbgwc-~A&gdpr=0
Request Chain 442
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6826ffa9-5cda-4765-9def-03083d2d9199&ssp=pubmatic&gdpr=0&gdpr_consent=

456 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
supercoach.heraldsun.com.au/
Redirect Chain
  • http://supercoach.heraldsun.com.au/
  • https://supercoach.heraldsun.com.au/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
f65a324b2e4003515de55535f4a6b4f2e1e0160fd479510c6fbd51d63961c738
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1
cache-control
max-age=60
content-encoding
gzip
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-type
text/html
date
Wed, 22 Feb 2023 23:25:49 GMT
etag
W/"5e2148961a5d04a47f4d61779d0aacc2"
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-id
rAcTWjHIdydCeTZe3MdCELvxSm7nhvBGCgB2SGosIHyZe-WQsWB1CQ==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-xss-protection
1

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 22 Feb 2023 23:25:49 GMT
Location
https://supercoach.heraldsun.com.au/
Server
CloudFront
Via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xb-UFqOA-dxtSXSQ0vHQavxjTEULFgO85feMPJX-ALVPaHT2roPc1Q==
X-Amz-Cf-Pop
SIN2-P2
X-Cache
Redirect from cloudfront
icon
fonts.googleapis.com/ 		569 B
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 23:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 23:25:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 23:25:50 GMT
css
fonts.googleapis.com/ 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 23:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 23:14:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 23:25:50 GMT
rampart.js
www.news.com.au/remote/identity/rampart/latest/ 		282 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.news.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4468d08891fca625d4051ab4e7a33725527fe4174864c8c6866c93a88defe88a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Wed, 22 Feb 2023 23:25:50 GMT
server
AkamaiNetStorage
etag
"af816b6ce032f3422eee490ee10544a4:1674101957.670601"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.news.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=522
is-https
true
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 22 Feb 2023 23:34:32 GMT
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5fa179bb6a43d208de3a3fcfb289e117067e152f9c6fcbd5b68a1187ea2210d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:51 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:58:47 GMT
server
AkamaiNetStorage
etag
"04ef17c5d2039f3cd562d15716bd1bce:1676865527.006617"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1552
expires
Wed, 22 Feb 2023 23:30:51 GMT
player.css
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		287 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.css
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
830bf311604c3303fa7726756aa6ea1a96ceedc07f5e77ab0d54d16fdcab8c97

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:52 GMT
content-encoding
gzip
x-amz-request-id
6M5NBXFTV94KNJ35
x-amz-server-side-encryption
AES256
content-length
47624
x-amz-id-2
EY8tCP407gUSTY/KSIRFv9+sJSRGK/bpLPMs/aCtAq7JBjKOLesSJbAmuFYkbJ81+b5Ip1Uc20A=
last-modified
Wed, 15 Feb 2023 03:25:31 GMT
server
AmazonS3
etag
"aacf3bf633e23d993f6c54e09a9b2ca5"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1799
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:55:51 GMT
styles.7daf0f9e4a716e60.css
supercoach.heraldsun.com.au/ 		1 MB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
56963003b01734c810ca2aa6ac651871f418a1d54461f06a60bd7010b2bd8aa3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:36 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64636
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"265248b2d69f61a8c7779c6706cb2a8a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
18gnmOK_ybYQYYTBq1RgCv-IWKVRO0oJyGsCPOuuXUsrwHuf7md7ZQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
78e5eef5a4c0897721038a13810d3a39cc3779c2f308de609cd34823a90bf0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 23:25:51 GMT
content-md5
mnr6nrGxlnT7EzbzSAdSrw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
AK5mK3QWHAk0VMiQOnP8OCROWGATRu8AIkFbwN25V//MyI8NKwLDPySPv2zX7MMAb2J16xyEo0YGvXjvzfMu/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
x-fb-content-md5
8fa1aa002ad663802bf73f2c47902b37
cross-origin-opener-policy
same-origin-allow-popups
etag
"8df8014464917a75095d27222c9971a1"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Feb 2023 23:42:12 GMT
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=64f165777d90253cf5a0a22d3b8fa50c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
9f4e0d95d076668b9a5b15c8dcad8de90867decce2e5acf9a1020d8b6e86a1cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 23:25:52 GMT
content-md5
W60X4DhkCxS6r7IdU2kTJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87019
x-fb-rlafr
0
x-fb-debug
FRzaypQJHBy4bbDhP6L6Mej34TvKEvDB1jMP2UMCbbiZde5U4d37ARFy03j7VMF6wy4dgHm7HpJPwf/te6iv6w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8b396d17deb2f2840db4ed1401d7f546
cross-origin-opener-policy
same-origin-allow-popups
etag
"def60e77425349ed1f4784b42e0f7904"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 22 Feb 2024 21:30:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 11:30:23 GMT
x-content-type-options
nosniff
age
388529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Feb 2024 11:30:23 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mbw/47C4) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:25:52 GMT
Content-Encoding
gzip
Age
1316
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
x-amzn-internal-status
304
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (mbw/47C4)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		440 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d6d86d147ad21764c3b7567678f063a1fe48b5fbed5feb4d2c87932ec2c5cad6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:52 GMT
content-encoding
gzip
x-amz-request-id
JX9A1RRX74A27BV0
x-amz-server-side-encryption
AES256
content-length
98477
x-amz-id-2
FAZdceQPT+FE1mywf0yQSb3fQSlrPhemOZ8Lhh4VD9331uuyWnU/JAVPfmrpk0yoZ+DmhBwaEQI=
last-modified
Wed, 15 Feb 2023 03:25:32 GMT
server
AmazonS3
etag
"1f865b7f1bd2a957a4fc4a3013a2ad55"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1192
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:45:44 GMT
DFPAudiencePixel;ord=9842693463365124;dc_seg=7434215122
pubads.g.doubleclick.net/activity;dc_iu=/5129/ 		42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/5129/DFPAudiencePixel;ord=9842693463365124;dc_seg=7434215122?
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runtime.add52d8e9de2b86c.js
supercoach.heraldsun.com.au/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/runtime.add52d8e9de2b86c.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
c12518607dd5c7393565336721a3c04e1b735d2f53b01b367ee705fa17db006a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64789
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"5cd4ace6ca44939492fee5108bffbba4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
ME3S_0fQJJAjVdLkD9w8-AbA_x823Iha0EAz6R8z_tvehquPaoCyPQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
polyfills.0934b4cf86f77af5.js
supercoach.heraldsun.com.au/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
ba2e5178a90693f8371e7b9989bb699c649d1f33bef2ceb6dd67c8118813e7a7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64641
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"7411d8e653dd27593fc211e6883aba87"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
Doy6ynHetKxPWavja_6YrEHjWEJRYHCgbecS2QlcSwxGzzIqFmskbA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
scripts.75a156d632c94d99.js
supercoach.heraldsun.com.au/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/scripts.75a156d632c94d99.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
21253b645972db8c8f07eab412d7bc2ec0de10a81144d544e340879822b4d35d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64641
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"5f6e41ab62a78441d673d53902657a33"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
BPcIEnreywf5D_eOApaNmCXP7_uzr_GYi1VxpaMjQ6vTo3ExlQSJzg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
vendor.67e707c093d4cf0f.js
supercoach.heraldsun.com.au/ 		3 MB
796 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
b27c0bd61116f98e23e6d181ff31043cbba1f5e2c8c0cbfa4b8fb350f9e11650
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64641
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"788c3eb5c6c58841c197a13b9dad7c4e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
3DJ8wlfggaIFJJEFRo-nWT5L6VOWlRWdZpiBE_OdbvLT7vplD4TuOQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
main.693938e49c49fd47.js
supercoach.heraldsun.com.au/ 		2 MB
514 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/main.693938e49c49fd47.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d7d66a94efc44da1e7c2b34fa5463b6326d706548e90f9dde0f77fe0582169f1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:33 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64641
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:30 GMT
server
CloudFront
etag
W/"41edefaae3dca68350648c83ca921ae8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
cu5u4WGNPq90qzwtQJqssz9F5D1Y3juf--Neoc1smkMXVhopwANWTA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
index.min.js
players.brightcove.net/5348771529001/938M1Zecs_default/ 		931 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
PeOMqIIQk0AX.dt12S5B9WegUKTCIoLY
Content-Encoding
gzip
Date
Wed, 22 Feb 2023 23:25:53 GMT
x-amz-request-id
J7991XX78DNEHM3R
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
255199
x-amz-id-2
usFIX+NXRI8NldrIR2lAvW8Zia+ovTCv6hlf3hhlzoJRZQjvLdhge4jh5et1kERL7B8jlBGg7Ao=
X-BCOV-Response-Mode
1
X-Served-By
cache-qpg1228-QPG
Last-Modified
Mon, 18 Jul 2022 05:27:06 GMT
Server
AmazonS3
X-Timer
S1665744414.270841,VS0,VE1
ETag
"ee60f1c90237e0fc32d8071fe73d0e86"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=225
Accept-Ranges
bytes
X-Cache-Hits
1
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:53 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=19181
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 01:04:52 GMT
x-amz-cf-pop
MRS52-P1
age
80463
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
1xSWwe4KNosBXY5t7WMgEPAjWUb998tP-LfEM6QppcVMFUdAjhZS_g==
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-33.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:02:50 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
age
80584
x-amz-cf-id
5sXPNSbiuR6HOzc06vxzLZTIZw10XVrhnZ1hgKXlySIgXw7J1seodg==
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 7564 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsupercoach.heraldsun.com.au
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mbw/47C6) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2511751
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 23:25:54 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mbw/47C6)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
settings
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
28d3c4990c5bb406c545ecdb67410f4216f47fd67c8bc62532fdad5adc307efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:54 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
Sdqmn18Usu8bbcRdsFIiNjmDf8sqxwom_i0OMB9gsTLtvPclmDsjbg==
settings
supercoach.heraldsun.com.au/2023/api/afl/draft/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/draft/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
0ff9ef6b85bd1143ab294e2837bf1363e938de5869971280e1858140cc9966cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:54 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
13nhKSMnpEobpLV3Ezme5BGGYVWv1VRLLqb6i6ypp5w4S4492uG3WQ==
settings
tips.com.au/2023/api/afl/tipping/v1/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tips.com.au/2023/api/afl/tipping/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-8.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
063c160558a5e2371f6c9c997695773937c868bcfe24c863851e8384b25f5813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:55 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
Da7WLjIfQzbO8tpAIFTQ8Ky_KQYXxSGbvbTmcDRGeeXzbapNn_ewvg==
settings
supercoach.heraldsun.com.au/2023/api/nrl/classic/v1/ 		14 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/nrl/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
98addbe891312888a794d312286b44b4551eb9d349c8ec621ba40c7c233cd45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:54 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
bShH2EP20bHC8t-rY8Wjav-deBfdJB6wzQkwOohQaeM6L3NLMHfyxA==
settings
supercoach.heraldsun.com.au/2023/api/nrl/draft/v1/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/nrl/draft/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
c75ea671538d44847b052d7799de9a7b1333294174733b8139495faed6e67108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:54 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
sAfQtqTjZwPLZ-NJDTzG86PrFmYZvV2NCrzv9BlSEwJHCjlZO8qObA==
settings
tips.com.au/2023/api/nrl/tipping/v1/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tips.com.au/2023/api/nrl/tipping/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-8.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
8fc6970335c9c9c3ee415b6ceb954a1ee2fbfea9a70807433b9db4594882af9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:55 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
BZ3pAaHBE3FIJXa4UEH4wE9oit6j0DGYXPOzVUbkdlb4JRRXCuXZ8Q==
settings
supercoach.heraldsun.com.au/2022/api/bbl/classic/v1/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2022/api/bbl/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
05333b8f52718aca57dbe28e6b2956fd2840b6d60ce7d57aca4b096ad4cdaa27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:54 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
GvOnPTCobUEwlMQaNNNWDZvytXLdfkSpApMjEQq8hpQRiP-S-8JgHQ==
settings
supercoach.heraldsun.com.au/2021/api/racing/classic/v1/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2021/api/racing/classic/v1/settings?min=false
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
4daa16a8baa1863d649ad0e3569a2ea5c3ef5584601ca8544eff030fb9c2cb29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:54 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
access-control-allow-headers
authorization, content-type
x-amz-cf-id
ENdlyVz9Wl-CaiQxv7XVoBrTREDoVbv9iCFdB0adzHC8dCofB6QOqA==
settings
syndication.twitter.com/ Frame 7564 		920 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=db9d19cb1b5ddb6aa0f3898a4e29548af21ef293
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fsupercoach.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
0e6809406e07c770b85da35a4faf706f8750b5db94cdc475aa4dfa79033f80eb
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
148
date
Wed, 22 Feb 2023 23:25:54 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 22 Feb 2023 23:25:55 GMT
server
tsa_l
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
2c171b88a3ba3a8a
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
bf9fa946d8f4008ddfcadd6ed320098cb6b4a7f9987955db0829ad9d9d82b94d
content-length
327
header_logo.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		25 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/header_logo.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
7d7b30f197a9b1808a59410e51c0bf4e0924790b73606c5b54dc537d536a7361
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64637
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"57d655e5ef836e892be79febc2b53232"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
hcIDVgaad666HNTQ_L3r8rJHSlrity80A-bo7cCgYuretJCZ-jrmoA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
real_fixture
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/real_fixture?round=1&page=1&page_size=9998
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
92f64f8f0ea9ef0c2d74b7cd8c9843fc0b3303c9552793f0d7da34f40bcda244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:19 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
36
x-cache
Hit from cloudfront
server
nginx
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
link
access-control-allow-headers
authorization, content-type
x-amz-cf-id
Qm5NjYWmRX6LF0Z-o4nX9JR6E_0Hyu13zcTgBL9eYmNyWbjcNv9eQA==
players
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/players?round=0&embed=notes,odds,player_stats,positions&xredir=1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:55 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
pragma
no-cache
server
nginx
content-type
text/html; charset=UTF-8
x-vm-location
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/players-cf?embed=notes%2Codds%2Cplayer_stats%2Cpositions&round=0&xredir=1
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
must-revalidate, no-cache, no-store, private
access-control-allow-headers
authorization, content-type
x-amz-cf-id
39UADv3o4f11EUzLVmKdMv0I0G30GFDmhz6nNAfE3Lohk8TULIdgCg==
angle_down_icon.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/angle_down_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d1d9996adf227409e389ca01edbee915547f33a9765e24cf542a259e25210cd2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64413
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"0d21df6946b64bcfd5a26d6726be3e1f"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
CGezUuh64-_jbBjZyBHJo39O7Klz0Vl0UMJ5vRGR4srfcOPXrmaG2w==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing.jpg
supercoach.heraldsun.com.au/assets/sites/news/lobby/images/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/lobby/images/landing.jpg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
8ec974f98a68710a1f33994e4b94ce7b131097a5adf24baf9d669577b133a384
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
56167
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
135805
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"08d2c02a29371b9ae9063e68ffcaf88a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
3ys_d6lbc3mwAFLYaTlX9hMt5e5x-W_CY3WeTo0gcQXJeM2PhjvpjQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 02:20:09 GMT
x-content-type-options
nosniff
age
507946
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 02:20:09 GMT
ba57388c3d44b87341dc5e49c4cb78ad
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/ba57388c3d44b87341dc5e49c4cb78ad?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
f44eca878798a90210611d9451d6b3a91526aa26dff5ca7dddb40654ba949caf

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
ba57388c3d44b87341dc5e49c4cb78ad
x-cache
Hit from cloudfront
x-amzn-requestid
8d9549ef-d0e8-44c5-9922-4b23cb6336cb
x-newsapi-timestamp
2023-02-22T23:25:56.264994Z[UTC]
x-newsapi-traceid
59b93f744a7a1674
x-amz-apigw-id
Aw6ktEP1SwMFSwQ=
content-length
6596
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
17
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:56 GMT
x-amz-cf-id
DsMm2yTP0_3SFUyCsuF6YjjV4SlphtG26sIr9HNsLa_aRWAIYRC2Yw==
expires
Wed, 22 Feb 2023 23:25:56 GMT
20be9908486ec37075f8ee7d11944ac5
d32guktqcrn2b4.cloudfront.net/v3/collections/ 		326 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/collections/20be9908486ec37075f8ee7d11944ac5?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
181fa83a06680650c0e2b20baefdb54f98d542cee596bbdd4cb1da88c71a6527

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
20be9908486ec37075f8ee7d11944ac5
x-cache
Hit from cloudfront
x-amzn-requestid
f5a30385-fd74-4b9c-ba5c-92e9af020168
x-newsapi-timestamp
2023-02-22T23:25:56.395220Z[UTC]
x-newsapi-traceid
9f99e81b1f74812d
x-amz-apigw-id
Aw6krEyBywMFrlg=
content-length
19550
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
291
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:56 GMT
x-amz-cf-id
iox2Pz42wMnKFktJW8mlfMxyi-o-sV4aT5Z95s43utCtYJsqfFhBlw==
expires
Wed, 22 Feb 2023 23:25:56 GMT
a4fd0c1637800ad9b8e7c9222c862a9c
d32guktqcrn2b4.cloudfront.net/v3/collections/ 		367 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/collections/a4fd0c1637800ad9b8e7c9222c862a9c?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6e7f4e5b7b6fba8fe6be832513c9a2bdc4aeb6f4e37ee20bbff9c6abbb0a674f

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
KUL50-C2, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
a4fd0c1637800ad9b8e7c9222c862a9c
x-cache
Hit from cloudfront
x-amzn-requestid
fe14d1cc-e650-47e7-872b-d1b223c786cc
x-newsapi-timestamp
2023-02-22T23:25:56.397299Z[UTC]
x-newsapi-traceid
1b904ccd38cee938
x-amz-apigw-id
Aw6ktHYSSwMFaDw=
content-length
21249
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
138
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:56 GMT
x-amz-cf-id
Xv3EQ7cUijkdHaU27RMlnj_dJWjgLb4BVBUfqF0nAOq6DXiHqvk-3A==
expires
Wed, 22 Feb 2023 23:25:56 GMT
51116fb4e343ec5901e36a06bb29d8c0
d32guktqcrn2b4.cloudfront.net/v3/collections/ 		108 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/collections/51116fb4e343ec5901e36a06bb29d8c0?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b95044263f3f5e3922fc23918a43efa57b42d73c6ce374219e9b323770b3d438

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
51116fb4e343ec5901e36a06bb29d8c0
x-cache
Hit from cloudfront
x-amzn-requestid
c3d609cc-a469-483a-81c6-145ff0b4e604
x-newsapi-timestamp
2023-02-22T23:25:56.228234Z[UTC]
x-newsapi-traceid
c9c593bc40fdbdc7
x-amz-apigw-id
Aw6ksFzLSwMFbhw=
content-length
6891
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
55
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:56 GMT
x-amz-cf-id
PJS_CqRQcdv6yyweTCW1PCa6UM9If6cmiS2wH4EwAyB0iCSyqLx_sQ==
expires
Wed, 22 Feb 2023 23:25:56 GMT
check_circle_icon.svg
supercoach.heraldsun.com.au/assets/sites/common/icons/ 		662 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/common/icons/check_circle_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
ca62753320e665f9ba3578bed450c7133a325ad74057b5d9a411c005bf444ff1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
662
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:03 GMT
server
CloudFront
etag
"435255a40dfea8c77f09e6fe61c5ba10"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
tRGcCP5kRSC-xhsbAyA5yYu4DQNNJ4v9pyM6OZXn8YG8Ay3rC-XcuA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
embed
omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/ Frame BA9B 		369 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
859f7c10c87aa6293fc6f28eb7c7033b0fa3ce33f13922bba8ff7183953fe325
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
86
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=120
cf-cache-status
HIT
cf-ray
79db7bd6cc93299a-MEL
content-encoding
br
content-security-policy
default-src 'self' https://omny.fm;connect-src 'self' https: https://*.googletagmanager.com https://*.google-analytics.com;script-src 'self' https://www.google-analytics.com https://ssl.google-analytics.com https://*.googletagmanager.com https://static.cloudflareinsights.com 'sha256-6pA+OLZkWFNcDsOkbEY8B8aF2uV+AHr8J3RzrTdq8j0=' https://connect.facebook.net;style-src 'self' 'unsafe-inline';font-src 'self';img-src 'self' data: https://www.omnycontent.com https:;media-src 'self' https:;worker-src 'none';object-src 'none'
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:25:55 GMT
last-modified
Wed, 22 Feb 2023 23:22:21 GMT
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex
classic_icons.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		10 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/classic_icons.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/vendor.67e707c093d4cf0f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
c7f529f4d3725a569a24d24f4203ce0ff79d2b7ffca48a30ce7444728808fb2f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64636
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"ba4b8a5d1b58bc96087b118c5f663529"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
m7tARfKMIEnfVywDEb04FBjkeFeQ8I1b92vj0Gl3yCfPPUssgyl_xA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
facebook_icon.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		341 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/facebook_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
968c616f3fadaad9f59bf5572a74e9c94a2563d094e0f9c9f669a0ef1c6bd87e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
341
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
"9b0a0142bae6a4888d7866a8d4e5a677"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
CCLj_RRaOqcS3mcZLJtYuGuB5XsOCmF0kgwR0z9Kn5XJ7LJy_YfjKw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
twitter_icon.svg
supercoach.heraldsun.com.au/assets/sites/common/icons/ 		952 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/assets/sites/common/icons/twitter_icon.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
7772e1b342f357e35fb462355432ffdb9dfae2263b99b4addd2c1ff95f4ab7cd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:32:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
952
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:03 GMT
server
CloudFront
etag
"e2fb5def62bda5fc73d9fc8d3beb1562"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
ISnlrGFs9b-k1O3ljEMsa-MTIDB-teZelQlxUgatMqMKGfTLt4uXRQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon1.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon1.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
6e3c6e47d66f83b38e35d392575e43a35356de10f0246e001c2f7f411d0791f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
56167
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"a2c9f46b46342ba1dcf93d1d5c36b431"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
w7HGxI_JWR25oAT-otVKHP2QduGJhBdBVNgSrxUPH7wYIx9KLZDb5g==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon2.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon2.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
736c7404f183cc3f13ccd9d0ff3a1b2045a2f3dd0130014354d3327e74237a7a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
56167
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"f3d0e2c056571afc32a32cd4de7c71fb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
szmcUyKyR9568Ck8rBtQawTWADlMmQ_0KoxM4IIhox4UI2QHhbUPdg==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon3.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		10 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon3.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
5e5f8726820e9fceadb021dcfb8f22324c0c6cefa269ed8d04c8420357a6b8d0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
56167
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"f32f81999141175969e45634243c82fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
UvwBiJvuWCQLeRG6h-LEea00QH5JoCHv8IH2VngtiJ7Cpd0S_MXoCw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
landing_promoicon4.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/landing_promoicon4.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
cba86c0f026f9b8b1bccee7425c5995248755566cc59a8cc9878f520523d6961
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
56167
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:20 GMT
server
CloudFront
etag
W/"bdaa19774961b089c94ed902951cb5b5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
zVIt66wYq-_LQfexxD4YQbxXGrr-2alysiFBFuIABs8g3qYKBrtXmw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
logo.svg
supercoach.heraldsun.com.au/assets/sites/news/images/mastheads/hwt/ 		18 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/mastheads/hwt/logo.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
df86ee1ff38b797cd52103e90a8f3ae36e86e48379461bd13e3da267c0f23312
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64636
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"5a86c8eecc9b165d58ec72141173a226"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
f0TR23nlvabjWJWQTwvFwDZaV_3FYyUMubJi5iTNJ_ko8-s6Z9fH3A==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
vslogo.png
supercoach.heraldsun.com.au/assets/sites/news/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/vslogo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
1dabb10f9fbc8b4da438d3dd37af3f3202ac3184d83497536cdbaa1c12036a45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64637
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2588
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"5c250f930d84d098820ef2202e18988e"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
JpCG_vQkzu3NIgwY64vY_EzF7jt0TCDANBqFvc-2ag7hA2bKqQM-pA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
supercoach_white_logo.png
supercoach.heraldsun.com.au/assets/sites/news/images/ 		14 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/supercoach_white_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
3e4ebcd05765b7a44a22a4e5bba0c6029d2f1ff6c2866619bcc0c328af0f911e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
56167
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14634
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"0dfaa3d4beb8fc32b1880e9482a8b75d"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
45rygyl_ciP6oaCUlTY0Wy8xLx_LLVWH3lh6TzRfrg7gHEgCjqGfgA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
sc_stats_black.png
supercoach.heraldsun.com.au/assets/sites/news/images/indexPage/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/indexPage/sc_stats_black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
08424461d604369f06ece55690acc9f07d675f5433525cf544aef3e0ac48ac66
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:55 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64621
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14860
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
"000ebbe59a549eb84679141e98fe8a74"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
gkEO91Yy1fSWCeiBt4iKDTgteTvNJPjVVlihE0kx5CVXXd-pNrotZQ==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
sc_mobile_logo.png
supercoach.heraldsun.com.au/assets/sites/news/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/sc_mobile_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
a18181c6470ff5f55ef69ab926e01d6b4dac897db3e6aeb953b91fafd086dcec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 07:49:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
56167
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3303
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
"277bb156ab62350146b063db21678591"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
7VAkUyaDEvFayT6ZLGdiJV8s8f8bggorTkFcbUzLFHEJeX1EUgnoUA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
kfc_supportingpartner.png
supercoach.heraldsun.com.au/assets/sites/news/images/sponsors/kfc/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/sponsors/kfc/kfc_supportingpartner.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
523dd657c4dfc24fb3581266d122a1addd4afcf2a391002b2fb2747a7ee4c085
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64636
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6482
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"105632685eead8d368a848e08c5359c5"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
s4P3t7OQznIuiTd2Nq_s2JFDWJ40xl93X6Afh9w2r9IFaPNwYlGm5Q==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		85 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/main.693938e49c49fd47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
904533dd74f54a6def75360f7e7793fbb83762aad9097f2601895c6960e784bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:55 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:58:46 GMT
server
AkamaiNetStorage
etag
"20a5317dea9f98180753fb35038d51c5:1676865526.849671"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21834
expires
Wed, 22 Feb 2023 23:30:55 GMT
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16771083557080.8605857460752164
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
839
expires
Wed, 22 Feb 2023 23:25:55 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 22 Feb 2023 23:25:55 GMT
cache-control
max-age=41762
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:56 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Wed, 22 Feb 2023 23:25:56 GMT
utag.980.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.980.js?utv=ut4.46.201912020327
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
633481ce37a872535a865e6095f9612b179508e20e917ae63fcf9adc5f63ce16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:18 GMT
server
AkamaiNetStorage
etag
"37ebc9cecd3d8b69549cd235402265bc:1632190698.557474"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
4579
expires
Thu, 09 Mar 2023 23:25:56 GMT
cbd76663d97d6e4e.css
omny.fm/_next/static/css/ Frame BA9B 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7302d68eaa15a67a7cce67a4b5c226cdcfe546d37c56cdc21aec4e5ef5799bb2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
7246055
etag
W/"284c-184cdabc040"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdbec01299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
02a0d1f6add81187.css
omny.fm/_next/static/css/ Frame BA9B 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/css/02a0d1f6add81187.css
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf16303d01177252671bfd19187a9da327f415095570b5467131e4b4b0e607a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
5619401
etag
W/"126b-184cdabc040"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdbec02299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
webpack-85728e56876881be.js
omny.fm/_next/static/chunks/ Frame BA9B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/webpack-85728e56876881be.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e8bde2a648a9e234472ec5f1316bdd57ab22d9d89a83a36192e980075b0c32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Feb 2023 12:29:46 GMT
server
cloudflare
age
1888852
etag
W/"1206-1860cf45a90"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c41299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
framework-01abbd8e2ff6770a.js
omny.fm/_next/static/chunks/ Frame BA9B 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/framework-01abbd8e2ff6770a.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1b9f18cee0738c081464e9e858b9233873af009dbd436d3abae9371440c103

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
5476423
etag
W/"22704-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c44299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main-022e8259ff483e04.js
omny.fm/_next/static/chunks/ Frame BA9B 		117 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/main-022e8259ff483e04.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a20fd1d9704b066c532b34dabb78d00d163b8b701a16c5c83bce2f972a65a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 09:46:14 GMT
server
cloudflare
age
3628307
etag
W/"1d26b-185a55f7270"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c45299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_app-f21101dfdff87f8e.js
omny.fm/_next/static/chunks/pages/ Frame BA9B 		427 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/_app-f21101dfdff87f8e.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67af5d26be860bfcb6d7db018155f558ff1dedaeafa98aca97e7042ca15924c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:40 GMT
server
cloudflare
age
168816
etag
W/"6acac-1867397e5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c47299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
672-8e87d114cbd038ad.js
omny.fm/_next/static/chunks/ Frame BA9B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/672-8e87d114cbd038ad.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56409900ffa5c01279fcfe9f156fe2aae0c9de26e10a39bb3b6c666826eea12e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 15:00:24 GMT
server
cloudflare
age
5607868
etag
W/"21cd-184ed1a2340"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c4a299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8173-9ec53d9d4d3ec5eb.js
omny.fm/_next/static/chunks/ Frame BA9B 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8173-9ec53d9d4d3ec5eb.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db93ff8f6e0112424b4ace4a4b7688ac223517a4cf12e36bc8cac5edae07c38

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Jan 2023 10:39:26 GMT
server
cloudflare
age
3713414
etag
W/"f387-185a069cb30"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c4b299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1063-71b1355aace49f2e.js
omny.fm/_next/static/chunks/ Frame BA9B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/1063-71b1355aace49f2e.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdba86a2301573400c8eaaaf90d7660e27234413118c39b3618e8572c25c562f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
7246055
etag
W/"1e9b-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c4c299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
9586-a98a161b5c678d14.js
omny.fm/_next/static/chunks/ Frame BA9B 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/9586-a98a161b5c678d14.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abf66584a146abcfa0a1635ede00e0dfce3844c436628a7edbb924bbb2d67a5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 15:35:50 GMT
server
cloudflare
age
1791180
etag
W/"e732-18612c50ff0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc0c4d299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
4072-2a051f3414b93e3d.js
omny.fm/_next/static/chunks/ Frame BA9B 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/4072-2a051f3414b93e3d.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1484780c45d02ababcf072d136c2129f9406905d2e6e616746271b8ee0f257f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 15:00:24 GMT
server
cloudflare
age
6655696
etag
W/"10870-184ed1a2340"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7cd7299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
28-fc8d6921275b7a48.js
omny.fm/_next/static/chunks/ Frame BA9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/28-fc8d6921275b7a48.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a143ca1ac0ac1866eb1e1532bbb7835b0b8597fa370fcf0283a6f3a21f67428

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
5608091
etag
W/"d51-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7cd9299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5320-f6d3b53d0eddf70b.js
omny.fm/_next/static/chunks/ Frame BA9B 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/5320-f6d3b53d0eddf70b.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d568103e057eac05bc2f99b84bd3a783ea711059bd9e0056ec6af9f5c2461cec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 17:03:18 GMT
server
cloudflare
age
1536483
etag
W/"2947-185a6ef97f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7cda299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8346-0de19e1aa8527fbb.js
omny.fm/_next/static/chunks/ Frame BA9B 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8346-0de19e1aa8527fbb.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6deeefb6cafea5221f3f64d75ce76e36959d58a55fea1515e216f7a42de4267

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:36 GMT
server
cloudflare
age
7246055
etag
W/"4d78-184cdabc040"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7cdb299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
8214-e86c5c24d6f505b9.js
omny.fm/_next/static/chunks/ Frame BA9B 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/8214-e86c5c24d6f505b9.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6bdf9a5758c26137e3fb8bab7b67fb05cd507d374f3524fe056730d6e7c2660

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:40 GMT
server
cloudflare
age
168821
etag
W/"20ed7-1867397e5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7cdd299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
664-b888ec84cd7d9c97.js
omny.fm/_next/static/chunks/ Frame BA9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/664-b888ec84cd7d9c97.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38a71b9483a8bb743b6dcb7835c7fb1d9c1902368efc2f3704232eee9433bf2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 14:14:46 GMT
server
cloudflare
age
5525864
etag
W/"b4a-184e2a3a3f0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7cdf299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
3345-70f27f27d72bdf67.js
omny.fm/_next/static/chunks/ Frame BA9B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/3345-70f27f27d72bdf67.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6da203d9b63b236ea56b22153bd7c21ff3a7b311a9a75ccfda97a37c3df6d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 13:52:28 GMT
server
cloudflare
age
5515723
etag
W/"370a-18534f4f960"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7ce1299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed-f7eeac7ca87051d9.js
omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/ Frame BA9B 		459 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/chunks/pages/shows/%5BprogramSlug%5D/playlists/%5BplaylistSlug%5D/embed-f7eeac7ca87051d9.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e252a74692a8029c6f1f033f68815f2781fbcb047327a49595bd88df50174d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Feb 2023 08:52:20 GMT
server
cloudflare
age
1814629
etag
W/"1cb-1861153a5a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7ce2299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_buildManifest.js
omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/ Frame BA9B 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/_buildManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e329edbe678b8a3615eeff892d7c5094ee04bb6a7256a9ab5a8e1d4a6d51d4f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:18 GMT
server
cloudflare
age
168816
etag
W/"1194-18673978fb0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7ce3299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_ssgManifest.js
omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/ Frame BA9B 		77 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/PL1ijeMIEy5rH-uYE1pNA/_ssgManifest.js
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 10:49:18 GMT
server
cloudflare
age
168821
etag
W/"4d-18673978fb0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
79db7bdc7ce4299a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
image.jpg
www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/ Frame BA9B
Redirect Chain
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4...
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Server
52.222.144.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-98.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
7dd9adee5089f16796091e7f9b4df758cafb95bf7b3742709e4e237316f95f59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 12:27:30 GMT
via
1.1 44f6a169aef9148c6facf6748e9e598e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MRS52-C2
age
3927507
x-cache
Hit from cloudfront
content-length
60864
cf-bgj
h2pri
last-modified
Wed, 30 Sep 2020 14:56:34 GMT
server
cloudflare
etag
"0x8D86551065A732F"
access-control-max-age
86400
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
7864ed797c799587-DUB
x-amz-cf-id
r6shbbmfLuMNI3zAlyuBjzUJFWvWj4hnLMMdIylPHx19JbAX_GH24A==

Redirect headers

date
Wed, 22 Feb 2023 23:25:57 GMT
via
1.1 44f6a169aef9148c6facf6748e9e598e.cloudfront.net (CloudFront)
cf-cache-status
HIT
server
cloudflare
x-amz-cf-pop
MRS52-C2
access-control-max-age
86400
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Medium&t=1599022787
cache-control
public, max-age=60
x-cache
Hit from cloudfront
cf-ray
79db7be0ee721b80-DUB
content-length
278
x-amz-cf-id
GHuw-zDIOwTQN3fd0Wey2jrm5zCCXvcSX3LuwFdaqIJB4lTTSeudVA==
players-cf
supercoach.heraldsun.com.au/2023/api/afl/classic/v1/ 		1 MB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://supercoach.heraldsun.com.au/2023/api/afl/classic/v1/players-cf?embed=notes%2Codds%2Cplayer_stats%2Cpositions&round=0&xredir=1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
9711945e90a656dc7c6e00b4b323adf711fb00d2b9f1fb3e231e3373eb0df5ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
strict-transport-security
max-age=31536000;includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-vm-location
cache-control
max-age=60, s-maxage=60
link
access-control-allow-headers
authorization, content-type
x-amz-cf-id
AF-GdeSoBPQgGb1MCZd4lrUCACtFo-AGnNse6F9UidP6aU6yQkKDIg==
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Thu, 09 Mar 2023 23:25:56 GMT
utag.1139.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1139.js?utv=ut4.46.202301292355
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7f6008ca479fb9e50da5b7cee97fa7c1251f20373ab588273803f69545005080

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Sun, 29 Jan 2023 23:55:24 GMT
server
AkamaiNetStorage
etag
"1ad6bff54afa9220d8e2c6a5585c75b2:1675036524.06003"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1225
expires
Thu, 09 Mar 2023 23:25:56 GMT
utag.1140.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1140.js?utv=ut4.46.202301310444
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
25bb1113068c1c7b9996ee51c22119c5379c6284be87e4b4000596a777a522ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 04:44:20 GMT
server
AkamaiNetStorage
etag
"c9e4c7d7f8131e8ac8e7728312ef39c8:1675140260.515455"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1077
expires
Thu, 09 Mar 2023 23:25:56 GMT
utag.1141.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1141.js?utv=ut4.46.202301292355
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b404b9a484eabf02274d1b2903119f3b3355ccda686cb1ca264b9e034496823

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Sun, 29 Jan 2023 23:55:24 GMT
server
AkamaiNetStorage
etag
"07f2c37c2d514060e67fcc1166094864:1675036524.223807"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1064
expires
Thu, 09 Mar 2023 23:25:56 GMT
utag.1187.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1187.js?utv=ut4.46.202302200358
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c00abf7da8a246c460de8fe5192f8850f247de82230d9d8b9f040ee6ddd853ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 00:30:43 GMT
server
AkamaiNetStorage
etag
"72156245336080cd097a0ecf0aed36b8:1675729843.630627"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3642
expires
Thu, 09 Mar 2023 23:25:56 GMT
utag.1192.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1192.js?utv=ut4.46.202302200358
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fb8f7653f8e9eb5bb33992cce33fa43c3379d5aa1873ad36e6885a719f91ae66

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:58:46 GMT
server
AkamaiNetStorage
etag
"b81ad4b34a92133c8e0f8a17e35a3fa9:1676865526.721149"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1027
expires
Thu, 09 Mar 2023 23:25:56 GMT
image.jpg
www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/ Frame BA9B
Redirect Chain
  • https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/image.jpg?t=1599022787&in_playlist=023c69e4-8322-4...
  • https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.omnycontent.com/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
Requested by
Host: omny.fm
URL: https://omny.fm/shows/the-afl-supercoach-podcast/playlists/podcast/embed?style=cover&size=square&image=1&share=1&download=1&description=1&subscribe=1&playlistimages=0&playlistshare=0
Protocol
H2
Server
52.222.144.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-98.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
fe5b9fce5a9f999cf3d5e4778e38011c5a003ec08a1facdca8fa5690aabe654b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:53:20 GMT
via
1.1 44f6a169aef9148c6facf6748e9e598e.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
MRS52-C2
age
4905157
x-cache
Hit from cloudfront
content-length
2493
last-modified
Wed, 30 Sep 2020 14:59:31 GMT
server
cloudflare
etag
"0x8D865516FB99DC3"
access-control-max-age
86400
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
7807b10eef971b96-DUB
x-amz-cf-id
gd3vLXbk8Zll5kbFeDpN78FewOANi_CFZjD195vzmw4WNlF7rkyUpA==

Redirect headers

date
Wed, 22 Feb 2023 23:25:57 GMT
via
1.1 44f6a169aef9148c6facf6748e9e598e.cloudfront.net (CloudFront)
cf-cache-status
HIT
server
cloudflare
x-amz-cf-pop
MRS52-C2
access-control-max-age
86400
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
/d/playlist/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/023c69e4-8322-4b09-8c70-ac2a00524b91/image.jpg?size=Thumbnail&t=1599022787
cache-control
public, max-age=60
x-cache
Hit from cloudfront
cf-ray
79db7be0e8fa1b83-DUB
content-length
281
x-amz-cf-id
CoMvNyhiHBbgYx2nA4Jxp89Pwa43mGstOon8cI0Ci-WDX8cwf4miqQ==
open-sans-latin-600-normal.0270e39b.woff2
omny.fm/_next/static/media/ Frame BA9B 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-600-normal.0270e39b.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134

Request headers

Referer
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
5615834
etag
W/"419c-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
79db7bdc9f3b5a7f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16796
open-sans-latin-700-normal.58fa2153.woff2
omny.fm/_next/static/media/ Frame BA9B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-700-normal.58fa2153.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3

Request headers

Referer
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
7246048
etag
W/"3fe8-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
79db7bdc9f3e5a7f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16360
open-sans-latin-400-normal.abd3eb12.woff2
omny.fm/_next/static/media/ Frame BA9B 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omny.fm/_next/static/media/open-sans-latin-400-normal.abd3eb12.woff2
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.106.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Request headers

Referer
https://omny.fm/_next/static/css/cbd76663d97d6e4e.css
Origin
https://omny.fm
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 12:31:18 GMT
server
cloudflare
age
5608074
etag
W/"4150-184cdab79f0"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
79db7bdc9f415a7f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16720
4f6f9883502761d51b9fb6023ef12671
content.api.news/v3/images/bin/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4f6f9883502761d51b9fb6023ef12671?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a91c30598cdddf4e87ed879037c9fe0b11cb58fff18e9b2b19cd598e22a4b7f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
x-check-cacheable
YES
edge-cache-tag
4f6f9883502761d51b9fb6023ef12671
content-length
26150
last-modified
Wed, 25 Jan 2023 03:55:40 GMT
server
Akamai Image Manager
x-serial
1594
etag
59b381531b3e547f179a9db4bdfc8180-4f6f9883502761d51b9fb6023ef12671-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4914991
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 20 Apr 2023 20:42:27 GMT
439049cac3d291ba56e6d838ac9fb561
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		85 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/439049cac3d291ba56e6d838ac9fb561?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
513567f0a1c3de9417ae31e22229e54b75812a12a6460343f4e965a49413ff9b

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
439049cac3d291ba56e6d838ac9fb561
x-cache
Hit from cloudfront
x-amzn-requestid
5e347f6d-66e3-489c-bef9-c7ea6e0c5ae2
x-newsapi-timestamp
2023-02-22T23:25:56.948820Z[UTC]
x-newsapi-traceid
a11a9c6a310bf206
x-amz-apigw-id
Aw6k0FMxSwMFgEw=
content-length
19647
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
30
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:56 GMT
x-amz-cf-id
VuJhmYWCsFA0WkrK1CSoNeqIFIt-nLyGhhFc3IXVAlW56RWD8z6nSg==
expires
Wed, 22 Feb 2023 23:25:57 GMT
468cc251ffe088dfe919e675b75c8696
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		60 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/468cc251ffe088dfe919e675b75c8696?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
7c96ba3dee85b281e14dc0913acf4cb7ed9ea939b4e46b64dc15af21c2abb631

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
468cc251ffe088dfe919e675b75c8696
x-cache
Hit from cloudfront
x-amzn-requestid
a03733b5-72ec-4b0f-9981-8d4e2f2092af
x-newsapi-timestamp
2023-02-22T23:25:56.776464Z[UTC]
x-newsapi-traceid
214ee10c19b9603c
x-amz-apigw-id
Aw6kyHbxywMFwPA=
content-length
13019
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
28
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:56 GMT
x-amz-cf-id
lQxsTJ0fFxc8-mDdPSAdwcrPiUzmRh5fMyfD5aSY7G1DEhQmp79A-w==
expires
Wed, 22 Feb 2023 23:25:56 GMT
3ca9bb74c42522cf6a91c846ef0ad5b3
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		87 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/3ca9bb74c42522cf6a91c846ef0ad5b3?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
75b30ac3717e0d43d5b4ac4ae4973951f07dbd05142662c1608fe504055147e5

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
3ca9bb74c42522cf6a91c846ef0ad5b3
x-cache
Hit from cloudfront
x-amzn-requestid
e15aea16-4d80-416a-8606-86c39e9550b0
x-newsapi-timestamp
2023-02-22T23:25:57.111281Z[UTC]
x-newsapi-traceid
25176757c6e2ccb9
x-amz-apigw-id
Aw6k1Es2ywMFVEw=
content-length
17981
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
36
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
Y0pY_ptrxAp1bYHeO4QStj8puXyWEj8_5k4dVSWE0NgilNHsornQzA==
expires
Wed, 22 Feb 2023 23:25:57 GMT
df005b948913ce10a9f8f66cd455e268
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		162 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/df005b948913ce10a9f8f66cd455e268?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
86d718165adfb25f70b77128d8a404edcacba3c0dcc2a5417af5621582c82ca2

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
df005b948913ce10a9f8f66cd455e268
x-cache
Hit from cloudfront
x-amzn-requestid
3c2a9dd5-2fa9-4102-806d-245b4a702a10
x-newsapi-timestamp
2023-02-22T23:25:57.161141Z[UTC]
x-newsapi-traceid
60471f7cefc45498
x-amz-apigw-id
Aw6k0Gl2ywMFQxg=
content-length
35358
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
156
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
90iAJ3wfeSJR8EVgjTg6JayNIs8BfEY95T7d2M9HbIjxpmd-tm2Bpw==
expires
Wed, 22 Feb 2023 23:25:57 GMT
1823525c1b4d2f702c7b65929e577b45
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		71 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/1823525c1b4d2f702c7b65929e577b45?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d91d751ba3d787d90e783b7e05704f02452b1d1626663efaf7493b3d4e6c31b0

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
KUL50-C2, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
1823525c1b4d2f702c7b65929e577b45
x-cache
Hit from cloudfront
x-amzn-requestid
159bfc40-cb32-4777-9bd8-7d96496bce67
x-newsapi-timestamp
2023-02-22T23:25:57.162434Z[UTC]
x-newsapi-traceid
dcc1729b47b4cdb9
x-amz-apigw-id
Aw6k1EoaywMFWpA=
content-length
16390
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
77
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
nEOppKNE72zn1FgVE9T3ghda7k8RbA7Qvp-gFCBasitwpG9ThY7Opg==
expires
Wed, 22 Feb 2023 23:25:57 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202302200358&cb=1677108356634
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.247 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-247.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 22 Feb 2023 23:35:56 GMT
B7670439;dcadv=4149947;sz=1x2;ord=303582513389.88306
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=303582513389.88306?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
10103e40d98e3a24f4566ecc813da637c1cdec0aca5a2b4996ea69372b955dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92560-41
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e1962f7519a5cdfaca53458f531eae43c1bef1ac41222ec15640247f37c9b6d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44121
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:25:57 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.158.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-158-139.bkk50.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 03:25:50 GMT
content-encoding
gzip
via
1.1 fbcc9bb970ed15f8ab2558c13f3f0572.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
BKK50-C1
age
72007
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
IQ7osvQfcG6Fg4xa84fV77w0pIbkieCpt8DmCXKrYH3y9axQrO5HHg==
expires
Thu, 23 Feb 2023 03:25:50 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		185 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
eedd49621b38f275303c3f88a999ee576072d8e100aac6b0ce08e488682f0e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"1bf2800232147702827e8ee9c4c954ea:1676958133.735979"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=13938
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=18244
content-length
9840
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		75 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.162 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-162.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
last-modified
Sun, 18 Dec 2022 11:30:40 GMT
server
AmazonS3
x-amz-request-id
8D3B045WC00VVMSR
x-amz-cf-pop
ATL58-P1
etag
"f1a4e674158b6b0ef75f5ba312c64b88"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
76452
x-amz-id-2
2XO/H9abSTvCKRI6it7Wfyv2F0CojzZwAAbpvi5GBSqcrGZ65zoiLFZsRDIIIca47zDlpvdnTEg=
x-amz-cf-id
md2IomCKvkUwbgUgM4j4zWMk08_MCs8d9CuVlVR-vTXUg024g3cQkA==
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 22:57:40 GMT
Content-Encoding
gzip
Via
1.1 0e0ce09b6e10a8fc07c3a94faa7d2626.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
1698
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
xuHsyPI1vx9EGNpfd9KA95gJlxg14NxVw3C-AV_eYhe2k-E6oDQF_g==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2023-02-22T23%3A25%3A56.641Z&country=au&newsconnectId=&fpid=
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.40.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-40-64.compute-1.amazonaws.com
Software
/
Resource Hash
4309c278b19cc65d2b31fae807a2373dae84c5ae2fa6ec6c2a8e8c15cb9ab87a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2830
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e978d238d5c41225bcd905cf8add12e444e2cf30f04691a949cebe0789f174c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
wjnDuuLX59sOKR5weVSPTApJevg8A974
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Feb 2023 23:25:57 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
76H9CQGN6N84752R
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
520
x-amz-id-2
jmQ57nMEZDmy5ZuqenpPvo8DuZLl+0vw7lJOlfVnli4Y5ly1Vi2FaU/X+3klgFcKEODCnMmbba8=
x-served-by
cache-fty21352-FTY
last-modified
Sun, 22 Jan 2023 10:32:35 GMT
server
AmazonS3
x-timer
S1677108357.334507,VS0,VE0
etag
"4e461faf14ac3f921d3adc4f754611d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
886
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
JV2RJXJ0QJCDP7AA
age
3344
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db7bdecc375aac-MEL
x-amz-id-2
uOl/IPqMBEKxot042YnQYs1PUh4+xNknvHLXLEUgqC7xxb6ieRrF2nUSTRrOEoR8uAiR8k3B49I=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.180.236 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-236.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Tue, 19 Apr 2022 03:11:13 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Thu, 23 Feb 2023 00:25:57 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a274dbe4a9a49f23e9a2822ac546709e:1673918295.329898"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=18125
content-length
2302
tad.js
tags.news.com.au/prod/tad/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f222758f1d0f71c12e10a1bdaa04bf9e1f446d7de788103d3005676e513c4582

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"0f2a290097d04e7d48231b23f790d327:1676944410.172158"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=78103
content-length
33499
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
eb1e8e84257027ae3feff8f88e512977094d01e375227ad2b7499640a5a92d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26471
x-xss-protection
0
server
sffe
etag
"1491 / 132 of 1000 / last-modified: 1677088617"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Feb 2023 23:25:57 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:44:25 GMT
content-encoding
gzip
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront), 1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
last-modified
Wed, 22 Feb 2023 21:30:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
age
2493
x-amz-server-side-encryption
AES256
etag
W/"73a4291e0b24cc8bf12a18bcd544a2b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
qthrU_OhxGWUPehPaiuYdos_wIFsnv7aU9P3BgIQwYDy9to2y3h8Ng==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=17813
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-27.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1ed1677dc75607eb6865e91977014c05346e13285475a93ba4e8fcec5239a3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
iWnu5yI2whAnqv8_WLKKBEkO8GRGD5MU
content-encoding
gzip
via
1.1 66d851b48249ff71df5688c84f41fec8.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 23:04:38 GMT
last-modified
Thu, 02 Feb 2023 07:04:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
1284
x-amz-server-side-encryption
AES256
etag
W/"760efa303068553e2a16d6a46f447be5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
tY20pmPazUgZj9i_Ez0r91PrhhcuTDJNhZ-93HGS6bV85P1LZJ495A==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
618843158ccc24172fe7ac6ab8b755bf371cf5965c469407613041778e43e503

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:56 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"bb52a37d45d417951a3c95a98cf1fbfd:1673855044.593883"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=17382
content-length
6076
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.101.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3528195e6af4e53d97fa596f8c6e62b517d884e584bfb3e4d5de348447842c59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3237
cf-polished
origSize=5799
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Wed, 22 Feb 2023 22:32:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53mVFnmxr5Y%2B4xM8KfOoh9OyAMxW8flhDr%2B1coXHRPKmDbaaRl1ngtKxQhyUyxqukALbMWsm4greGAvx95O11%2BzSVbCNTOn9yXrbbVPnvaPPlQjN%2BPE8A0QB2AexRd9EXwehqhmXLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db7be26a252b38-MEL
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5SVI0J6V74OJ29IA6K0&lib=ttq
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1139.js?utv=ut4.46.202301292355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.85.210 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-50-85-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0aa05ba11ed7cd12d84b0b101a7d1a7118af9f423e2e027321d35d50f4a10442

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id
fa4824f7.1b8a68b1
date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-50-85-206.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time
232,184.50.85.206
server-timing
cdn-cache; desc=MISS, edge; dur=222, origin; dur=10, inner; dur=3
content-length
1143
pragma
no-cache
server
nginx
x-tt-logid
202302222325573E03413DA2784357878B
x-cache-remote
TCP_MISS from a23-218-222-4.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.218.222.4
x-tt-trace-host
01f3257378d465fc4b4694cfa18dcad711b08157c728f67baf34e657dafe040babb1032faa68c60eabbefc5e46cbc61cbf6cfd987a1f7af430b6e4939436d3d5be1f7949684bdc799740b54afb146f755fb048763d8e8e9cba192f2c95530e7852028acd7c73f445ce82048db1f8edca97
expires
Wed, 22 Feb 2023 23:25:58 GMT
scevent.min.js
sc-static.net/ 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-14-254.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN5-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
13327
x-amz-cf-id
qyC_YkLxFGkPRyprWbGYB2ZUc-bayjMWHK7o80oji-2DuUmtI3NsJg==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 22 Feb 2023 23:25:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6GOXoSE+Sp6dSdErFdAtZGqNTe8nbu64FHrmExs/o05v0T/pbbS0T33cdKnoGznoInW1f4nMUGJUqenW7tuo6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1235-QPG
/
o479328.ingest.sentry.io/api/6149200/envelope/ Frame BA9B 		2 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o479328.ingest.sentry.io/api/6149200/envelope/?sentry_key=26e057be21a84efb8189b730ef099727&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.35.0
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-f21101dfdff87f8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://omny.fm/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://omny.fm
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
waveform
www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/ Frame BA9B 		21 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.omnycontent.com/d/clips/2fb3740d-3436-44af-8cc0-a91900716aa5/fff90da8-8760-46f0-8226-ac2a00524b91/fb8e765c-5a5f-4f6c-b794-afb000718708/waveform?t=1676962466&token=O9qphO3y9WnRnGvwehzQ54FoDittZhut
Requested by
Host: omny.fm
URL: https://omny.fm/_next/static/chunks/pages/_app-f21101dfdff87f8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.144.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-144-98.mrs52.r.cloudfront.net
Software
cloudflare /
Resource Hash
c0509ee503a40ffc0cf58e1d7b9a6225dd915f67101f426176f662b3b7f55b41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://omny.fm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 07:03:10 GMT
content-encoding
gzip
via
1.1 93c32b8d81c9a38079148004208d6478.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MRS52-C2
age
145367
x-cache
Hit from cloudfront
last-modified
Tue, 21 Feb 2023 06:54:26 GMT
server
cloudflare
etag
"0x8DB13D878EA1C05"
access-control-max-age
86400
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=5184000
accept-ranges
bytes
cf-ray
79cd9eddbada9558-DUB
x-amz-cf-id
GEj8NIGH6S4GWBzwiyrdDqw-QIsX7p_xetdhZjlhJdH1QINfx28gow==
316aa97cc70dd9dafabb6a5c35e6016d
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		36 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/316aa97cc70dd9dafabb6a5c35e6016d?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
22711b23d3e481df0255cebd9a7a0df4f5261cbc7909962ada5da7d9ef35dcbc

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
316aa97cc70dd9dafabb6a5c35e6016d
x-cache
Hit from cloudfront
x-amzn-requestid
2165c850-a4b1-48ea-9946-f8cccf96b2ec
x-newsapi-timestamp
2023-02-22T23:25:57.178161Z[UTC]
x-newsapi-traceid
9c6f415160917219
x-amz-apigw-id
Aw6k1HZ4SwMFSQw=
content-length
6244
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
127
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
bvs_9YdhymOkWgvBP7LlYlq0wzQorg_rJ0oUtOdCmFIQl_6KHhUdWw==
expires
Wed, 22 Feb 2023 23:25:57 GMT
5cc4e6d27bbd77f4791ca6dad1416a75
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/5cc4e6d27bbd77f4791ca6dad1416a75?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
3d251f5ee1c4ed268ca1753204e8209ac779d7cd1ed7103967d6d03e91de609e

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
HIT
edge-cache-tag
5cc4e6d27bbd77f4791ca6dad1416a75
x-cache
Hit from cloudfront
x-amzn-requestid
8e7b9cb9-e1e7-4f07-9ea8-14053dba79ae
x-newsapi-timestamp
2023-02-22T23:25:57.265531Z[UTC]
x-newsapi-traceid
1add2f773561d6ee
x-amz-apigw-id
Aw6k3E0iSwMFiGg=
content-length
11354
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
31
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
IXAoQX8KUGhfGy-mgCt3dY2mAQ1PQNxDhRJzEn9UhJPtu6e-Mx1NGw==
expires
Wed, 22 Feb 2023 23:25:57 GMT
9098f1de5f9499f624dcb41fc67a00e5
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		75 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/9098f1de5f9499f624dcb41fc67a00e5?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
fc298c7755e31bf1ba06104b3af5ad3cd3515fb7a23688c3e5a576ed9f8afc86

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
9098f1de5f9499f624dcb41fc67a00e5
x-cache
Hit from cloudfront
x-amzn-requestid
cd0199a5-a4d6-46a8-b3fb-57f9ffed680b
x-newsapi-timestamp
2023-02-22T23:25:57.394240Z[UTC]
x-newsapi-traceid
c75031d88418474a
x-amz-apigw-id
Aw6k4EyAywMFzbQ=
content-length
16153
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
47
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
V3uVnAlV7sCTVCGp1WKSfENg5-4S5VsoTL1_64ZV_76wE5xZddOcyA==
expires
Wed, 22 Feb 2023 23:25:57 GMT
22d1cf4dc6ac9770c09b9f7c74d7ca09
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/22d1cf4dc6ac9770c09b9f7c74d7ca09?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
543fe4b85f8a3f41a1e58f1e4ae6dd9df58774edf88f5b707b6bcf311d3251fc

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
22d1cf4dc6ac9770c09b9f7c74d7ca09
x-cache
Hit from cloudfront
x-amzn-requestid
78f7a948-e195-48f2-8f2e-a15aa1dd96ec
x-newsapi-timestamp
2023-02-22T23:25:57.324605Z[UTC]
x-newsapi-traceid
e1aa5658dd7ea695
x-amz-apigw-id
Aw6k3FHzywMFadg=
content-length
11515
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
33
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
w5V5b_gbDU5XHkrwRfpeUJltRXVgQPo7MUG-gBrXC5v5YLRneXSGwA==
expires
Wed, 22 Feb 2023 23:25:57 GMT
1c725600676a9fbbcb68b1f2cd778c37
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/1c725600676a9fbbcb68b1f2cd778c37?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
42a5b09908a5dd4a9664125684e98e3299b714843bfed20536ee9fde412de9cc

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
1c725600676a9fbbcb68b1f2cd778c37
x-cache
Hit from cloudfront
x-amzn-requestid
4a527b86-e1a1-40d5-bf6a-28b54d0420ca
x-newsapi-timestamp
2023-02-22T23:25:57.394437Z[UTC]
x-newsapi-traceid
d63c20ace533b8cc
x-amz-apigw-id
Aw6k4HDVSwMFs5Q=
content-length
5895
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
29
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
C9do82p9yZuzRl1-9g0MBEXlwfFiG6WTm9aNkeNa1FVpEfR4VUvn_g==
expires
Wed, 22 Feb 2023 23:25:57 GMT
P16C8D000-5514-4C76-9A96-5F57C2693396.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P16C8D000-5514-4C76-9A96-5F57C2693396.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-126.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b50552563c561fbf9ed331d948cafc003ad18b2fed2c2860c5d2cc61b9516df6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
NDU6KfVVEfb66wlW6qjgPqsmehwgw2ff
content-encoding
gzip
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 22:40:52 GMT
last-modified
Wed, 22 Feb 2023 19:15:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
2706
x-amz-server-side-encryption
AES256
etag
W/"49629aa0e91f063e57d458bf6d33a6e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
zZSDaPfFAaIM076zCyvSIfwGXtgT52N3r-Ub0r6tORHmmyZH6kcCKA==
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13522
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-118.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
3b9e1424468282934fb47505da12447327b335c7aef11d6d74863e190c5b901f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
br
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"13522...221.2023022223"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
C0ZqYc90ztXdp4LFn4MG_NaH9qvysHKLLUoyR3RaAEe1VshTTvc3vw==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108357046
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108357046
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108357046
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b3d11fd8397dd365d10c7f32d77e32eeb1e0d20406aceb2e76aac8a145329964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-064094830.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
lKSMyj/lQ30=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1566
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-2-v043-0fa4601c8.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
hF/bbEPMTs8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1677108357046
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-86.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sat, 18 Feb 2023 02:41:59 GMT
Content-Encoding
gzip
Via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
420239
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
WerBD2lGgvoZzF3qNEWnPbQasNNVf-nAk7sVN2afRPAofzgnixopLQ==
1757731811273228
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1757731811273228?v=2.9.96&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-sin6.fbcdn.net
Software
/
Resource Hash
3bde7963c6171f24a8b6289eeec6af3276293c0f5a8abf95705d2ebce94687fe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 22 Feb 2023 23:25:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110200
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
2u12NrE4dxNjxiWmEnz/Bqo/w2CuDDKG9cCKbXjtcQUM4W2tc/r4tUTpfmgyJdx1/SOw26+O+/0NgdJfBYMbZg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ef1b67391056c374e9e8a49554be9526
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		62 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/ef1b67391056c374e9e8a49554be9526?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d864077aa7d3062d9d87106d30f3ff9c305d169de8073013a74f1c899c5928a5

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
ef1b67391056c374e9e8a49554be9526
x-cache
Hit from cloudfront
x-amzn-requestid
87a4caec-5b7a-474b-8ea3-f2f9093ec951
x-newsapi-timestamp
2023-02-22T23:25:57.461989Z[UTC]
x-newsapi-traceid
12f72b4ecd7406f1
x-amz-apigw-id
Aw6k4H0USwMF5zQ=
content-length
10451
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
61
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
9T0qI7cDXypGw1JpNr-bsb_GpZ1W5-oeta6K0ftlUbZuhvNDrTwVwA==
expires
Wed, 22 Feb 2023 23:25:57 GMT
d482264fb3944ec3e51145c8ae7169ff
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		65 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/d482264fb3944ec3e51145c8ae7169ff?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
0866a54e6bceeae0c0a1fddca18e17ddab30d315ce8c38c8ee2f55be2c86ca60

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
KUL50-C2, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
d482264fb3944ec3e51145c8ae7169ff
x-cache
Hit from cloudfront
x-amzn-requestid
61abd481-f36b-4346-80e7-2c4c90c157fe
x-newsapi-timestamp
2023-02-22T23:25:57.519345Z[UTC]
x-newsapi-traceid
43e7afe24ee192b6
x-amz-apigw-id
Aw6k5EoESwMFwOA=
content-length
10888
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
45
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
ugHBbj8Om_GQyZMaTK1zEByAq9SYVbri4zmtkUgmZT_auXR0Rqo6vQ==
expires
Wed, 22 Feb 2023 23:25:57 GMT
01937bdd9dedfd26b9e05fee0d0231f9
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		62 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/01937bdd9dedfd26b9e05fee0d0231f9?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
8d2ca6041b063257489dd38ed102b3123ac771cbefe0eae401f4d6f4cd1dfad7

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-P1, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
01937bdd9dedfd26b9e05fee0d0231f9
x-cache
Hit from cloudfront
x-amzn-requestid
a8b789a6-94b5-4767-b601-ec935a35d842
x-newsapi-timestamp
2023-02-22T23:25:57.534766Z[UTC]
x-newsapi-traceid
ee20dcc1525407dd
x-amz-apigw-id
Aw6k5GT6SwMFwBw=
content-length
11092
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
28
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
ECv2yV_UmLmJKnYgLSLMGffuk6ayhbiCiA-_C0ithK4aC7X2npHx-A==
expires
Wed, 22 Feb 2023 23:25:57 GMT
8039f713cb1104b2d2ce1908bc423100
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		54 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/8039f713cb1104b2d2ce1908bc423100?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b297c5aa48aa043b5a5ab81f5c5a11405e525a3648b33c450ceca244c2e5d718

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
8039f713cb1104b2d2ce1908bc423100
x-cache
Hit from cloudfront
x-amzn-requestid
16746d4e-f45e-4e7d-bf7e-ac02f79be095
x-newsapi-timestamp
2023-02-22T23:25:57.224941Z[UTC]
x-newsapi-traceid
6558777ab405d3c5
x-amz-apigw-id
Aw6k2EPRywMFgBQ=
content-length
9716
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
31
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
NSTHV_eMSWglLWfQU_wYoz1GvIYpKv3-L55ga8-oXkd-NaLilNtcfg==
expires
Wed, 22 Feb 2023 23:25:57 GMT
b09d9709ed9b9669aff58ee7803eebe7
d32guktqcrn2b4.cloudfront.net/v3/articles/ 		80 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d32guktqcrn2b4.cloudfront.net/v3/articles/b09d9709ed9b9669aff58ee7803eebe7?api_key=m6m5wu5nx336racegezj5eee
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.70.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-70-184.mnl50.r.cloudfront.net
Software
CloudFront /
Resource Hash
eda80047727d4a0d0e6cfc0616b2defd00b1f37145411474a779ac3f6defbab6

Request headers

Accept
application/json, text/plain, */*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
via
1.1 7c2235d494e9a3b4e39b70d44b3f8810.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.20.0
x-amz-cf-pop
SIN52-C3, MNL50-C1
x-amzn-remapped-connection
keep-alive
x-newsapi-cache
MISS
edge-cache-tag
b09d9709ed9b9669aff58ee7803eebe7
x-cache
Hit from cloudfront
x-amzn-requestid
2e3914d2-74f3-4d4c-9f89-085c1edffa64
x-newsapi-timestamp
2023-02-22T23:25:57.466550Z[UTC]
x-newsapi-traceid
57e65dfcdd9fc9b1
x-amz-apigw-id
Aw6k4FcMSwMFtNA=
content-length
14286
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-o
CF
x-newsapi-processing-time
78
access-control-allow-headers
x-newsapi-api-key
x-amzn-remapped-date
Wed, 22 Feb 2023 23:25:57 GMT
x-amz-cf-id
pRpipGeb1xoqhiDN1ctMBz3ZxCiXGZ53utKSjV_SBUzzqDnwAb5g9g==
expires
Wed, 22 Feb 2023 23:25:57 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230222
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b299dbf020512e4a72f4f18f3346d2f8cb37d039dcc3c41ae69500dc3779a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26625
x-jsd-version
1.0.1626
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4578-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-VsJrHodLs7s+N1M8TxYuw4EuFxc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crFX1vb%2FwLdh6GmXjlFl9vWlOshgb9v6%2BrrfhCWwEI35O3a141XiyZR8TZsuBP%2Bq4%2BcR4EqvyKv%2F%2FXGS3YCoFG1kcihOucGZf93PvkPifY%2Fg7TQVluVEoVZw72EQEUHjN4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
79db7be16a62df9d-MEL
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=303582513389.88306?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
592
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 23:16:05 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskrrM72iY2d6GOp82Clg1MW4kJYyefMzVvk6MY4Q90B7P5z0xYverCc7uhze0d0rUkEZ1L4417SyefZmDUiyAlFkMAyWKuj5-A8k7UxFMhw2-mWqLC-B36JOpLssBlkF4hsbbgda16bWxAEhO_H4JceW_YHQ6bgUis20Ml4eaH9Sw&sai=AMfl-YT6-WPhAVe091j8cX4G7cazMk6zDiUD9ooQTazmnJcEPrr2wHIJQq1R937AJ56ype66stOqPH9LHk5ddx8qlK1w-U2-kMltuQs4zA&sig=Cg0ArKJSzLDK-mGVNwD8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230221.94774&arae=0&ftch=1&adurl=
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:25:57 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CV-j0ADngtbqWSfl&d=supercoach.heraldsun.com.au&g=36976&g0=sport%2Clobby%2Csupercoach%2Clobby%2Cindex%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&b=5744&t=BSYYCFCU7u2wkeeBuCehBo9DPq51V&V=139&i=The%20Herald%20Sun%20KFC%20SuperCoach&tz=0&_acct=anon&sn=1&sv=Cl5VqnDjDqGcD1fzAJBKcPzJCOtjGH&sd=1&im=06030402&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
pubads_impl_2023021601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:02:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132097
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 09:35:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 21 Feb 2024 23:02:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		877 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=supercoach.heraldsun.com.au
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
9356c90bff9a3cfcc6d370026ec50d06645b3d32fcd0e432754f37d228fd8c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
374
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:25:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92560-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 21:28:00 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
7078
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Feb 2023 23:28:00 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820460034&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92560-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
0b36ebf2f05d2fbe5b2631a5f2209d9ebbce1052d2223f9a4ddd25ebe2d74efa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68006
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:25:57 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-192.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:57 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Wed, 22 Feb 2023 23:25:57 GMT
generic1674383553611.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1674383553611.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09ef3185c70b92a89a42173554dcba0971bf6ff6807d8f2beb587eb211e38f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
0wZilUcGsyckGx01p39NxpbwhrSxV942
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Feb 2023 23:25:57 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
GBESHFV6FGFEHJ8W
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
88281
x-amz-id-2
p4R7eKE2e0eShp3EkcHAdhekbVsnO9MdxNo2oXw3ge6KK84ZckJdCYfK6f9+qIvixclcJfb1LZg=
x-served-by
cache-fty21352-FTY
last-modified
Sun, 22 Jan 2023 10:32:34 GMT
server
AmazonS3
x-timer
S1677108358.609635,VS0,VE0
etag
"e21656fa738b009380658ddab017d746"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
150
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.162 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-162.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
content-encoding
gzip
date
Wed, 22 Feb 2023 23:25:58 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C3
etag
"4a5e4a11bf4a74aeb574379e169fa679"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=341
accept-ranges
bytes
x-amz-cf-id
9DMyOvo2xfZsgrTFUXhwuFHR9D85RJ-z_U8I4Se0MfP4sO5GCj5eTw==
content-length
1284
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=d330b073d6c2abc05d19e7c0cffc74a1&timewithTz=2023-02-22T23:25:56.641Z&country=au&newsconnectId=&fpid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.40.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-40-64.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=supercoach.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.101.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a0eff8d578577ca7cf7d54651522fee8cea920311819b9ded36c4a2bd042e6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2730
cf-polished
origSize=47061
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Wed, 22 Feb 2023 22:40:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaI0G2IuLrdG3m14S%2FAMIwB5lQQaOSde%2FmV%2FiLZU2%2FFrXm6M%2Fm7SXqE%2BGHzlK2BjWfasQK4tZ6ZjuM5akgUzRier%2BjiTiIgX4T%2B0n%2F5GYvDx4uAyGfOEiz4GzyJTEMlxkmf02NEu5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db7be31b0c2b38-MEL
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1757731811273228&ev=PageView&dl=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&rl=&if=false&ts=1677108357607&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1677108357606.285136871&it=1677108357081&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 22 Feb 2023 23:25:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 1514 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-45.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
1375
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 22 Feb 2023 23:03:04 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 740fccc7c62d49696904618862f889f8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Dxg0OFtrNmwTN5x4MnMC-KfCCGaizL0-55dzr37S8tAKLUX6cIi4pA==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
config
c.amazon-adsystem.com/cdn/prod/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fsupercoach.heraldsun.com.au
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:19:55 GMT
via
1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
7562
x-cache
Hit from cloudfront
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
wjcKV7gPiJ5Q2svwHtY12tmwZHReJ2Kl_v_PeR7mNI0bGrNK-retCg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding
gzip
via
1.1 29ec57392a878e133a2e208c0dbdc3e2.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 01:26:38 GMT
x-amz-cf-pop
SIN2-P2
age
79161
x-cache
Hit from cloudfront
last-modified
Wed, 15 Feb 2023 23:43:01 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
vQAMBYk2bWUQon4SEsO-Xjisb99l105zsnw-DUg3mc-VI41x5OBZNA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820460034/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820460034/?random=1677108357767&cv=11&fst=1677108357767&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tiba=The%20Herald%20Sun%20KFC%20SuperCoach&did=dYmQxMT&gdid=dYmQxMT&auid=1829578373.1677108358&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820460034&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
9ac1dc5b452dfcb44503508a16c9d97e291add1066c84e197358dbd74b5e7aed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
894
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
b0ebea7fd51d04b4e550829e6ebbcd81ddb8bf995d36bd686fc41e599329e777
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		595 B
938 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&pid=F6sag1dZUCGhr&cb=0&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x1%22%5D%2C%22sn%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull-ad-block-728x90-1%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-248-101.sin52.r.cloudfront.net
Software
Server /
Resource Hash
cecc0204a2303490737989008d814693a2ebf53f7204e5a2cf5520d94caaa385

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
via
1.1 bf37a08a8e52d3968f35ae1bb4eaae78.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
595
x-amz-cf-id
1DtwN_lbur1Ea0_76SGe75kSUHfrnKNB9HyIB4WIMcfNjoHqIht3Ug==
newsicon_afl.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/newsicon_afl.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d5719bfe9c1f816ff3f05f8b4fe76e7747f4224b1f7bfd72a136f20465764c65
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64638
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"d3c5b5d94c135cf5c965ef297da0e889"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
4lCKJeLKGrXBM79no9CRGO_sTREt6xFYXOrdg1KKP0o82iE6iAOzaw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
newsicon_nrl.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/newsicon_nrl.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
1bfd4de1ee974914b69d3692bd5cfcf13ba3a1c6a5fc47a6e0691f79ca19b71f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:09:52 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
4567
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"56096738e5f008f5af11e20dfe5e9fff"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
Yvflsh4kIyTA7PJAGl6mrMJjSFafC-bZeiy1erVnDkWmhJ9tGxrFBw==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
newsicon_bbl.svg
supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/images/common_svgs/newsicon_bbl.svg
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
83472595381fbd93444a79e1db9b41468ecd1c5a56f874f3cc43797253900dc3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/styles.7daf0f9e4a716e60.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
age
64638
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:21 GMT
server
CloudFront
etag
W/"cd1b7c9ea10fa3ac28fd7422bf417f50"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
d33vg_O-9hsnhRSruI6m4db9Ag6DIYf28W4ZIquExAvjwozB8EhzZA==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
dbde80988e5f6124e7fb873fc34253fc
content.api.news/v3/images/bin/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/dbde80988e5f6124e7fb873fc34253fc?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c6f09adec78e811410b127829b9855178c6fc3ced22876b81a0e249be4253ddd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
dbde80988e5f6124e7fb873fc34253fc
content-length
139178
last-modified
Wed, 22 Feb 2023 19:00:52 GMT
server
Akamai Image Manager
x-serial
931
etag
47094493f1a57c66c5befc1b773621dc-dbde80988e5f6124e7fb873fc34253fc-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5168113
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 19:01:11 GMT
837d8e3f72997bf68d81d42d13a36fe4
content.api.news/v3/images/bin/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/837d8e3f72997bf68d81d42d13a36fe4?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1873c94c42119ef95ad52d8c28bc79e8d80402b2c7953f5031d3ee499f195f26

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
837d8e3f72997bf68d81d42d13a36fe4
content-length
133647
last-modified
Wed, 22 Feb 2023 05:13:34 GMT
server
Akamai Image Manager
x-serial
821
etag
92d2996840612d559531b32f6b1f07b4-837d8e3f72997bf68d81d42d13a36fe4-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5118399
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 05:12:37 GMT
8202070069041c90c70807a73937f090
content.api.news/v3/images/bin/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8202070069041c90c70807a73937f090?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b0651ca51c66d069097a44e700ce92c4af40b42987d181891e3eb42ef7184495

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
8202070069041c90c70807a73937f090
content-length
74372
last-modified
Wed, 22 Feb 2023 04:42:58 GMT
server
Akamai Image Manager
x-serial
1942
etag
e2aae58b7755e99e4a79bdeec35105dd-8202070069041c90c70807a73937f090-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5116701
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 04:44:19 GMT
c41f0a864e359cdeeda6683bdfee4a51
content.api.news/v3/images/bin/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c41f0a864e359cdeeda6683bdfee4a51?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4234887a4c9024f9814bbd722d45b89a2e547abe0f842bcdce29f277cbed9666

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
c41f0a864e359cdeeda6683bdfee4a51
content-length
42640
last-modified
Wed, 22 Feb 2023 04:27:40 GMT
server
Akamai Image Manager
x-serial
1913
etag
f26b58751d2bf3b2875c4d855927103e-c41f0a864e359cdeeda6683bdfee4a51-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5115597
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 04:25:55 GMT
20c5d243fec4bc6a15e15d74800d00a7
content.api.news/v3/images/bin/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/20c5d243fec4bc6a15e15d74800d00a7?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d1cd1732afda8d086bca8281a43e3b622a0f1ad8b145686a9334a86dbe056254

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
20c5d243fec4bc6a15e15d74800d00a7
content-length
96009
last-modified
Wed, 22 Feb 2023 02:31:31 GMT
server
Akamai Image Manager
x-serial
1087
etag
aae9e29a8dfe1768b5b5fb5b0357652e-20c5d243fec4bc6a15e15d74800d00a7-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5108691
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 02:30:49 GMT
799652a33adfce158f40c8411b1af531
content.api.news/v3/images/bin/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/799652a33adfce158f40c8411b1af531?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ec9135edd58a3a2a6bfe25e9598c31fa8f48c5c84e8c8c3b79508742c0fe446a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
799652a33adfce158f40c8411b1af531
content-length
124341
last-modified
Wed, 22 Feb 2023 00:54:54 GMT
server
Akamai Image Manager
x-serial
1125
etag
49279844daddbcf6cbc49dc4ee4cd0e4-799652a33adfce158f40c8411b1af531-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5102956
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 23 Apr 2023 00:55:14 GMT
b94cbf05ef21ff2f6c16be3c9d579b16
content.api.news/v3/images/bin/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b94cbf05ef21ff2f6c16be3c9d579b16?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
52c784d524d2524b2da9d5951e288bf76a88929c42aa9db1d365602da50a28da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
b94cbf05ef21ff2f6c16be3c9d579b16
content-length
153504
last-modified
Tue, 21 Feb 2023 19:01:37 GMT
server
Akamai Image Manager
x-serial
623
etag
9fda5ea9ecf6789dc500947f019278d8-b94cbf05ef21ff2f6c16be3c9d579b16-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5081746
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 22 Apr 2023 19:01:44 GMT
1068f883a1ebc585c9e31d9060a19140
content.api.news/v3/images/bin/ 		150 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1068f883a1ebc585c9e31d9060a19140?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8224ff2bc3b73463011b9139a89a4a195d749e3ab63d286406d70696458e3bc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
last-modified
Mon, 13 Feb 2023 23:50:40 GMT
server
Akamai Image Manager
etag
d89d7b1c6587118e4f0887a04421dd08-1068f883a1ebc585c9e31d9060a19140-1280
edge-cache-tag
1068f883a1ebc585c9e31d9060a19140
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4407771
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
153638
expires
Fri, 14 Apr 2023 23:48:49 GMT
57f65806dad1733646085d82b76512a6
content.api.news/v3/images/bin/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/57f65806dad1733646085d82b76512a6?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
65623ba024c39f3e0fd17ce630f541d895db058b82ed92c78be467707add0d78

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
last-modified
Tue, 21 Feb 2023 19:12:28 GMT
server
Akamai Image Manager
etag
f5b88d70bbd8830687f933c848912f48-57f65806dad1733646085d82b76512a6-1280
edge-cache-tag
57f65806dad1733646085d82b76512a6
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5082267
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
154388
expires
Sat, 22 Apr 2023 19:10:25 GMT
scplus_article_tab.jpg
supercoach.heraldsun.com.au/assets/sites/news/lobby/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supercoach.heraldsun.com.au/assets/sites/news/lobby/images/scplus_article_tab.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-123.sin2.r.cloudfront.net
Software
CloudFront /
Resource Hash
a75147c46eb6d05dacd09e3990e7710cd2be3820344bb328a47967c764bd418d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 05:28:41 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
64638
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5296
x-xss-protection
1
last-modified
Wed, 22 Feb 2023 05:18:22 GMT
server
CloudFront
etag
"6b9c0e773ee39a7785b9c383c38a281a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
x-amz-cf-id
5zPuxRw02x94EDQj7wl-9sD1nacE1ozQYxSqb9-p01_8JOQ8eoSk8g==
x-content-security-policy
block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
fd1eea77d2efb0a6c172bb44fc1c671c
content.api.news/v3/images/bin/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fd1eea77d2efb0a6c172bb44fc1c671c?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e532c7c8985c6dc16308e53737a3ec58f9d55b1c28238382e0a14ff753fd2e14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
fd1eea77d2efb0a6c172bb44fc1c671c
content-length
88625
last-modified
Mon, 23 Jan 2023 00:44:47 GMT
server
Akamai Image Manager
x-serial
492
etag
06a2fe59f8f1cbde37ff246d35c3cbb4-fd1eea77d2efb0a6c172bb44fc1c671c-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5010143
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Fri, 21 Apr 2023 23:08:21 GMT
d7b0e940b1b174a6c0a615ce9ec97905
content.api.news/v3/images/bin/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d7b0e940b1b174a6c0a615ce9ec97905?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
53486081237ff1c635b6e07b05c6f1ff37e24d49c861ae550cdc562246729a4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
d7b0e940b1b174a6c0a615ce9ec97905
content-length
138524
last-modified
Mon, 23 Jan 2023 01:40:23 GMT
server
Akamai Image Manager
x-serial
479
etag
811a593e6d65fae5a44b11d5a753ee4b-d7b0e940b1b174a6c0a615ce9ec97905-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4700494
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 18 Apr 2023 09:07:32 GMT
739588a0bab8fd90f5c19ecc30c7e151
content.api.news/v3/images/bin/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/739588a0bab8fd90f5c19ecc30c7e151?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b11ba2b47d13da58bc505154d1c99abd2850b726ced6a63d94859e39f6433e6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
last-modified
Mon, 23 Jan 2023 00:44:48 GMT
server
Akamai Image Manager
etag
38b317b2ff8c521c257d5d22340be4d5-739588a0bab8fd90f5c19ecc30c7e151-1280
edge-cache-tag
739588a0bab8fd90f5c19ecc30c7e151
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183742
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
71572
expires
Sun, 23 Apr 2023 23:21:40 GMT
04e15490a8916f35ca794f08c55a6a64
content.api.news/v3/images/bin/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/04e15490a8916f35ca794f08c55a6a64?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6928d0fe26953781fdfc16657a58aab75b5801e7fe3b88700225e70dd3850dc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
last-modified
Mon, 23 Jan 2023 00:44:48 GMT
server
Akamai Image Manager
etag
9064301da5165a43b7d132964f79e1e3-04e15490a8916f35ca794f08c55a6a64-1280
edge-cache-tag
04e15490a8916f35ca794f08c55a6a64
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4686604
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
103301
expires
Tue, 18 Apr 2023 05:16:02 GMT
c0e5438b14145fd71e0dd8a921411e9c
content.api.news/v3/images/bin/ 		251 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c0e5438b14145fd71e0dd8a921411e9c?width=1280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-112.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8fb97144f37a70f7294a7fbd2ac3505a00cd8be084fa2935cc25557bc19c9e9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
x-check-cacheable
YES
edge-cache-tag
c0e5438b14145fd71e0dd8a921411e9c
content-length
256844
last-modified
Mon, 23 Jan 2023 00:44:49 GMT
server
Akamai Image Manager
x-serial
1292
etag
7f1832dd8c6ef0ff2a80eaff4ccea27a-c0e5438b14145fd71e0dd8a921411e9c-1280
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5010155
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Fri, 21 Apr 2023 23:08:33 GMT
/
geo.privacymanager.io/ 		31 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-49.mrs52.r.cloudfront.net
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:29:55 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 8ddb34cf6930071cc06ac942a8998048.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P4
age
78963
x-amzn-requestid
dfc8aee2-1968-4f31-89e5-ebb044ff575a
x-amzn-trace-id
Root=1-63f57013-5fc37e7d5ff0983148169823;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
At5zBEVnjoEFuKA=
content-length
31
x-amz-cf-id
mrwdGbrp0fBpUjuVZniwEmMIJizRzLDnQXaVvrhfqBlhMB1aaUZJpQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
fastlane.json
fastlane.rubiconproject.com/a/api/ 		503 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&p_pos=atf&rf=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=sport&tg_i.sec2=lobby&tg_i.pos=1&tg_i.kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.ad_unit=%2F5129%2Fsport.supercoach&tg_i.pbadslot=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=da0266ac-2185-46ce-ab92-2a477deb0b0d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-300x250-1&slots=1&rand=0.7234032556893759
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3879117cfe798c496513ff5f2f5a1de58d08d5d06c265d5593e3b0c68d0c271b

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
503
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		501 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=sport&tg_i.sec2=lobby&tg_i.pos=2&tg_i.kw=Fantasy%2CFantasy%20Team%2CFantasy%202022%2CSuperCoach&tg_i.ad_unit=%2F5129%2Fsport.supercoach&tg_i.pbadslot=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=0414969a-d24f-427f-90ea-376dc3cabcce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-728x90-1&slots=1&rand=0.6877830960893816
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2dd85571c4c7c27aab3744b87de05e9a621390c2664149281d234e3e7fd0ec8e

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
501
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=54557365296
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:25:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		259 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b9ab0adbf14bb925daf076ca8991eda8a0c1c7199ae0d818b3acb95fe728d26e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:25:58 GMT
AN-X-Request-Uuid
3441c06a-6e10-4687-a41d-f155afe6727b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
259
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=279193&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2210df22484ee31ff%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsupercoach.heraldsun.com.au%2F%3Fpagetype%3Dindex%26sec1%3Dsport%26sec2%3Dlobby%26sec3%3Dsupercoach%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2211807ac1e68446f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279193%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%221296ce9b932c7b6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fsport.supercoach%2Flobby%2Fheraldsun%2Fhome%2Fnull%2Fnull%23ad-block-728x90-1%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
831eb55b0683d70cbc8cfb526b99ea53d44fbc5e28594586bcff0ab7801a866e

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fv0twTGlhfBLkcQ16OyLSbqK1ySGpG7nZwtKNEb2UbuJjRjToMY7P2u6xchROyPSm8ex%2BtP0pT7Ht4wwYJWvI5mMvofbXHYSVKSyPnHNzvWjRh2b9m%2B5MA1rB%2BOe7UQny1Wxe0%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
79db7be79a032b3a-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://supercoach.heraldsun.com.au
date
Wed, 22 Feb 2023 23:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
019756e91511a9b21fb52a032cdee194824d572957a81063aa17276c4dcabfed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://supercoach.heraldsun.com.au
date
Wed, 22 Feb 2023 23:25:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d4807001-0ed6-4b80-8abb-4d13a600152c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9162f5ad-34dd-4362-b01a-93524857ac0b&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=0&txn_id=od3rn&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
145
date
Wed, 22 Feb 2023 23:25:59 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
c73e258facbea002
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
10efc91641232850400649087e0b83c9ff4e5a56b5f450fc49bfd5e1d3b1eab2
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d4807001-0ed6-4b80-8abb-4d13a600152c&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9162f5ad-34dd-4362-b01a-93524857ac0b&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=0&txn_id=od3rn&type=javascript&version=2.3.29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
145
date
Wed, 22 Feb 2023 23:25:58 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
4360058d0f89dab3
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
451efb56de59b943ae1a22d0c8673d7a4633adeeb7da199e17c6b8120f005181
content-length
43
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P16C8D000-5514-4C76-9A96-5F57C2693396.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-126.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
date
Wed, 22 Feb 2023 23:25:02 GMT
x-amz-cf-pop
SIN5-C1
age
56
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
SnlyKXqa8rXy9wiZJm4z8KU0yP9HvKIiM6YV-vD6Mhwd2F4BYBAnFg==
i
tr.snapchat.com/cm/ Frame F4B0 		672 B
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=4dd63809-64d7-47eb-8c17-1b1e3ac5bd62&u_scsid=afedab2d-623b-489a-bbd8-3a756230c994&u_sclid=82a4fa50-5205-4ce8-819f-d74357ddf8ba
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
gzip
content-type
text/html
date
Wed, 22 Feb 2023 23:25:58 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-envoy-upstream-service-time
11
4dd63809-64d7-47eb-8c17-1b1e3ac5bd62.js
tr.snapchat.com/config/au/ 		146 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/au/4dd63809-64d7-47eb-8c17-1b1e3ac5bd62.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
c1795a7307b29b1e9e38b821359f5d43e1eae27fbcc3d9f67b9867c17dc6327f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
Origin
https://supercoach.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://supercoach.heraldsun.com.au
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ 		68 B
88 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
pub
pixel.adsafeprotected.com/services/ 		594 B
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,728.1%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&slot=%7Bid:ad-block-320x60-1,ss:%5B320.60%5D,p:/5129/sport.supercoach/lobby/heraldsun/home/null/null,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=bd55113e-8551-33dd-0aaf-00bc6f2ff869&url=https%253A%252F%252Fsupercoach.heraldsun.com.au%252F
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-157-82.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e44465246d0b7f2f5357c5f87b449c532e1851148710f871fd0066ca9fa87fd1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
server
nginx
x-server-name
app03.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMC4wLjU0ODEuMTAwIFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJUaGUgSGVyYWxkIFN1biBLRkMgU3VwZXJDb2FjaCIsInBhZ2VfdXJsIjogImh0dHBzOi8vc3VwZXJjb2FjaC5oZXJhbGRzdW4uY29tLmF1LyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc3MTA4MzU4MjE3IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODY3YjcyYWMzZmVkOS0wNjJhNGE4NWVlYjM4NS02ODNmNTQ1Ny0xZDRjMDAtMTg2N2I3MmFjNDBmOGYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtc3lkMSIsImFjY291bnRJZCI6IDEzMjIyMiwidXJsIjogImh0dHBzOi8vc3VwZXJjb2FjaC5oZXJhbGRzdW4uY29tLmF1LyIsIndlYnNpdGVJZCI6IDEzMjIyNCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiMzkyYS03MTUyLTUxOGItODYyMC1jYzhkLWI0NGYtZGQ5OS05MDQ4Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NzcxMDgzNTgyMTQiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTU1Niwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDkuMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDkuMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY3NzEwODM1ODIxNywicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-c3ql
date
Wed, 22 Feb 2023 23:25:58 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13522&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&dom=supercoach.heraldsun.com.au&r=1677108358232&pvs=1&pvid=7e2d9055-9148-4155-84c1-9acaea8f61f4&c=true&tzOffset=0&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-118.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
dotmetrics-hit-status
01 OK
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
s4NViXZnP5AKOFyE_deFmF83yBHZusADRTaaUz0stRbUy6sWlRR04g==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13522&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&dom=supercoach.heraldsun.com.au&r=1677108358232&pvs=1&pvid=7e2d9055-9148-4155-84c1-9acaea8f61f4&c=true&tzOffset=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-116.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 02:56:38 GMT
via
1.1 5d49db79ec0e6c45ef2f26e185dbc432.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
73761
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
Gp9bTniFEBzZtIQSleusyve2O62nnIdA2tiSbkoftHXmDe7V5eLqEA==
Serving
bs.serving-sys.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=6666541127543128575&pageurl=$$https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$$&activityValues=$$Session%3D8761007569160887358$$&ns=0&rnd=7941613865742152&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.15.221 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-15-221.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8f6b34ea3932f96a9c2fb0f60afea518e40dba0f252ee7fb778b8e9c4be8918b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2219
expires
Sun, 05-Jun-2005 22:00:00 GMT
main.MTE3ZGZjMmFkMA.js
analytics.tiktok.com/i18n/pixel/static/ 		238 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5SVI0J6V74OJ29IA6K0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.85.210 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-50-85-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id
1b8a6969
date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202302211457440DCF4989157E99E5721C
vary
Accept-Encoding
x-cache
TCP_HIT from a184-50-85-206.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
013c553481a3e97af0e2b8c9fbd82713da1b03b6dd1eb1bf81a47839110958f9f7f97b375db1ad94c4837f9c6f1025cd853a3b34b1379a0fe88ced8834a65f177145568d7deb0165d36e505dd9f601c2b20bee86687a6bfa96390a0e3bce7dbfef
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length
66294
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1677108358263&id=t2_tgr1fjm3&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=c3b9dcd1-a9f9-4261-bdf1-e9d855b1acff&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.211.184.0 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-211-184-0.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 22 Feb 2023 23:25:59 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.211.184.0 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-211-184-0.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://supercoach.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Wed, 22 Feb 2023 23:25:59 GMT
Server
nginx
dest5.html
newscorpau.demdex.net/ Frame 61A8 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.86.105 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-86-105.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-apse-1-v043-054ce572e.edge-apse.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
yt64w1jUSv4=
content-encoding
gzip
date
Wed, 22 Feb 2023 23:25:58 GMT
last-modified
Wed, 8 Feb 2023 11:27:06 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=24887871712852754643324220534104783600&ts=1677108358317
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
4e45ca3e7ea9d92653a436a506c1767bbc0cf8051cc689d4d8c0b24c71a3ea1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y-akhwAAADsqkAN9
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=24864091870457534263326627074444930026
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-akhwAAADsqkAN9
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-akhwAAADsqkAN9
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-07fdddb09.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IcEET50/RTs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-akhwAAADsqkAN9
Date
Wed, 22 Feb 2023 23:25:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
script.js
au-script.dotmetrics.net/Scripts/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=221
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-118.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
eb080e82d0cee3796eb1c80e76e1ccc63cb4cd82a86de8919f5a2be54c63a90f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
br
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 12:25:17 GMT
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"1d93fa63aee7467"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
tulPZS84BhtCaaLo5qlcL5lQuS6UuHTbQS9Evrq-DId1R7O9CyZVwQ==
/
geo.privacymanager.io/ 		31 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-49.mrs52.r.cloudfront.net
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 01:29:55 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 8ddb34cf6930071cc06ac942a8998048.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P4
age
78963
x-amzn-requestid
dfc8aee2-1968-4f31-89e5-ebb044ff575a
x-amzn-trace-id
Root=1-63f57013-5fc37e7d5ff0983148169823;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
At5zBEVnjoEFuKA=
content-length
31
x-amz-cf-id
7H7KxiypXOBCSVQSEmqQZHYk9DK9sYEJjpIz68-UfGCGCvsbcROUcQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=507884265&t=pageview&_s=1&dl=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ul=en-us&de=UTF-8&dt=The%20Herald%20Sun%20KFC%20SuperCoach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4EBAAUABAAAAACAAI~&jid=1871135380&gjid=566479264&cid=1360403360.1677108359&tid=UA-92560-41&_gid=1006446125.1677108359&_r=1&gtm=457e32f0&npa=1&z=930779478
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 1848 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-126.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1506
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 22 Feb 2023 23:00:53 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-id
BUFOXVF0NFKibPykWOiU7s2DCQ9RvM36IkgQjf6J-cxXSNtNjbARIQ==
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
scevent.min.js
sc-static.net/ Frame F4B0 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=4dd63809-64d7-47eb-8c17-1b1e3ac5bd62&u_scsid=afedab2d-623b-489a-bbd8-3a756230c994&u_sclid=82a4fa50-5205-4ce8-819f-d74357ddf8ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.14.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-14-254.sin5.r.cloudfront.net
Software
CloudFront /
Resource Hash
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:53:04 GMT
content-encoding
gzip
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN5-C1
age
9174
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
13327
x-amz-cf-id
GVe4AjNds-1qZDci2rtFYIFDQREuQQ6SX9BDkMwvwcAjo56orp0-6g==
/
www.google.com/pagead/1p-user-list/820460034/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820460034/?random=1677108357767&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tiba=The%20Herald%20Sun%20KFC%20SuperCoach&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3293668749&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820460034/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820460034/?random=1677108357767&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tiba=The%20Herald%20Sun%20KFC%20SuperCoach&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3293668749&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 5B4F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 22 Feb 2023 23:25:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B5454C7KEXDD38NFSR84

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 22 Feb 2023 23:25:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TMKFF41M4XBVQX92RGMG
identify_cab4d.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.85.210 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-50-85-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-akamai-request-id
1b8a6a07
date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230221145945549D8786BC7F4803ADBD
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a184-50-85-206.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
013c553481a3e97af0e2b8c9fbd82713da1b03b6dd1eb1bf81a47839110958f9f74a9e182523d8a0a3ad0c420609fc5761c97987f338c03732fa2d339d4efd0b87d926038d8fe87a23bd97e1a2d8ae39ff042c3f5ed4dd163193c9fe4047f26b81
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30907
pixel
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.85.210 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-50-85-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c23e4a77.1b8a6a28
date
Wed, 22 Feb 2023 23:25:59 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-50-85-206.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time
265,184.50.85.206
server-timing
cdn-cache; desc=MISS, edge; dur=237, origin; dur=32, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20230222232558DC40F3F6DE17994D95A2
x-cache-remote
TCP_MISS from a23-218-222-20.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
32,23.218.222.20
x-tt-trace-host
01f3257378d465fc4b4694cfa18dcad711b08157c728f67baf34e657dafe040bab316deb59d9bcb75af5bfbd80c8413de486a6d7f5975ed8a2063afadb0b89d731660bf12bc384a3a32de7055866e31880fc3e457dccdacd3eeed0affa8cdcc5d4d9f885934c25fbf4a5ab011443cca214
expires
Wed, 22 Feb 2023 23:25:59 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTM1MjIsImZsIjp0cnVlLCJkb20iOiJzdXBlcmNvYWNoLmhlcmFsZHN1bi5jb20uYXUiLCJsc28iOm51bGwsInVybCI6Imh0dHBzOi8vc3VwZXJjb2FjaC5oZXJhbGRzdW4uY29tLmF1LyIsInJ1cmwiOiIiLCJwdmlkIjoiN2UyZDkwNTUtOTE0OC00MTU1LTg0YzEtOWFjYWVhOGY2MWY0IiwidHpPZmZzZXQiOjAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1677108358807
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-118.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
6d2566403daace7e465d741fb9abc4615f81152735c1587460019f1dc08740fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
content-encoding
br
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
GBLPrlKqSyP2gOIHqFTlOOPBXUoeJLIaMQ5pFcmu4Cn2i1V2iXMWEw==
p
tr.snapchat.com/cm/ Frame 2B1D
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1677108358830&u_scsid=ce011f3d-121c-4f1f-92de-2b6e967020b8&u_sclid=ae5c2ef7-b150-4fca-9a32-5ff5764e75a2
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677055474946%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1677055474946%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1677055474946&pnid=140&pcid=6ee82581-78ce-4536-97c9-0cc14e785ed4
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1677055474946&pnid=140&pcid=6ee82581-78ce-4536-97c9-0cc14e785ed4
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Wed, 22 Feb 2023 23:25:59 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
12

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 22 Feb 2023 23:25:59 GMT
location
https://tr.snapchat.com/cm/p?rand=1677055474946&pnid=140&pcid=6ee82581-78ce-4536-97c9-0cc14e785ed4
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=24887871712852754643324220534104783600&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1677108358854
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bf694576cc8a6237e864b2e1294231925bbc7468c59fd42a3027d59a69f5e2ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-apse-1-v043-064094830.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
IrXf6ccmTV4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1565
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 1848 		44 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&sessionId=y6vdtbezmcosf0en7rera5gnmoy4v1677108358&c16=sdkv,bj.6.0.0&uoo=&fp_id=ezlx0ljucyfgjg1irwwxzpbtefknv1677108358&fp_cr_tm=1677108358533&fp_acc_tm=1677108358533&fp_emm_tm=1677108358533&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.107.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-107-159.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
y6vdtbezmcosf0en7rera5gnmoy4v1677108358.nuid.imrworldwide.com/ Frame 1848 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y6vdtbezmcosf0en7rera5gnmoy4v1677108358.nuid.imrworldwide.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-38.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 10:03:58 GMT
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
48121
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
gc1vwHhycNUcWlL4scNHUJ6nvmH_0RCTkN2v2GnHQTGuqJ8_BZJZpg==
ibs:dpid=358&dpuuid=3716421066496071668
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3716421066496071668
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3716421066496071668
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-0c7bd474d.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
eptChe0dSYw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Wed, 22 Feb 2023 23:25:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9c932c20-7c87-4539-bb1a-28dd8e7d6157
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3716421066496071668
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s74842248071826
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s74842248071826?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=22%2F1%2F2023%2023%3A25%3A59%203%200&d.&nsid=0&jsonv=1&.d&mid=24887871712852754643324220534104783600&aamlh=3&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Csport%7Cindex%7Clobby-supercoach-lobby-index&g=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D5%2Cevent18%2Cevent63%3D82&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Csport%7Clobby%7Csupercoach%7Clobby%7Cindex&l1=custom%3A1%7Cmrec%3A1%7Cleaderboard%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&l2=fantasy%2Cfantasy%20team%2Cfantasy%202022%2Csupercoach&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=sport&c5=D%3Dv5&v5=lobby&c6=D%3Dv6&v6=supercoach&c7=D%3Dv7&v7=lobby&c8=D%3Dv8&v8=index&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=10%3A25%20AM%7CThursday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=D%3Dv60&v60=82&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cvic%7Cmelbourne%7C-37.82%7C144.97%7Cgmt%2B10%7Cunknown&v79=au&v80=00000000000000000000000000000000-00000000000000000000000000000000-1677108356446-492308&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
97304e66cf7a4feb4c4a154f97581cd0b7256d12040ebcc00fc9b10f432a8a5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-aam-tid
mHt+UqELTg4=
date
Wed, 22 Feb 2023 23:25:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4958
x-xss-protection
1; mode=block
dcs
dcs-prod-apse-2-v043-0a07165ef.edge-apse.demdex.com 4 ms
pragma
no-cache
last-modified
Thu, 23 Feb 2023 23:25:59 GMT
server
jag
etag
3601562778202832896-4619592208723292520
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 21 Feb 2023 23:25:59 GMT
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
5328f9898f37c3b22b25977eacfe5c2abfadf0d0e263704693b831c3fa6d9b1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:25:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/ Frame 61A8 		0
0
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1757731811273228&ev=Microdata&dl=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&rl=&if=false&ts=1677108359140&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Herald%20Sun%20KFC%20SuperCoach%22%2C%22meta%3Adescription%22%3A%22KFC%20SuperCoach%20is%20the%20free%20fantasy%20competition%20you%20and%20your%20friends%20and%20workmates%20can%20enter%20and%20play%20to%20win%20some%20fantastic%20prizes%22%2C%22meta%3Akeywords%22%3A%22Fantasy%2C%20Fantasy%20Team%2C%20Fantasy%202022%2C%20SuperCoach%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.2.1677108357606.285136871&it=1677108357081&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.15.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 22 Feb 2023 23:25:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ibs:dpid=481&dpuuid=LEGB0JLT-G-DPD
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=24864091870457534263326627074444930026&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGB0JLT-G-DPD?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGB0JLT-G-DPD?gdpr=0
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-05bc2a4b1.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sYr3xgjSR0o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LEGB0JLT-G-DPD?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEAJ3ZyHiuI8O2iGDgATyXJw&google_cver=1
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjQ4NjQwOTE4NzA0NTc1MzQyNjMzMjY2MjcwNzQ0NDQ5MzAwMjY=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAJ3ZyHiuI8O2iGDgATyXJw&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAJ3ZyHiuI8O2iGDgATyXJw&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-08dc53168.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ku2VQv6bTvU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAJ3ZyHiuI8O2iGDgATyXJw&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=c1bb5659-86dd-4534-b6ac-f3c582eac470
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=supercoach.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=c1bb5659-86dd-4534-b6ac-f3c582eac470
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=c1bb5659-86dd-4534-b6ac-f3c582eac470
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcscanary-prod-apse-1-v055-099d73127.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RL8kv/zqTOU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=c1bb5659-86dd-4534-b6ac-f3c582eac470
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
interact
edge.adobedc.net/ee/v1/ 		727 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=18a74497-85b1-4035-b527-a01368c898b8
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
caac47853b9bdeaeffc3feff26b9902c0066cc16cc49aef7eca193d1d7f20b3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
SGP3;3
x-xss-protection
1; mode=block
x-request-id
18a74497-85b1-4035-b527-a01368c898b8
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
23.2.29:cafa17b8
up_loader.1.1.0.js
js.adsrvr.org/ Frame C497 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 00:26:10 GMT
Content-Encoding
gzip
Via
1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
82790
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
j3bdvL2aB6jdf0ckNodHih4Y8f4vB-vhupXeJJh5uEGuT1NToZ1stA==
uwt.js
static.ads-twitter.com/ Frame 99F0 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1235-QPG
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame C559 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.116.82 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-116-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=37429
accept-ranges
bytes
content-length
4777
js
www.googletagmanager.com/gtag/ Frame 6759 		129 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
1fbda1e46b2b2849d1d5cc62ef5b99d26636e1a12d92edd11ed919d01bc5807a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50864
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:25:59 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 0F19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 00:26:10 GMT
Content-Encoding
gzip
Via
1.1 bde90de775f830a27e211540ca659966.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
82790
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
64XZu_RY9yecN9bHqW4djllr1oP4r4bYeRZrABhnmiFqDQltOGkJBQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 0610 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires
Fri, 27 Jan 2023 02:11:02 GMT
Date
Wed, 22 Feb 2023 23:26:00 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
76446
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-fty21366-FTY
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1677108360.191164,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
24, 7805
activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254
8228261.fls.doubleclick.net/ Frame E982
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=547776225476...
402 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254?
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
d73aaa768b49658e4e4d4049008a04783f4c668c299cf5b0286352257ae1adc3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:00 GMT
expires
Wed, 22 Feb 2023 23:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:25:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 7C42 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
53d1ab4be4067c13985d6031f5a843bbedc9dfb7dbea0ee73dd8065bd75c647b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67072
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 22:24:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Feb 2023 23:25:59 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 6B86 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
f3928327fb9a23ef29178326793ba7b88b176a55c108144e6dab537feff6f55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17000
x-xss-protection
0
server
cafe
etag
14618656116840985263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 23:25:59 GMT
px
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:25:59 GMT
AN-X-Request-Uuid
0d3226fc-2d5e-4e49-b7a9-23b1cf2d07f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 61A8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v043-01d4c9963.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CJHrCf5IRN4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyIptO41H1q%2FLEhXQqi1CD6NeMd7mfTYLC7ZLz8065prDr2SRkUEEscYXZY3%2Fjcg5lLr0v4PjUOrPxtmW7nACDPOaN5s%2BPZAws%2FUnLYZutRH35MxkOP06nXaUPzMSDwD%2BcY10EGx"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697
cache-control
no-cache
cf-ray
79db7bf26c165a7f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
adsct
t.co/i/ Frame 99F0 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=ff681b7b-8bd8-4c61-9fa6-bd48eee20006&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=745f947d-bf5c-4e1a-8bcb-0fb824f51649&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
147
date
Wed, 22 Feb 2023 23:25:59 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
24f17aa210d90197
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
10efc91641232850400649087e0b83c9ff4e5a56b5f450fc49bfd5e1d3b1eab2
content-length
43
adsct
analytics.twitter.com/i/ Frame 99F0 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ff681b7b-8bd8-4c61-9fa6-bd48eee20006&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=745f947d-bf5c-4e1a-8bcb-0fb824f51649&tw_document_href=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
148
date
Wed, 22 Feb 2023 23:25:59 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
c80d43a88a701e41
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
451efb56de59b943ae1a22d0c8673d7a4633adeeb7da199e17c6b8120f005181
content-length
43
ibs:dpid=30432&dpuuid=CI-0be81a86c8bd33659032bd6292cd5417
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=24864091870457534263326627074444930026&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0be81a86c8bd33659032bd6292cd5417
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0be81a86c8bd33659032bd6292cd5417
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v043-036fdd517.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qDwh9iPeTyk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-0be81a86c8bd33659032bd6292cd5417
Date
Wed, 22 Feb 2023 23:26:00 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=24864091870457534263326627074444930026&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=24864091870457534263326627074444930026&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v043-0f2328cdf.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
NvkED0NfTx0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 22 Feb 2023 23:26:00 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 6759 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1677108359900&cv=11&fst=1677108359900&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&auid=1829578373.1677108358&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
869063410ae46c8f64343b2faaca750ff275cfce302b9e809082d483d3ab6a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:25:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
867
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 61A8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=24864091870457534263326627074444930026
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24864091870457534263326627074444930026
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24864091870457534263326627074444930026
Protocol
H2
Server
44.230.85.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-230-85-187.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-served-by
beacon-n017-pdx-prod.krxd.net
date
Wed, 22 Feb 2023 23:26:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1677108361
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=24864091870457534263326627074444930026
date
Wed, 22 Feb 2023 23:26:00 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
token
cdn.linkedin.oribi.io/partner/1765380/domain/supercoach.heraldsun.com.au/ Frame C559 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/supercoach.heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-96.sin2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:22:34 GMT
content-encoding
gzip
via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
206
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
8qCTl-G0h8ecUKL6ijil8nEUykr1Iv69LkED_SfVNSJOfB3AxOMMbA==
collect
px.ads.linkedin.com/ Frame C559
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1677108360016%26url%3Dhttps%253A%252F%252Fsupercoach.heraldsun.c...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
0
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9D3FC9733E404EA7914FFD31DA50F82E Ref B: MEL01EDGE1712 Ref C: 2023-02-22T23:26:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1Ujgfv/t2/AA/21SjhA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 23:26:00 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAX1UjgbuS2R4/0SGQqGbQ==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7DB62271BD3F433A8FD4F17129A4F04B Ref B: MEL01EDGE1712 Ref C: 2023-02-22T23:26:00Z
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1677108360016&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 7C42 		2 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1677108360033&cv=11&fst=1677108360033&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&auid=1829578373.1677108358&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
0400405f195033304c0e22cf6c198294858dc3053af119df665ff6fe60804b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
868
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=supercoach.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=supercoach.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		76 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1746177615139573&correlator=3168821035955417&hxva=1&scor=3910195698054828&eid=31072518%2C31072600&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=5129%2Csport.supercoach%2Clobby%2Cheraldsun%2Chome%2Cnull&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F5%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F5&prev_iu_szs=728x90%7C728x1%2C300x250%2C1000x50%7C728x1%2C320x60&ifi=1&adks=3609102832%2C260713786%2C2482821370%2C620080836&sfv=1-0-40&prev_scp=pos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D48ca973f-b308-11ed-a508-02aa41dfc264%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3De1d7gg%26amznp%3Dkwl5og%26id%3D48ca9740-b308-11ed-a508-02aa41dfc264%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%26vw10%3D40%26pub%3D40%2C50%26amzniid%3DJPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn%26amznsz%3D300x250%7Cpos%3D1%26refreshed%3Dfalse%26id%3D48ca9741-b308-11ed-a508-02aa41dfc264%7Cpos%3D1%26refreshed%3Dfalse%26id%3D48ca9742-b308-11ed-a508-02aa41dfc264&eri=1&cust_params=us%3Db%26s%3D0%26kw%3DFantasy%252CFantasy%2520Team%252CFantasy%25202022%252CSuperCoach%26sec1%3Dlobby%26sec2%3Dheraldsun%26sec3%3Dhome%26sec4%3Dnull%26sec5%3Dnull%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26pid%3Dnot%2520set%26adl%3Dfalse%26abtest%3Da%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1677108356446-492308%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005109_PG%252CIAS_3006644_PG%252CIAS_3007987_PG%252CIAS_3005061_PG&sc=1&cookie_enabled=1&abxe=1&dt=1677108360070&lmt=1677043110&dlt=1677108349683&idt=8219&adxs=440%2C995%2C300%2C1280&adys=5364%2C700%2C5541%2C30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&frm=20&vis=1&psz=900x-1%7C300x-1%7C1600x-1%7C321x-1&msz=720x-1%7C300x-1%7C1600x-1%7C320x-1&fws=516%2C516%2C516%2C516&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1360403360.1677108359&ga_sid=1677108360&ga_hid=507884265&ga_fc=true
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
9cf8994e9d3f7846bb4d2137dc00af5e7fddf8f5d9f627e8f3baaee58d17a69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22802
x-xss-protection
0
google-lineitem-id
5084295962,6085339805,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138421800276,138400684317,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://supercoach.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
e028e913b35513540d2d8b87956782c205b5950f17abf55680476bf071910040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11206
x-xss-protection
0
container.html
22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A24 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:00 GMT
expires
Thu, 22 Feb 2024 23:26:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 61A8
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=24864091870457534263326627074444930026&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Protocol
HTTP/1.1
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-0c4da24e1.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Gtgw3hKCTsA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Wed, 22 Feb 2023 23:26:00 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 6B86 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1677108360103&cv=9&fst=1677108360103&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
2b07953616626dfca6562071ea6c90d9f6ddfc923ff9568323e8459db87615c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
935
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 9CD3 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d6be591c82bf92f1e6051b41e863f566d0529ce796014e7aae15548ad4d7bf49
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 22 Feb 2023 23:26:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FCV5NZYS5T6THQ6J09G3
tme
lm.serving-sys.com/lm/ 		0
193 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.226.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-226-167.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://supercoach.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
/
www.google.com/pagead/1p-user-list/707564276/ Frame 6759 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1677108359900&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2718458302&rmt_tld=0&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 6759 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1677108359900&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2718458302&rmt_tld=1&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Feb 2023 23:26:00 GMT
pixel
cm.g.doubleclick.net/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1ha2h3QUFBRHNxa0FOOQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1ha2h3QUFBRHNxa0FOOQ==
Protocol
H3
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fty21361-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108361.888191,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WS1ha2h3QUFBRHNxa0FOOQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254
adservice.google.com/ddm/fls/z/ Frame E982 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP3lrMCjqv0CFYIQtwAd_CYAsg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5477762254763.254?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 7C42 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1677108360033&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1789116820&rmt_tld=0&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 7C42 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1677108360033&cv=11&fst=1677106800000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1789116820&rmt_tld=1&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 6B86 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1677108360103&cv=9&fst=1677106800000&num=1&guid=ON&eid=376635470%2C375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1933033929&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 6B86 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1677108360103&cv=9&fst=1677106800000&num=1&guid=ON&eid=376635470%2C375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1933033929&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-akhwAAADsqkAN9&expires=90
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-akhwAAADsqkAN9&expires=90
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fty21361-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108361.888053,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y-akhwAAADsqkAN9&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixie
ib.adnxs.com/ Frame 0610 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1677108360331&v=0.0.20&u=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&r=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&st=1677108360331&et=1677108360331&if=1
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-akhwAAADsqkAN9
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-akhwAAADsqkAN9
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21361-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108361.888075,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y-akhwAAADsqkAN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch
ssum-sec.casalemedia.com/ Frame 1B5F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c967d0a3bf0e504606e5362d713985b53d04e8570511e444ff6565b589c225f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79db7bf60e493776-MEL
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 23:26:00 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEaoCIKcttaGTL7PTXmP9MZ8nFiZj%2FdRLND1PSL0ykm00545teaUMieXHRF68pqoLDtDqC3jH0XKnBpNEkyOeOyuFXGiG7iFRaTwHcHNZ8BhW%2Fe6w03LG1%2FGXLY7ohz5%2BqU1ytU5xivZAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 75FD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 23:26:00 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FF9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=171951
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Feb 2023 23:26:00 GMT
expires
Fri, 24 Feb 2023 23:11:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
up
insight.adsrvr.org/track/ Frame BF88 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
f433743c1338cb35777ffd51f4c2731b3a027e1a6225bc2b6824f70cd2ea6352

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:26:00 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame 9B06 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
4227501cdf63e0b4e2b919c7f06b718654c589053d8acefd5630e905742c9fbb

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:26:00 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
setuid
ib.adnxs.com/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y-akhwAAADsqkAN9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y-akhwAAADsqkAN9
Protocol
HTTP/1.1
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:01 GMT
AN-X-Request-Uuid
54410dd7-743a-4cdb-8830-e5ed50deaff9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-fty21361-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108361.888111,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y-akhwAAADsqkAN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_c16_sport_S&asn=sport&fp_id=ezlx0ljucyfgjg1irwwxzpbtefknv1677108358&fp_cr_tm=1677108358533&fp_acc_tm=1677108358533&fp_emm_tm=1677108358533&ve_id=&sessionId=y6vdtbezmcosf0en7rera5gnmoy4v1677108358&prv=1&c6=vc,c16&ca=NA&c13=asid,P16C8D000-5514-4C76-9A96-5F57C2693396&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,jwip3bfl10g0yagjdycuayhh1shma1677108358&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16771083585307030&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1677108357025&c3=st,c&c64=starttm,1677108360&adid=1677108357025&c58=isLive,false&c59=sesid,&c61=createtm,1677108359&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1677108359&rnd=234532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.107.159 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-107-159.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame BF88 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 01:02:35 GMT
Via
1.1 bde90de775f830a27e211540ca659966.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
80637
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
UQFZ_EpCXscmsZZsHRGNYPYlDWrknPRilSi0Fg70IGzX7Gl-sHU3PA==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 9B06 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 01:02:04 GMT
Via
1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
80637
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
KnQSH16ePBU2I-pPK-6TYjF4tGpDq_CtBP2DRADQb9QCxUTvINhLew==
sd
us-u.openx.net/w/1.0/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y-akhwAAADsqkAN9
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-akhwAAADsqkAN9
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-akhwAAADsqkAN9
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y-akhwAAADsqkAN9
date
Wed, 22 Feb 2023 23:26:01 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:26:01 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
05JB8W2M8TEFTAEY
age
717
etag
W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79db7bf67f565aac-MEL
x-amz-id-2
Ns6nOlgXRikn/KyUpks7IU1Kgqcq/E350tr1D4xxC0xvspV0qPKaDNsTUdycdyrndAdUxdxIJdI=
view
securepubads.g.doubleclick.net/pcs/ Frame 32FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumA75e24fECjfW_M05exGOcftAWQFWkXf05cU4d-xkuSYll_tA_IXJQvc7Uj4Zg5cWps6fAR2rCYozsGoHOS_B05CgHYxjt-7_PUXGygy_qIG2X37JaeTcB8ArrO7jckaFpYiJjFMeuLWGwR2s574zQlWeVUNdIM4KLv3Rrmfs_Wup8hyjHCnkwzB0Kji3KjBRfemLBMcbVzd8FEb8atIkZNNvVb0gkcIJ20FlQZFgtaVwjEfYjOiayvqKDV9i33Etogw6N2zjKjA6jlO8oIQcSuFslXpep3x2Zv-Nk2eAu2505cy5m3-8tkY1x5pUN3PHMsJJ2tDHdMwDjJSIkwRH_arQz8aCxrhifMw-5sarL4dNuz8H9tEOLQ&sai=AMfl-YRmO8PWafdionCVOHN2ZjwWGusvFWQ2HIKeML5HmNGySkki6fR9ZyzcMxz2Y6Ir8xQewBQRXAFW3Vj2ONj81ezHf_5gFtHV93WG26M2_Cngl5z4f4s7uRaYlxnCPnI&sig=Cg0ArKJSzFMR1WFyZra1EAE&uach_m=[UACH]&adurl=
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/ Frame 32FD 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
17119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8814
x-xss-protection
0
server
cafe
etag
11378319237421819138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 18:40:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 32FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:27:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
7087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 21:27:54 GMT
l
www.google.com/ads/measurement/ Frame 32FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRBOzNboB07JonKRzD-5uyF7SHupPgejoUnjC64ATnhRwtcKHb4aaNvK0eZ6HlVIVbxiBhT2Gg60H50nS1xM1VU6rjQA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 32FD 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:26:01 GMT
8742336035832898181
tpc.googlesyndication.com/simgad/ Frame 32FD 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8742336035832898181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
ef259123763f8cf2ff351adc6fbe0cd45234ecd1014c38d7c93b78c28bff31f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 14:56:51 GMT
x-content-type-options
nosniff
age
203350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57105
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 06:10:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 20 Feb 2024 14:56:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E8FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5Ii0IldHuQXwC-lYq3XdjBgbj-mShhu8xUyH4b9fPNVpfyzxet-JQNgH9Q28JnfqjnsDvfKSxJlUFLcFhu2_dRzHOw-VAAFKX6I8_arfoZzbb51dmJtJ6TSa6A6UWCp3fCOD3KsWb1H2lIRHC1v6n2N8NIdkZFcvOtM-QWh_jtutWG0jwST8hPuAtYh8VdzgJmOJEULeebBuqmKH8gd_4Na1dxitNPjMQcSMqhJ6XHQk633RA7bVKJBXK-hWqzmKvP1Cik6VNHMjGiGsxvAnKjdwh4s29hR2ZwymxfTCsOf-vAO8-xr_dtgQuKV5nui3t7Vv5wMXbU2rLwAyg9sPU5u86Y8--StrPAg_jlrEhojgS7zGJAyMcU1lY-Q&sai=AMfl-YTCkVQV_YoqzQ4QKN-t0pVPZJTcL1hpLBS2WYjg8zOnxhGozp8FQYRiaU7_DjmhA9IAUojF-OfoxAdeATZTQtcD1d0jWg8APUdLRPBc8V49QAyW3c82w8J-qTxiqMY&sig=Cg0ArKJSzM7fLouj64j3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E8FF 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js?cb=31072600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:26:01 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-akhwAAADsqkAN9
1 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-akhwAAADsqkAN9
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:26:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-fty21361-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108361.888170,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-akhwAAADsqkAN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 7FF9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6914296&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5af5de069385501001b91e4ea1cd24d0cc059fe9141d2a29b9022110a02f9edf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Feb 2023 23:26:01 GMT
content-length
1763
content-type
text/html; charset=UTF-8
google
match.adsrvr.org/track/cmf/ Frame D0C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YzFiYjU2NTktODZkZC00NTM0LWI2YWMtZjNjNTgyZWFjNDcw&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c58...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
70 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:26:00 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 24C5
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:26:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame F1FC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
70 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:26:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Wed, 22 Feb 2023 23:26:01 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
generic
match.adsrvr.org/track/cmf/ Frame 47F2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=c1bb5659-86dd-4534-b6ac-f3c582eac470&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
70 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:26:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Wed, 22 Feb 2023 23:26:01 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-sihbs5BE2uLtgHAYFISfcfd4HxXWgXc-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
google
match.adsrvr.org/track/cmf/ Frame B152
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YzFiYjU2NTktODZkZC00NTM0LWI2YWMtZjNjNTgyZWFjNDcw&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c58...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
70 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:26:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=c1bb5659-86dd-4534-b6ac-f3c582eac470&google_gid=CAESEGxO4pEQ00qpXn68fFTVWKI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 364B
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
609 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 22 Feb 2023 23:26:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
content-length
0
increment
id5-sync.com/api/esp/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://supercoach.heraldsun.com.au
date
Wed, 22 Feb 2023 23:26:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
partner
sync.search.spotxchange.com/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-akhwAAADsqkAN9&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-akhwAAADsqkAN9&img=1&__user_check__=1&sync_id=450050da-b308-11ed-8b3c-1682dc250407
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y-akhwAAADsqkAN9&img=1&__user_check__=1&sync_id=450050da-b308-11ed-8b3c-1682dc250407
Protocol
HTTP/1.1
Server
103.71.26.126 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
42
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 22 Feb 2023 23:26:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y-akhwAAADsqkAN9&img=1&__user_check__=1&sync_id=450050da-b308-11ed-8b3c-1682dc250407
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
54
Connection
keep-alive
Content-Length
0
syncframe
gum.criteo.com/ Frame 578D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:00 GMT
server
Kestrel
server-processing-duration-in-ticks
959438
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
08521ed33214df099c037cff71468eb0c565633081ace195c9da6eb85a16c0fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 13 Feb 2023 18:43:00 GMT
server
nginx
etag
W/"63ea84b4-162c6"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Feb 2023 23:26:01 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1B5F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_akh5Yzh6T3zdtwG7umwAAAElkAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKk7mCy2q51jUTyWuBFD8Fw&google_cver=1
43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKk7mCy2q51jUTyWuBFD8Fw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA3%2BGpZe4UZmO5Iq7%2FHWJm5UMiuaUecEASSiIqUnxArd1rCwmIvnl%2BkC5J0lmP5YjKm6YRk34loWizcUrG9CORvylN9JXyOkoKf3Pq8DL66GP6kLAHZCKO8Z%2FXgP5pRhGVOJc%2B5abSSvNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
79db7bf909993776-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEKk7mCy2q51jUTyWuBFD8Fw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1B5F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y_akh5Yzh6T3zdtwG7umwAAAElkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BYT0DBNB5J31E0HNRQAC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1B5F 		70 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 1B5F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-akh5Yzh6T3zdtwG7umwAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMAbB38vL9HdoznKTmGDPR8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMAbB38vL9HdoznKTmGDPR8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMAbB38vL9HdoznKTmGDPR8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1B5F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=fpU-dTwnwsu6ogjH_RDJ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2ZTQKUWWI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=fpU-dTwnwsu6ogjH_RDJ
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=fpU-dTwnwsu6ogjH_RDJ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=fpU-dTwnwsu6ogjH_RDJ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame 1B5F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f316238e-7a8d-c3f7-37e8ffa1
43 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f316238e-7a8d-c3f7-37e8ffa1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yej2NHeIY%2FEQ9M3MV65otQhTifi6Pnr7fdt%2BTteA%2Bme8ZIdvfqKjfxV33J%2FadSkBKRhM6lkv%2Bix4Gsl4Aybix1itr38JbaRbHccjFqAMwToih87Mf71jiVI%2Bvn6tQ4Wc%2BuzFVuyq"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
79db7bfbeeec2b34-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 22 Feb 2023 23:26:01 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=f316238e-7a8d-c3f7-37e8ffa1
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697
dpm.demdex.net/ Frame 1B5F 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y-akh5Yzh6T3zdtwG7umwAAA%264697?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.236.77 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v043-0276d6ee0.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jVLXRptWSlo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cs
ad.turn.com/r/ Frame 1B5F 		0
0
ecm3
s.amazon-adsystem.com/ Frame 1B5F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y_akh5Yzh6T3zdtwG7umwAAAElkAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CEKH4TCVQ8S0P8MMYBAD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
b.php
www.facebook.com/fr/ Frame 61A8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-akhwAAADsqkAN9&t=2592000&o=0
43 B
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-akhwAAADsqkAN9&t=2592000&o=0
Protocol
H3
Server
157.240.15.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 15:26:01 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
duNJy96a8vHPKsHDSf0ddQwJ03RF4L49iMQTe4CJDgh/Ysla+0h4jQyhkhixc42N+FQpkIrey6I973wCCh5DaA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 22 Feb 2023 15:26:01 PST

Redirect headers

x-served-by
cache-fty21361-FTY
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1677108361.072529,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y-akhwAAADsqkAN9&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 75FD 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 22:31:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83074
Connection
keep-alive
Content-Length
10007
Expires
Thu, 23 Feb 2023 22:30:35 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-103.sin5.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
x-amzn-trace-id
Root=1-63f6a489-4532c2347d221d640cdb1cba
x-amzn-requestid
5d4d36cd-128c-4821-aa31-53b3c3c9a638
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
Aw6lhHwdjoEFv7A=
content-length
25
x-amz-cf-id
PijwdrMhYZO8QgbYLuV5WGtN6VZB3IKLVZ3o39BkSw9wOVg927pX0w==
cm
trc.taboola.com/sg/adobe/1/ Frame 61A8 		43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms
420
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:02 GMT
via
1.1 varnish
x-served-by
cache-fty21380-FTY
server
nginx
x-timer
S1677108362.736117,VS0,VE420
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame 75FD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LEGB0JLT-G-DPD
  • https://s.amazon-adsystem.com/ecm3?id=LEGB0JLT-G-DPD&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LEGB0JLT-G-DPD&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0Z54S5QM9BR8QAGGH9KE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LEGB0JLT-G-DPD&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a414d61fde5a538d1bc5c621aec59518
Expires
0
0
sync.1rx.io/usersync/adobe/ Frame 61A8 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.40.73.5 Queenstown Estate, Singapore, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
truncated
/ Frame 32FD 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
032e643e873bcbcb7c649cfb7fc1a205923457596aea888152fca9e3b0e38c8d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
rubicon
match.adsrvr.org/track/cmf/ Frame 75FD 		70 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 75FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGB0JLT-G-DPD
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGB0JLT-G-DPD
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CC300011176E474A8929C9EB803C1AB0 Ref B: MEL01EDGE1712 Ref C: 2023-02-22T23:26:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX1Ujgjlf9ai5TiVc+YFg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEGB0JLT-G-DPD
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 75FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vgIQ_BEeo9cMHiCeQPspGw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EuaKp0xE2oJxsRMjI_q5095srMaCPLz6bViQuw--~A
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EuaKp0xE2oJxsRMjI_q5095srMaCPLz6bViQuw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 22 Feb 2023 23:26:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EuaKp0xE2oJxsRMjI_q5095srMaCPLz6bViQuw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQjBKTFQtRy1EUEQ=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQjBKTFQtRy1EUEQ=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVHQjBKTFQtRy1EUEQ=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 75FD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YX240Q74KQ86KQET3YH4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 75FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfMrtZICxyV0EA2Y6YK0nc&google_cver=1
42 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfMrtZICxyV0EA2Y6YK0nc&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfMrtZICxyV0EA2Y6YK0nc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 75FD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MI2MrWdbSkiUzT06M1ujHQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MI2MrWdbSkiUzT06M1ujHQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MI2MrWdbSkiUzT06M1ujHQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JJN8VREQ6XDZPJJ9APN1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MI2MrWdbSkiUzT06M1ujHQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 75FD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTg2ZDU5ZTUzYzQzZTc3ZTQwZTRiNTRhNDE2MzNiMzg1ZTg0MTZmZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTg2ZDU5ZTUzYzQzZTc3ZTQwZTRiNTRhNDE2MzNiMzg1ZTg0MTZmZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTg2ZDU5ZTUzYzQzZTc3ZTQwZTRiNTRhNDE2MzNiMzg1ZTg0MTZmZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 1C51 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9CC6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1c863f6-a489-4e00-a619-888cbd7452d3&gdpr=0&gdpr_consent=
42 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1c863f6-a489-4e00-a619-888cbd7452d3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 22 Feb 2023 23:26:02 GMT
Expires
Wed, 22 Feb 2023 23:26:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 475 4bd2ccd master nrt-pixel-x14 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f1c863f6-a489-4e00-a619-888cbd7452d3&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 8853 		85 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 22 Feb 2023 23:26:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fty21361-FTY
x-timer
S1677108361.401200,VS0,VE16
ecm3
s.amazon-adsystem.com/ Frame 6A7B 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID903B7E43-C2B2-4D66-B2CB-DCCD52297D7C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Feb 2023 23:26:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2RVQSPXZZ0JTB5FR1431
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kDt-Q8KyTWayy9zNUil9fA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=171950
accept-ranges
bytes
content-length
5554
expires
Fri, 24 Feb 2023 23:11:51 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveramp.com
pippio.com/api/ Frame 7FF9
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkwM0I3RTQzLUMyQjItNEQ2Ni1CMkNCLURDQ0Q1MjI5N0Q3QxAAGg0IicnanwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=5dc4d688b874fbf85ddb6d90f1384469975e0c94ec8eca53bb884ae422522ada791426b5417dce21&_=2
  • https://pippio.com/api/liveramp.com
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/liveramp.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date
Wed, 22 Feb 2023 23:26:02 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
liveramp.com
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
info
uipglob.semasio.net/pubmatic/1/ Frame 7FF9 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 7FF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTAzQjdFNDMtQzJCMi00RDY2LUIyQ0ItRENDRDUyMjk3RDdD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7FF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDN6o11hFvUC45YuT7nbyYg&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDN6o11hFvUC45YuT7nbyYg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDN6o11hFvUC45YuT7nbyYg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7FF9 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 21 Feb 2023 23:26:01 GMT
903B7E43-C2B2-4D66-B2CB-DCCD52297D7C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7FF9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/903B7E43-C2B2-4D66-B2CB-DCCD52297D7C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.150.118 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-150-118.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
json
gum.criteo.com/sid/ Frame 578D 		459 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=supercoach.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cd1744b555cfa1ca043621bc929fdcf452e5bf1fc80dc7735e690f8a87950f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=supercoach.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1908082
expires
0
truncated
/ Frame E8FF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b15c102ae2b5b89963d7c78bff8be72bebeba53c7b178347f954b4359fb5639

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 26FD 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=5188567880&chanId=21942072462&placementId=6085339805&pubCreative=138400684317&pubOrder=3064375127&cb=1575262712&custom=index&custom3=21851376062&adsafe_par&impId=48ca9740-b308-11ed-a508-02aa41dfc264
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-157-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b1f34ed518e2039af2b9f37ac95d38f592092df7a1a51cf927c3d23dc938aba0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
admi
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame 5C8A 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7639e4680fed5066d603770930ba8bee08acc6cec2d004683fbbdce24f25c44f

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2824
Content-Type
text/html;charset=UTF-8
Date
Wed, 22 Feb 2023 23:26:01 GMT
Server
Server
Vary
Accept-Encoding,User-Agent
csm_othersv5.js
c.amazon-adsystem.com/bao-csm/direct/ Frame E8FF 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/direct/csm_othersv5.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 18:33:14 GMT
content-encoding
gzip
via
1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
x-amz-version-id
sEdXjEXMTWt_knnnTVHBLzbLmkZxXqOL
x-amz-cf-pop
SIN2-P2
age
17567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1VPBPW3B75GTX1T1HMCQ
etag
cea0ea9972e073858d8de90ee4cf862f
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
XasfHMFmDYqj4iIQom-9Up8udyHoQe2asXEOlyJqjEbvFlvAXZ3J9w==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0094 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
128830
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Feb 2023 11:38:51 GMT
expires
Wed, 21 Feb 2024 11:38:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 86B1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f99.1e100.net
Software
GSE /
Resource Hash
5b45a78271d48a203d62a08aaadd273e841b4d8d7e89e767f87ddeb96bf8082f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kgp0QpZCbFkyB51FgRN6ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-kgp0QpZCbFkyB51FgRN6ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:01 GMT
expires
Wed, 22 Feb 2023 23:26:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 32FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPF9p5C8mpZ-rq8yyBq41a-wSDrxYQHi9_SuC6eOivh929u1CTYos3uSgN6k8RIRoVjoA2QExHV39Xl76sTPoPduyoXyeS8zgnwJIZBpebTa4rqmlGowFwjFSZTjZF2NvgZIb76Kn_SsVxtGZ1Jjgoo6scWsnDyESrS7AFOu_rsDzGreIAum-hrebDeHJIw-IrSDrwu5QafSSAN9UHICs-nCHuyOG1nNsIkYBEQl7-KAchKFM1_j9qLTW3W_VTF3JVMaiw1eurc0mQ7JXSA4MyEqKfhpH3uxzhlstdbiNBcVA8BMUyaXCS-zDIXP7WgPtkBnm-b9v0s9D6RJOf5Ib3kZcXMO7sdy0ERl5qmck33RoC1x3EJu6OwK_B&sai=AMfl-YQYH3hbRS3sQSJ0ncKqwk-JFNSdXuXRA4Xdp5_tqPyC8je8J9XHoBcXaN_1o2npsekVTjnxkwkU7I41hr3ZrCdrhEr35NtLfFTWn1LF8ep02eLJOFD1A_frKuMWm24&sig=Cg0ArKJSzFnI1-7b6UkaEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:26:01 GMT
jload
pixel.adsafeprotected.com/ Frame D830 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138421800276&pubOrder=2553375348&cb=1434921723&custom=index&custom3=21851376062&adsafe_par&impId=48ca973f-b308-11ed-a508-02aa41dfc264
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-157-82.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
4ea1efddf48539b557b657f68ddf5e3ab161af818eaf9f5bf92505d0668b306f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:01 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 86B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=1746177615139573&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 0094 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 13:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
37196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 13:06:05 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/polyfills.0934b4cf86f77af5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.47.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-47-49.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://supercoach.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 22 Feb 2023 23:26:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.112.47.49 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-47-49.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://supercoach.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 22 Feb 2023 23:26:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ixmatch.html
js-sec.indexww.com/um/ Frame 66D3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
539
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
79db7bffafa917ce-MEL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 23:26:02 GMT
expires
Thu, 23 Feb 2023 03:26:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 61C3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 23:26:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 02AE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60707
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 22 Feb 2023 23:26:02 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 19 Feb 2023 22:55:08 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 4203
X-Served-By
cache-lga13626-LGA, cache-fty21366-FTY
X-Timer
S1677108362.100905,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AEE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-180-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://supercoach.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=171949
content-encoding
gzip
content-length
5554
content-type
text/html
date
Wed, 22 Feb 2023 23:26:02 GMT
expires
Fri, 24 Feb 2023 23:11:51 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
87265363-1b9e-40c2-afad-91759b8f02e8
beacon-sin1.rubiconproject.com/beacon/d/ Frame 5C8A 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-sin1.rubiconproject.com/beacon/d/87265363-1b9e-40c2-afad-91759b8f02e8?oo=0&accountId=7725&siteId=456798&zoneId=2675806&sizeId=15&e=6A1E40E384DA563B91BF3B0E448B605E138DAB44A10F067C6BA2628EB732AB72A4CB95E2A258CB8F0A86131FCD1A547AA9F8020A42C6B301800F48D3AA428680AD05BFD9E1C46E15EE51ED77A49DBFA3B1846BA2828668CCCF8B1FEB47EC7DB742739F85278D05E5CF8F5156922E774E695E02E0E3F54383B564F81228217047817FFB294F6C63E4EBE8923ACC894EED93E3621639BDA148CB9547DB79ACA876BBC78EA91C0C94BC9849CB6E349BB88802B7CCF348D3E502
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.67 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:01 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
A5CFAB156129E443
pn.ybp.yahoo.com/ab/secure/true/imp/veodH0fqElzZixxaOs4-wtOpekGwhS9OLkNofs9L33mPvTYO1GdpJPoDcbcv_LfjMBjVr-eDhsM00C7xh4YNZAiiQsZI4pXoZ3UCPJ4GDv8mRu0dKcyjJyUW2PUDUW1VrG4wFEz4xBhVSdVBVS2H8KdrDs13uy3MP... Frame 5C8A 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pn.ybp.yahoo.com/ab/secure/true/imp/veodH0fqElzZixxaOs4-wtOpekGwhS9OLkNofs9L33mPvTYO1GdpJPoDcbcv_LfjMBjVr-eDhsM00C7xh4YNZAiiQsZI4pXoZ3UCPJ4GDv8mRu0dKcyjJyUW2PUDUW1VrG4wFEz4xBhVSdVBVS2H8KdrDs13uy3MPoElLMCv2q39yQknajo8SpI2eXWRtHxg3yIeHwDVXCf66Wzv3Kk7wEmJPkOY4W1nXpEVgb30sH-rEatYA2v6hxcFrkl0iLP4UDoHjiVjit3UXvWhACJ4Ew24Cr7b7P1q90W0cg3vUrsRXRa4K1Xu0ryxBqUCyTx22pr83NP0BeSorieTVrFDQehCGe3emycGW2wKgzxXrxC1ue62quDjEl8e6J2qebBsfDUI1SSjSExzqb2RDPZd-8R_EJ-c4Jyu1bmIHeSaMGTILRfi-ajrGqZgtoxp7PTNDSC-Ys2jJu8AcgF7TPfKW3nki2uOzKoLs_WcC-I5YH8oT42FtfySt2IlccJZL6iaA0JfaGbmmKXFf0j8m2fyGzO95Y8EojRSSP51hBjjpGWu62HymSWyfhSaaFX8yVxpWzN2OkG1ClN7zIIEwe-dSN1YmD6JYrBYanYWNSXcTbccNlDb5M73SjKu8VRjflgbVZKhCBDsmbsutUfFCaC5aoaqYzhHz_h8M8tgBptmTAJFj-Cz-2_JhZdJ1OtWZjlqcyVS9eGxgGoAyRRjQhG6We82wlzgl8fPJc8IgCyUAHJLwSpVnHhT3zhkN9f9EZMXYamtxHYRoGNROPr2MffX54FTTDAaUVhYjTtDTF-u7UXcO7WKz-jsY_4E-5UOwjKdlBfj2g9bPNacsvLkwq664D315DAJebU1wnLEBIbm9H6Bd8qpJmsqZvS1-7R5rsv-6EbckyeZUQ003DiSCQ1b2xs3s8sw0B-sGMxauTQ7p3QzFG7xeYpwDOepHhgS63mC97CXTVk-HtDq3eb2ccnxiRVWOKIB06-AKrPUe8RaVj4Q5x45K-uV4OL9AMNhr0P83PakM7bzyFbyENiD5CdENT1Oo4rIJ-VB_fhBJpdd8Z_yDKEeBKNXmw-hfF6zbBX0Y6L_TAI0dM5bRejRQhWLvTZihhO7KIGWV2jE_z6PFtEHipOoMZ8t5JOvJRlpK7JNRqYAfKJvpNtaJJ4NvAIiYXGvhJL-tX4B9h2v3ohoVypseJDEp1VrQqYkbi6WR6DqdoRCIJwbjHhkrDRa1M6TG6Lfb0zWN3NUUrTNFI-XJRv6J2PsOYzXh_UUM1Nl_0MPppW46R2CslKvxZ-AJcq7Wazh1zjQT1ea5FbZHw1InGj2-8ZVk2HE4q_AlhFIM6OLval5rKQtxjM7ZPDl58wuiIekMGpnz6gShH0TuNRG1JZ7AxdGPgRq3DdSMttNYaWDdK5qXdDxL3cu_Lu9sHs1VXY-rzaounnvxraCuprGr9v9TyRJXKqohglmatjroHYMGs_ppUHBqX01KUqxKeAO_JIDmpJHLnSogI_qo7exHk9zGRwsMGdrPg73T1DHdO3alZIroNhMoMnRA8-3rRhYqJrWXqr2I4pYFp246Nbx0H7gYAQmCZwa2h0CnAJoD5gOLBAQbbv17ffTL348mneGbtTmhPG7i0KhiyWIpnrT0wxGhqeXbA7mVqxtSWNvbnNWGLJo6m8dhZQ/wp/A5CFAB156129E443
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.10.218.42 , Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
pr-ats-ing.pbp.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
99a8fde9ff38042a1c776d8ccfe3348d55abf6928e45b6802cd861701e3c1589
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
content-length
3223
register
token.rubiconproject.com/ Frame 5C8A 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LEGB0JCT-19-1IOR
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
imp
aax-fe-sin.amazon-adsystem.com/e/dtb/ Frame 5C8A 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/e/dtb/imp?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&pp=e1d7gg&isip=1
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:02 GMT
Cache-Control
no-store, max-age=0
Server
Server
Connection
keep-alive
Content-Length
43
Vary
User-Agent
Content-Type
image/gif
csm_view_only.js
c.amazon-adsystem.com/ Frame 5C8A 		34 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/csm_view_only.js
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
H7cjUGULhq3Otl.y07v5iysTAkUE3DvE
date
Wed, 22 Feb 2023 03:00:25 GMT
via
1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 08:54:08 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
80612
etag
"cf208b3d9fe957abaf7afdfaac0387e9"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
35007
x-amz-cf-id
izRLKsHEXNwp0EY1x_MUm-kWCndO21w0zpTUrXQPJJbBAG8Xb58JEA==
generate_204
tpc.googlesyndication.com/ Frame 0094 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qqlY7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
main.19.8.397.js
static.adsafeprotected.com/ Frame 26FD 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.397.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=5188567880&chanId=21942072462&placementId=6085339805&pubCreative=138400684317&pubOrder=3064375127&cb=1575262712&custom=index&custom3=21851376062&adsafe_par&impId=48ca9740-b308-11ed-a508-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eda66660e3697c79394073d8612dbce395eccdd20f40387c05f132882b00f04e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:58:11 GMT
x-amz-version-id
L_QpnZKJu0E.etpUeNZoyQH4AE_JqZeG
content-encoding
gzip
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
5272
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 Feb 2023 19:35:52 GMT
server
AmazonS3
etag
W/"edf6076def7e7c118e84486c2d40b8aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
zot7U78Pg-puYBQ5hQiWDDI_0bXC2BkrU0FJ8PHmWmW-L2GX6dCMFA==
main.19.8.397.js
static.adsafeprotected.com/ Frame D830 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.397.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138421800276&pubOrder=2553375348&cb=1434921723&custom=index&custom3=21851376062&adsafe_par&impId=48ca973f-b308-11ed-a508-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eda66660e3697c79394073d8612dbce395eccdd20f40387c05f132882b00f04e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 21:58:11 GMT
x-amz-version-id
L_QpnZKJu0E.etpUeNZoyQH4AE_JqZeG
content-encoding
gzip
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
5272
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 22 Feb 2023 19:35:52 GMT
server
AmazonS3
etag
W/"edf6076def7e7c118e84486c2d40b8aa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_QhHAvDwMXIYQq0KWNcwO8LIBbhorSE1Bw9s9tCx1kdfq7ejRKHqqw==
usermatch
ssum-sec.casalemedia.com/ Frame D7DB 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6d76fc21fc99a75d8809af853c3a4de04f331d95c62d0f96ca1be8cd5f6f142

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79db7c005efddf24-MEL
content-encoding
br
content-type
text/html
date
Wed, 22 Feb 2023 23:26:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2W02qSkJEXmneLypBVo2h81toIO9BHdJJdRMYkusc8sFs965RGBpJT%2F5an9m0Zy4gQUUBc47WWrT8QYPAH9AkkcwQUEuNaf9OgsYKfBShPDQujp2dDVDracdysrA9AgHqjbiabxaGHv9dg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 02AE 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:02 GMT
AN-X-Request-Uuid
7e8a0523-1edb-428e-9ad9-4e582cdb8632
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 61C3 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 22:31:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83073
Connection
keep-alive
Content-Length
10007
Expires
Thu, 23 Feb 2023 22:30:35 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 5C8A 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/veodH0fqElzZixxaOs4-wtOpekGwhS9OLkNofs9L33mPvTYO1GdpJPoDcbcv_LfjMBjVr-eDhsM00C7xh4YNZAiiQsZI4pXoZ3UCPJ4GDv8mRu0dKcyjJyUW2PUDUW1VrG4wFEz4xBhVSdVBVS2H8KdrDs13uy3MPoElLMCv2q39yQknajo8SpI2eXWRtHxg3yIeHwDVXCf66Wzv3Kk7wEmJPkOY4W1nXpEVgb30sH-rEatYA2v6hxcFrkl0iLP4UDoHjiVjit3UXvWhACJ4Ew24Cr7b7P1q90W0cg3vUrsRXRa4K1Xu0ryxBqUCyTx22pr83NP0BeSorieTVrFDQehCGe3emycGW2wKgzxXrxC1ue62quDjEl8e6J2qebBsfDUI1SSjSExzqb2RDPZd-8R_EJ-c4Jyu1bmIHeSaMGTILRfi-ajrGqZgtoxp7PTNDSC-Ys2jJu8AcgF7TPfKW3nki2uOzKoLs_WcC-I5YH8oT42FtfySt2IlccJZL6iaA0JfaGbmmKXFf0j8m2fyGzO95Y8EojRSSP51hBjjpGWu62HymSWyfhSaaFX8yVxpWzN2OkG1ClN7zIIEwe-dSN1YmD6JYrBYanYWNSXcTbccNlDb5M73SjKu8VRjflgbVZKhCBDsmbsutUfFCaC5aoaqYzhHz_h8M8tgBptmTAJFj-Cz-2_JhZdJ1OtWZjlqcyVS9eGxgGoAyRRjQhG6We82wlzgl8fPJc8IgCyUAHJLwSpVnHhT3zhkN9f9EZMXYamtxHYRoGNROPr2MffX54FTTDAaUVhYjTtDTF-u7UXcO7WKz-jsY_4E-5UOwjKdlBfj2g9bPNacsvLkwq664D315DAJebU1wnLEBIbm9H6Bd8qpJmsqZvS1-7R5rsv-6EbckyeZUQ003DiSCQ1b2xs3s8sw0B-sGMxauTQ7p3QzFG7xeYpwDOepHhgS63mC97CXTVk-HtDq3eb2ccnxiRVWOKIB06-AKrPUe8RaVj4Q5x45K-uV4OL9AMNhr0P83PakM7bzyFbyENiD5CdENT1Oo4rIJ-VB_fhBJpdd8Z_yDKEeBKNXmw-hfF6zbBX0Y6L_TAI0dM5bRejRQhWLvTZihhO7KIGWV2jE_z6PFtEHipOoMZ8t5JOvJRlpK7JNRqYAfKJvpNtaJJ4NvAIiYXGvhJL-tX4B9h2v3ohoVypseJDEp1VrQqYkbi6WR6DqdoRCIJwbjHhkrDRa1M6TG6Lfb0zWN3NUUrTNFI-XJRv6J2PsOYzXh_UUM1Nl_0MPppW46R2CslKvxZ-AJcq7Wazh1zjQT1ea5FbZHw1InGj2-8ZVk2HE4q_AlhFIM6OLval5rKQtxjM7ZPDl58wuiIekMGpnz6gShH0TuNRG1JZ7AxdGPgRq3DdSMttNYaWDdK5qXdDxL3cu_Lu9sHs1VXY-rzaounnvxraCuprGr9v9TyRJXKqohglmatjroHYMGs_ppUHBqX01KUqxKeAO_JIDmpJHLnSogI_qo7exHk9zGRwsMGdrPg73T1DHdO3alZIroNhMoMnRA8-3rRhYqJrWXqr2I4pYFp246Nbx0H7gYAQmCZwa2h0CnAJoD5gOLBAQbbv17ffTL348mneGbtTmhPG7i0KhiyWIpnrT0wxGhqeXbA7mVqxtSWNvbnNWGLJo6m8dhZQ/wp/A5CFAB156129E443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6883
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 19:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 23 Feb 2023 00:17:33 GMT
inside.js
cdn.js7k.com/rq/iv/ Frame 5C8A 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pn.ybp.yahoo.com
URL: https://pn.ybp.yahoo.com/ab/secure/true/imp/veodH0fqElzZixxaOs4-wtOpekGwhS9OLkNofs9L33mPvTYO1GdpJPoDcbcv_LfjMBjVr-eDhsM00C7xh4YNZAiiQsZI4pXoZ3UCPJ4GDv8mRu0dKcyjJyUW2PUDUW1VrG4wFEz4xBhVSdVBVS2H8KdrDs13uy3MPoElLMCv2q39yQknajo8SpI2eXWRtHxg3yIeHwDVXCf66Wzv3Kk7wEmJPkOY4W1nXpEVgb30sH-rEatYA2v6hxcFrkl0iLP4UDoHjiVjit3UXvWhACJ4Ew24Cr7b7P1q90W0cg3vUrsRXRa4K1Xu0ryxBqUCyTx22pr83NP0BeSorieTVrFDQehCGe3emycGW2wKgzxXrxC1ue62quDjEl8e6J2qebBsfDUI1SSjSExzqb2RDPZd-8R_EJ-c4Jyu1bmIHeSaMGTILRfi-ajrGqZgtoxp7PTNDSC-Ys2jJu8AcgF7TPfKW3nki2uOzKoLs_WcC-I5YH8oT42FtfySt2IlccJZL6iaA0JfaGbmmKXFf0j8m2fyGzO95Y8EojRSSP51hBjjpGWu62HymSWyfhSaaFX8yVxpWzN2OkG1ClN7zIIEwe-dSN1YmD6JYrBYanYWNSXcTbccNlDb5M73SjKu8VRjflgbVZKhCBDsmbsutUfFCaC5aoaqYzhHz_h8M8tgBptmTAJFj-Cz-2_JhZdJ1OtWZjlqcyVS9eGxgGoAyRRjQhG6We82wlzgl8fPJc8IgCyUAHJLwSpVnHhT3zhkN9f9EZMXYamtxHYRoGNROPr2MffX54FTTDAaUVhYjTtDTF-u7UXcO7WKz-jsY_4E-5UOwjKdlBfj2g9bPNacsvLkwq664D315DAJebU1wnLEBIbm9H6Bd8qpJmsqZvS1-7R5rsv-6EbckyeZUQ003DiSCQ1b2xs3s8sw0B-sGMxauTQ7p3QzFG7xeYpwDOepHhgS63mC97CXTVk-HtDq3eb2ccnxiRVWOKIB06-AKrPUe8RaVj4Q5x45K-uV4OL9AMNhr0P83PakM7bzyFbyENiD5CdENT1Oo4rIJ-VB_fhBJpdd8Z_yDKEeBKNXmw-hfF6zbBX0Y6L_TAI0dM5bRejRQhWLvTZihhO7KIGWV2jE_z6PFtEHipOoMZ8t5JOvJRlpK7JNRqYAfKJvpNtaJJ4NvAIiYXGvhJL-tX4B9h2v3ohoVypseJDEp1VrQqYkbi6WR6DqdoRCIJwbjHhkrDRa1M6TG6Lfb0zWN3NUUrTNFI-XJRv6J2PsOYzXh_UUM1Nl_0MPppW46R2CslKvxZ-AJcq7Wazh1zjQT1ea5FbZHw1InGj2-8ZVk2HE4q_AlhFIM6OLval5rKQtxjM7ZPDl58wuiIekMGpnz6gShH0TuNRG1JZ7AxdGPgRq3DdSMttNYaWDdK5qXdDxL3cu_Lu9sHs1VXY-rzaounnvxraCuprGr9v9TyRJXKqohglmatjroHYMGs_ppUHBqX01KUqxKeAO_JIDmpJHLnSogI_qo7exHk9zGRwsMGdrPg73T1DHdO3alZIroNhMoMnRA8-3rRhYqJrWXqr2I4pYFp246Nbx0H7gYAQmCZwa2h0CnAJoD5gOLBAQbbv17ffTL348mneGbtTmhPG7i0KhiyWIpnrT0wxGhqeXbA7mVqxtSWNvbnNWGLJo6m8dhZQ/wp/A5CFAB156129E443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.161.10.12 , Singapore, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
e2.ycpi.vip.sgb.yahoo.com
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:17:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
WEJSCEF9MYQ8R9CG
age
11304
x-amz-server-side-encryption
AES256
content-length
14353
x-amz-id-2
BhkfVR4mMg4hz1oWrCQK82G3VVbUGP8tpFo4Uquaqyj5QTq/FC0+3umtnvcE1PKC6Oa6aMt/cUs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 5C8A 		565 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
106.10.236.40 , Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
o2.ycpi.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:21:53 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
5WJHAHWRC6R5XKB4
age
126252
x-amz-server-side-encryption
AES256
content-length
565
x-amz-id-2
67GoCz423M/1pj05NvKf0FPnYQtFy418ULo8fU3Tcs4Pw4rZueIF9yrRnFJ7QyplML/9GOEkmZY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
cache-control
max-age=15552000, public
accept-ranges
bytes
Y_akh5Yzh6T3zdtwG7umwAAAElkAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D7DB 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y_akh5Yzh6T3zdtwG7umwAAAElkAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.150.118 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-150-118.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame D7DB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3716421066496071668
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3716421066496071668
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 22 Feb 2023 23:26:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
80963130-abbd-4b25-8097-35dc39ab590a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3716421066496071668
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D7DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f1c863f6-a489-4e00-a619-888cbd7452d3
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f1c863f6-a489-4e00-a619-888cbd7452d3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 22 Feb 2023 23:26:02 GMT
Server
MT3 475 4bd2ccd master nrt-pixel-x17 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f1c863f6-a489-4e00-a619-888cbd7452d3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 22 Feb 2023 23:26:01 GMT
crum
dsum-sec.casalemedia.com/ Frame D7DB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABAZ07H7UkAACBTFEc84g&expiration=1678317963
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABAZ07H7UkAACBTFEc84g&expiration=1678317963
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABAZ07H7UkAACBTFEc84g&expiration=1678317963
Date
Wed, 22 Feb 2023 23:26:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
casale
match.adsrvr.org/track/cmf/ Frame D7DB 		70 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ium
dsum-sec.casalemedia.com/ Frame D7DB
Redirect Chain
  • https://id.rlcdn.com/711587.gif
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:03 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
0

Redirect headers

date
Wed, 22 Feb 2023 23:26:02 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
ad.turn.com/r/ Frame D7DB 		0
0
crum
dsum-sec.casalemedia.com/ Frame D7DB
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07010010_63f6a48af28d7&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07010010_63f6a48af28d7
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07010010_63f6a48af28d7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Wed, 22 Feb 2023 23:26:02 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07010010_63f6a48af28d7
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame D7DB 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y-akh5Yzh6T3zdtwG7umwAAA%264697
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
1447
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79db7c03afbd2b37-MEL
content-length
43
expires
Thu, 23 Feb 2023 23:26:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=1746177615139573&bg=!o6CloPTNAAZYlHKzeJQ7ADkAdvg8Wr1y9Ri74LzjL77r6mmDEYdGSuR-QLXaoee_e3SwDwus_eAfNG8hAjQc9xa4OwV6Vgx6_tgCAAAAa1IAAAACaAEHmQK34j4h5aQbaeB4Xl_hZIOG2E-KnlazH0bPHDlTt5GhpNrFGATmuBTQNJhKN41-qbjZgxABMkh4zRn1OYnY0TbxxMkFB14-zCj7jKQvEpHy-m5MisBixjLo-sXD3DkwoWKu38SvEYKIvo0CzDWjT0T3ponnfRBCZGwO5Dodgt4ZY7cHTVISck5nFnGxj3MugyjIRUWVhbrW1-l8y8uiz2X2sqlxAAblVh8i7VryGmUcnJA_4k-9V2rgfzQM3dsvl_hLTTFs6Yzemzdrm4LaTEDgMi9hY8fteYzwDIibRuy9AStwpqcuxhj3ecTaFJ8jy8N1mnaxkF6mAmWgIyfLLJgtc6msEj4gMrP8D4mVWMVqYBCxm8o_pKdSIX-6tF3jYpGWe6VqlaMVTXV71ToHY2cJmbskXG1c1ITyaE2I8Vl9-4XTv-XO5uOs6SCGU7m6vN9v63WxhGD9PtLmnb6zN4S2PBS1fk61Utg409HM6xJ6BScu_tJdDjUVsHmIsXkhJUFnTspkSInlo32uhL7K_S-TxBgU-qsJWGH5U7J3nIhK1airdrrWPelRVyosiAraOWGenMsd50oGkfKjRUNEzBER-cyuhJvoWf_Tqefse-1YJNnEnZcXvTCOfaIFwW35wdEJ3xUtGV2Qxhh2GDzWPEDXLeD1ocr3NxC7i_hMjfAuFLaHo2i-wlT_ftOAZw-OW86kyr8ulzi68oBqus30zbw5rofbjDMxYiT34zzq1ZKAKIPncqv5_JdGGJ6S02andYgG5kmr0gmX4ROBDGLVo-8VUbrRnaug0fL26UiDniT74GbCc4HMV66MfDgtxx6OWwl0wgPMLFCHy60g4KHNKxGuRsNmNSVxRp2ejW1w9AWqmhMikE1bIfVIZweq0y0Z-H9h5cw93FF3HZ-KJLWuUy0fpZvczG_E7UA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
impl_v95.js
www.googletagservices.com/dcm/ Frame 5C8A 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v95.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 05:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 18:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 05:40:51 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame EBEF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 08:50:00 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3681364
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
H-ShKEqF-LutFYQ31Y4etN1VXbbG790zHHaxnqA5kWlf_oHcWiCo0w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=5188567880&chanId=21942072462&placementId=6085339805&pubCreative=138400684317&pubOrder=3064375127&cb=1575262712&custom=index&custom3=21851376062&adsafe_par&impId=48ca9740-b308-11ed-a508-02aa41dfc264&adsafe_url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:7142c3e6-c759-3f6f-75c1-a7e8412b2b95,c:4ZLjb0,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-8668796449-kzx45,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:742,mot:0,app:0,maw:0,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:766,oid:4522c4f9-b308-11ed-be50-8ae019620dd9,v:19.8.397,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-157-82.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDF...
ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/ Frame 67F7 		56 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
d845e1a8079ce3b5fa4aab2f667450c107dcfaa5806d2ef1bdbbd92861ca5834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
27642
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjbI,pingTime:-2,time:810,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:684,beZ:686,mfA:1426,cmA:1428,inA:1428,inZ:1433,prA:1433,prZ:1443,si:1450,poA:1451,poZ:1467,cmZ:1467,mfZ:1468,loA:1475,loZ:1477,ltA:1494,ltZ:1494,mdA:686,mdZ:1402%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:811,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:767,slid:%5Bgoogle_ads_iframe_/5129/sport.supercoach/lobby/heraldsun/home/null/null_1,google_ads_iframe_/5129/sport.supercoach/lobby/heraldsun/home/null/null_1__container__,ad-block-300x250-1,vm-ScrollableComponent-main%5D,sinceFw:43,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjci,time:846,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:846,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B100~0%5D,as:%5B100~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:0,renddet:na,siq:767%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0E6C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 08:50:00 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 12e8a42696c6144c3ba187fe90f98448.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
3681364
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2SMvTpJWAovRTBdiHt_WqYsWtzpg6nU7j5ESsnPLczT7iyruS4it3g==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=21942072462&placementId=5084295962&pubCreative=138421800276&pubOrder=2553375348&cb=1434921723&custom=index&custom3=21851376062&adsafe_par&impId=48ca973f-b308-11ed-a508-02aa41dfc264&adsafe_url=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:3debc460-e82d-583c-62b4-9be4929fd0d7,c:4ZLjeS,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-8668796449-hcff2,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:440.5364.728.90,am:i,cc:440.5364.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:989,mot:0,app:0,maw:0,fm:twDBLY8+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o21%7C1o3%7C1o4%7C1o5%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1002,oid:4522c4b1-b308-11ed-a35c-e6394ba222d8,v:19.8.397,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.157.82 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-157-82.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/ Frame 67F7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230221/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3023
x-xss-protection
0
server
cafe
etag
4221495933888618527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 23:16:05 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3debc460-e82d-583c-62b4-9be4929fd0d7&tv=%7Bc:4ZLjfl,pingTime:-2,time:1031,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:550,beZ:551,mfA:1540,cmA:1540,inA:1540,inZ:1541,prA:1541,prZ:1549,si:1553,poA:1553,poZ:1565,cmZ:1565,mfZ:1565,loA:1570,loZ:1572,ltA:1581,ltZ:1581,mdA:551,mdZ:1531%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1002%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1031,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1002,wc:0.0.1600.1200,ac:440.5364.728.90,am:i,cc:440.5364.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:twDBLY8+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o21%7C1o3%7C1o4%7C1o5%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1n*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:1003,slid:%5Bgoogle_ads_iframe_/5129/sport.supercoach/lobby/heraldsun/home/null/null_0,google_ads_iframe_/5129/sport.supercoach/lobby/heraldsun/home/null/null_0__container__,ad-block-728x90-1,vm-ScrollableComponent-main%5D,sinceFw:28,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 67F7 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Feb 2023 11:45:48 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7FF9 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3debc460-e82d-583c-62b4-9be4929fd0d7&tv=%7Bc:4ZLjfX,time:1069,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1069,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1002,wc:0.0.1600.1200,ac:440.5364.728.90,am:i,cc:440.5364.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:twDBLY8+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o21%7C1o3%7C1o4%7C1o5%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs,siq:1003%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 67F7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 20:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Feb 2024 20:59:07 GMT
async_usersync
ib.adnxs.com/ Frame 02AE 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:03 GMT
AN-X-Request-Uuid
1574bbb6-ed55-42dd-91dd-6b8887ee01b2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B353 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Requested by
Host: aax-fe-sin.amazon-adsystem.com
URL: https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://aax-fe-sin.amazon-adsystem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 23:26:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 209E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
177132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Feb 2023 22:13:51 GMT
expires
Tue, 20 Feb 2024 22:13:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame B353 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=as&co=au
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-5-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=as&co=au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 23:26:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 22:31:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83072
Connection
keep-alive
Content-Length
10007
Expires
Thu, 23 Feb 2023 22:30:35 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjlq,pingTime:-10,time:1412,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677108363604%7C%7C869eddd8ae2f85fcec024ab958d786f8%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7Cd975a6605f1bf4d6f52a6baa33451560%7C%7C3dc8bf1fabb7b584c5342fbc7d32a4ea%7C%7C09c8af28f368b4eb3da9c436b8934653%7C%7C07c371bc72942ec0b88434eb3aaacb41%7C%7Cb32a3c9e02e1dfb0577308cbef895218%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
pagead2.googlesyndication.com/bg/ Frame 209E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
sffe /
Resource Hash
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 13:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
37198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14406
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 13:06:05 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3debc460-e82d-583c-62b4-9be4929fd0d7&tv=%7Bc:4ZLjoQ,pingTime:-10,time:1620,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677108363604%7C%7C869eddd8ae2f85fcec024ab958d786f8%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7Cd975a6605f1bf4d6f52a6baa33451560%7C%7C3dc8bf1fabb7b584c5342fbc7d32a4ea%7C%7C09c8af28f368b4eb3da9c436b8934653%7C%7C07c371bc72942ec0b88434eb3aaacb41%7C%7Cb32a3c9e02e1dfb0577308cbef895218%7C%7C1663701684,sca:%7Bspg:7142c3e6-c759-3f6f-75c1-a7e8412b2b95%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 209E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bh1jbi6T2Y-_iBca03LUP8YSZWAAAAAA4AeAEAg&bg=!X1ylXAjNAAZYlHKzeJQ7ADkAdvg8Wlvzmt0Hn5kJvYNzJn0PEopqWL78M9suHrt9zzHAEeWVtve7ah_VHvhitcSctb-K3BySY-wCAAAAT1IAAAACaAEHCgBTYomOGQJra2QAgD_4xmwvPqyKgzKls_GPhdbrkE18R7TxiaZyQmAd7PFl1tgaRYjlc2dKWdsL6PienPXr56J8vlWkPDNWn8-YgB6Q5z2fsjuQDXeZAyTnanjQgcejRQ0wBVEYi-WrBN3041B9ARyEwSTHkg3YFdoWOB0_6ZBh1r_YFC4e13qS6svQFJOQbs3rTHMEsNuq1Nkasmu77hft7J372pTJgqZ8p0j90UpejbQS_np-Ht-XsICtKO4XNMlO39Zyddm2RhPpV0vuYj-PbCSjvxHBbhw7rBkJLH1fK6FRNAQXa30OiAPDzI1xhha2IGoBGEoub1eBQRQv_q99rhx8e52Hw5mD9UW5lw-zomaYu2h3uywf1qc3OOBbWCjsTb8S_G_u3mDupUkCf3KCsLV-UfVcf81QR_yhqX-SltAdcm4W2NBJRTTj_DrcjloK-DVzZq-kpb6Khugf7Ztzg0Pt_1xOlsj0LibOECgR_AsH1Dw80zyJAZqPivSwL6n9T0GFA03bBaExqGiI53JFTQY7aGxnAS--EkWbc4vcDHNPUSbrBdCUQqSXeMMPXRsSguYShAbPUJYWxYjkEmVEDOLMzOPutO_FeVeeA0XsKKehDtdcD9uHSyRaaTIAJvBTDMv3SwgIPSdt5gMfQ_xLNJFGXh3E0QoF3VmmmrNpnEd26KSVVsZgdjhJ0yxETjuBCS1U5sSDJ436unf2OPg9kTJ-qlridadE2S2X1UHw_0L6wA2FSBgisSglL0jFjCVu4p6DXJhIS2Hi9RBVgyFkVD5tJaTIsxHzUPzEUIZkvNPgAXA0xiydh7KDgA_8QVY73vQJ5OkAfeSoxkrMRImm7T7VBjgcuGmdqkYj964BfWIRuI2NZ5280A_SXS6ETncQ7cYUMSbbiGzjknm-SONx-bSOfugyC0aW78fb_V-dCQHMPqXDnjcHWiu_3hFJrzXrNrWVkM__bzz16A0UDRaHy8SvdxDu45Rmfz8WqS1N1HpMI2x6OpHXoZUidgWeWR8vYcar46MFC1urAZR2At_vO0v6evXgAAp93oZ5NxTU99DM1QaRcZ5NmC9WZOtZuE3oP3k_TN40jplnavkZgxpsevIc_4WVqRcmr9vh2uSI66fOnhPNRa7QvgA-McB8_brIqVDuIzYvcWgf6hj1pNoC530ANUNCfgrpe2o
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67F7 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 23:26:04 GMT
index.html
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
a78db89d915b7bfc27d1365d73ff651e74515b5cc73c52d6386d8ed9559e06ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20279
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 22:12:44 GMT
expires
Thu, 22 Feb 2024 22:12:44 GMT
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 67F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvv0UZ_zCO5InShaySsSL7TQGwc6etx7nGqtQ4K9jmHM1nF50VG6P2Bxpkfo7P46zrLatYx9C3GTHGgbKKxfwdr9WYpPL1zXF1UZgdy2JjchuYYAVt44bUvxJ7QOVumUC22Ttdhe1p36vlk37SS4EpNzY4AmnKwyTRCQVHfPqZ1_xSfi7Y&sai=AMfl-YTaFvaJEZ_zeq5SAK8KB_qc2rPE9FuLiOwFCQak2EWJ3aMEZYhlt5A-UM-g33Fv5_plUVX9dwWEgShDB129lT33x6D7Yjzvif9E8A&sig=Cg0ArKJSzCA9S5o7IJ3UEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=722&cbvp=1&cstd=719&cisv=r20230221.69354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:26:04 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjtK,time:1928,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1928,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1183~0%5D,as:%5B1183~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:856,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:0,renddet:na,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:04 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
%7B%22adCsm%22:[%7B%22tld%22:%22supercoach.heraldsun.com.au%22%7D,%7B%22ns%22:1677108360694,%22st%22:%22820.40%22,%22re%22:%221014.40%22,%22ldTot%22:%22194.00%22%7D,%7B%22lteu%22:%220.10%22,%22ltut...
aax.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/ Frame E8FF 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/%7B%22adCsm%22:[%7B%22tld%22:%22supercoach.heraldsun.com.au%22%7D,%7B%22ns%22:1677108360694,%22st%22:%22820.40%22,%22re%22:%221014.40%22,%22ldTot%22:%22194.00%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22lths%22:%220.00%22,%22ltpm%22:%220.20%22,%22ltdm%22:%220.20%22,%22ltdb%22:%220.00%22,%22csmTot%22:%221.80%22%7D],%22pixelId%22:%22uqybw53q8r%22,%22ts%22:1677108364240,%22ver%22:%22d-1.20%22%7D?cb=711590
Requested by
Host: supercoach.heraldsun.com.au
URL: https://supercoach.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.248.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-248-101.sin52.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:03 GMT
via
1.1 bf37a08a8e52d3968f35ae1bb4eaae78.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
7rUrQNsHnWQK6SXD2s_vGMNCC7M6tPeuSurQtsBgoX5evO1tN8VpUQ==
yv
beap-bc.yahoo.com/ Frame 5C8A 		43 B
771 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=5606684919256365415:1677108358408&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=3uCmt2i38kcMu-UrmaZltaqQxT5_EM8IqXyOYKN1jY0RLdlosIYyExKLgZX-7JXHM54QOOj3mDvijvwSyNmsIlbXhZpC6JAEUVipVvt1Saos0RgKqP8_t9UJetljjLZ6Pejuq6ohBffEMKN7pzHRVE9IBcUfwrLboDEVFf7WIs92E86clsZAkJrvv6zpG_Cq3jFTZQXGhAerhdiAMsug9ylDByRaC0g4uGN4F77tWYKTk-aTdizhpw&iv=100&v=1&m=2&r=1677108364338&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.161.10.12 , Singapore, ASN38032 (YAHOO-HK2-AP internet content provider, HK),
Reverse DNS
e2.ycpi.vip.sgb.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:04 GMT
strict-transport-security
max-age=31536000
accept-charset
utf-8
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, private
content-length
43
x-xss-protection
1; mode=block
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 73AB 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 11:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Feb 2023 11:06:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 67F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvv0UZ_zCO5InShaySsSL7TQGwc6etx7nGqtQ4K9jmHM1nF50VG6P2Bxpkfo7P46zrLatYx9C3GTHGgbKKxfwdr9WYpPL1zXF1UZgdy2JjchuYYAVt44bUvxJ7QOVumUC22Ttdhe1p36vlk37SS4EpNzY4AmnKwyTRCQVHfPqZ1_xSfi7Y&sai=AMfl-YTaFvaJEZ_zeq5SAK8KB_qc2rPE9FuLiOwFCQak2EWJ3aMEZYhlt5A-UM-g33Fv5_plUVX9dwWEgShDB129lT33x6D7Yjzvif9E8A&sig=Cg0ArKJSzCA9S5o7IJ3UEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1500&vt=11&dtpt=778&dett=3&cstd=719&cisv=r20230221.69354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N423804.4305145BENCHMEDIAPROGRAM/B28934180.355468644;dc_ver=95.280;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;dc_adk=3199938901;ord=38tbto;click=https%3A%2F%2Fpr-a.ybp.yahoo.com%2Fcj%2Fcd%2FFSrnL6pw277GgCGJYywhjPyfbRhceS4HnXXoglcfDFbNvJZt0g8GgpG80EZS4VwgByaREIQBT0UTQPpCDbr2DzFD7Go_3Wn-p3543IJ8nTVpEf-Z3svNP_0vCE3EcJaYTK5W9-YbxIWWj6EXLUxuT5cAyLgVjaxCUSliMwAhKdB_bWXkcdmtcKaxjjv7BNx0JMlYdeADRZcwF5IqDf3x0i36j93WlXva9wbPv6EY-2WavZToP42Sl4Sdl_ZYqz8lfcWf1EU712d6dL47xbPnLtJ-yy_wukZ9%2Frurl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=2,https%3A%2F%2Fsupercoach.heraldsun.com.au$2,https%3A%2F%2Fsupercoach.heraldsun.com.au%2F$0;xdt=1;crlt=cq-q(27UYD;gcsr=m;stc=1;chaa=1;sttr=228;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:26:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E8FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB3EJR2y13MOx1_irL104-OmnELJFWKV5ToRBggQsu97AluUvCjgXXQzUA_-t1AkJhwjswRMXeZdug2YuStxgv8bWycUF3MVlfc36kov8W6MWef3C4elviMzruGx8gXoZQ8B6TtQ2nizHnbANkddlXUMg6TPKXaqCFAoDuhzkqsxDNIJVbyC1SehCWCrMLwR6XVeHgGKDy-xjxtDMWuNtp91ZVtJHGrc6TQzTYf32EEVLBr3M1CneeC8MoVwvsbs3gMrLgyHV5WOTH9FEmbJ83NTH8xaQizeVQo2W7mvEA_x_md3dFxNCzl8fNUTeXgK-5fy0juRle13TXBU_3zXlGB2LqkppExtTJNrM8LP_02BOUobeOu7ZPN7z3Zpa2&sai=AMfl-YT20KJL6iXC_MS8qloA6rv32UGtwhew4S3NuKhvsFlelgVcpyEfge8G67p-SOSXTAVR3_s_HOR9fjRL8qUSB-DTSKOzlPs1XAjb-oGL8lL-t8M81iJn3bhNIggIOMc&sig=Cg0ArKJSzAVhbsjdEV1DEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Feb 2023 23:26:04 GMT
P4-04-so.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-04-so.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
5c8f8bbb6e670e152d44ed1d5a373c9481e8bf377b4f05cb62a9abcd3c433637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2360
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-03-you.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		16 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-03-you.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
67357e72beccdb1e6d058136eedc16ea52b4ba4dcb89cc75968a1b28e26c3a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3552
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-02-without.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		17 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-02-without.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
6d1d9798796b4bde923fccd815b2e223a46f3034e5a1a63283454784397a4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3334
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-01-poverty.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-01-poverty.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
35c92e09798ce5d52f2c2af85cd9df19b8406cba6122c2545f50a9f98c1521db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3409
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
CTA-sponsor-child.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/CTA-sponsor-child.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
5d927ab03beeb924ba53f4cea941a328d81adfc689c2dcef23ab89195f435ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1977
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
TSF-logo_1.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		17 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/TSF-logo_1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
47460bc3de3976bb9fbe70bd11338058012a2514b92f27d5ea68427ff0f487f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4972
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-image-300x250__1_.jpg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-image-300x250__1_.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
e9650a4bd1e8070df9eb6d750042e47f8d8784026e7b71781d1791dc8ccb6d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
x-content-type-options
nosniff
age
4399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54884
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:2.74,%22ts%22:1677108364778,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ve...
aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/v/ Frame 5C8A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/v/%7B%22v%22:%7B%22p%22:0,%22t%22:0,%22def%22:%22amzn%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:2.74,%22ts%22:1677108364778,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ver%22:%22r-1.30%22%7D?cb=1144269
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:04 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22atf%22:true,%22f%22:1,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ts%22:1677108364778,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ver%22:%22r-1.30%22%7D
aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/atf/ Frame 5C8A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/atf/%7B%22atf%22:true,%22f%22:1,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ts%22:1677108364778,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ver%22:%22r-1.30%22%7D?cb=1967754
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:05 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjEI,time:2608,type:e,im:%7Bpci:%7Btdr:1813%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2608,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1862~0%5D,as:%5B1862~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:291,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:04 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 73AB 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
P4-03-you.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		16 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-03-you.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
67357e72beccdb1e6d058136eedc16ea52b4ba4dcb89cc75968a1b28e26c3a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3552
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-04-so.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-04-so.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
5c8f8bbb6e670e152d44ed1d5a373c9481e8bf377b4f05cb62a9abcd3c433637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2360
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-02-without.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		17 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-02-without.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
6d1d9798796b4bde923fccd815b2e223a46f3034e5a1a63283454784397a4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3334
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
P4-01-poverty.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		15 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-01-poverty.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
35c92e09798ce5d52f2c2af85cd9df19b8406cba6122c2545f50a9f98c1521db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3409
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
CTA-sponsor-child.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/CTA-sponsor-child.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
5d927ab03beeb924ba53f4cea941a328d81adfc689c2dcef23ab89195f435ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1977
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjJh,pingTime:0,time:2891,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:291,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:05 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 7AEE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75831407&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
96caf09ed7f9de28743126d8289dcf736b32a54e5cae23718c3cc507974c9ef4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 22 Feb 2023 23:26:05 GMT
content-length
1880
content-type
text/html; charset=UTF-8
P4-image-300x250__1_.jpg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/P4-image-300x250__1_.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
e9650a4bd1e8070df9eb6d750042e47f8d8784026e7b71781d1791dc8ccb6d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54884
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
TSF-logo_1.svg
s0.2mdn.net/sadbundle/1144369993700311651/ Frame 73AB 		17 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1144369993700311651/TSF-logo_1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f149.1e100.net
Software
sffe /
Resource Hash
47460bc3de3976bb9fbe70bd11338058012a2514b92f27d5ea68427ff0f487f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1144369993700311651/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 22:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4400
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4972
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 03:55:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Feb 2024 22:12:45 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0737
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z228orvah69
1 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z228orvah69
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:26:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Wed, 22 Feb 2023 23:26:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=z228orvah69
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame F824
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3716421066496071668&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3716421066496071668&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
2657829f-bc0b-4af4-b72b-178170332cfe
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 23:26:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3716421066496071668&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
103.209.254.130; 103.209.254.130; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 2726
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xrXvSZGysRrds79Lw7OkS8e0v0vdsb8ekrJsmMW7
42 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xrXvSZGysRrds79Lw7OkS8e0v0vdsb8ekrJsmMW7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 22 Feb 2023 23:26:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xrXvSZGysRrds79Lw7OkS8e0v0vdsb8ekrJsmMW7
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 1557
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 22 Feb 2023 23:26:05 GMT
expires
Wed, 22 Feb 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1401168
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame B3A9
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qlo1aeCDAi-gXgcZjqT2Yw
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qlo1aeCDAi-gXgcZjqT2Yw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 22 Feb 2023 23:26:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=qlo1aeCDAi-gXgcZjqT2Yw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 15AA 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Wed, 22 Feb 2023 23:26:06 GMT
Pragma
no-cache
Server
nginx
expires
-1
qmap
sync.crwdcntrl.net/ Frame 7AEE
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=&ct=y
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
13.228.146.168 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.2.174
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.23.220
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 7AEE
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6ee82581-78ce-4536-97c9-0cc14e785ed4%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c1bb5659-86dd-4534-b6ac-f3c582eac470&ttd_puid=6ee82581-78ce-4536-97c9-0cc14e785ed4%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c1bb5659-86dd-4534-b6ac-f3c582eac470&ttd_puid=6ee82581-78ce-4536-97c9-0cc14e785ed4%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:05 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=c1bb5659-86dd-4534-b6ac-f3c582eac470&ttd_puid=6ee82581-78ce-4536-97c9-0cc14e785ed4%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
Pug
simage2.pubmatic.com/AdServer/ Frame 7AEE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=
42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 22 Feb 2023 23:26:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c1bb5659-86dd-4534-b6ac-f3c582eac470&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 7AEE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EF5_d_RE2uUk8khEnDgl5Qk1QVGbgwc-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EF5_d_RE2uUk8khEnDgl5Qk1QVGbgwc-~A&gdpr=0
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-EF5_d_RE2uUk8khEnDgl5Qk1QVGbgwc-~A&gdpr=0
date
Wed, 22 Feb 2023 23:26:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
c1.adform.net/serving/cookie/ Frame 7AEE 		0
0
sync
odr.mookie1.com/t/v2/ Frame 7AEE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6826ffa9-5cda-4765-9def-03083d2d9199&ssp=pubmatic&gdpr=0&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6826ffa9-5cda-4765-9def-03083d2d9199&ssp=pubmatic&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.79.67 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:07 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=6826ffa9-5cda-4765-9def-03083d2d9199&ssp=pubmatic&gdpr=0&gdpr_consent=
Date
Wed, 22 Feb 2023 23:26:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 67F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFKfGmLDoeHVviI2oZSfUEgrFmhMubmEGBrCDSJoGcAn9gL-7zfnUJI85_9IQ6InO_x8knvESzD22muEYjycMvFCHEhngBjDs&sig=Cg0ArKJSzA-eiGYk1O1KEAE&id=lidar2&mcvt=1016&p=0,0,250,300&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3199938901&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677108363001&rpt=1325&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E8FF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDTu2sI4g2Z7uAPwSgk4RuaVKAXvDSnokyPZYXd1hXfjdJalEqSjt2ZjpYCDU6Ygefv_xBA1i4KMil6gLv1YZ9aSouof0FZgpXb425AEAYDAaIPAIi&sig=Cg0ArKJSzCO7knzbRzEmEAE&id=lidar2&mcvt=1000&p=700,995,950,1295&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230221&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=260713786&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677108360694&rpt=4071&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:3.74,%22ts%22:1677108365779,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ve...
aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/v/ Frame 5C8A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/v/%7B%22v%22:%7B%22p%22:50,%22t%22:1,%22def%22:%22iab%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:3.74,%22ts%22:1677108365779,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ver%22:%22r-1.30%22%7D?cb=1828827
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:05 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
%7B%22v%22:%7B%22p%22:100,%22t%22:1,%22def%22:%22groupm%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:3.74,%22ts%22:1677108365779,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%...
aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/v/ Frame 5C8A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/v/%7B%22v%22:%7B%22p%22:100,%22t%22:1,%22def%22:%22groupm%22%7D,%22vs%22:%22visible%22,%22ah%22:250,%22aw%22:300,%22ttv%22:3.74,%22ts%22:1677108365779,%22bn%22:false,%22pixelId%22:%22yaxg4l9tlnc%22,%22ver%22:%22r-1.30%22%7D?cb=7738784
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:05 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjZq,pingTime:1,time:3892,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:290,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:06 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjZr,pingTime:1,time:3893,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:290,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:06 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjZr,pingTime:1,time:3893,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:290,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:06 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLjZr,pingTime:1,time:3893,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1003,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:290,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:06 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
%7B%22adCsm%22:[%7B%22ns%22:1677108361513,%22st%22:%22545.50%22,%22re%22:%22766.20%22,%22ldTot%22:%22220.70%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22csmTot%22:%...
aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/ Frame 5C8A 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-fe-sin.amazon-adsystem.com/x/px/JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn/%7B%22adCsm%22:[%7B%22ns%22:1677108361513,%22st%22:%22545.50%22,%22re%22:%22766.20%22,%22ldTot%22:%22220.70%22%7D,%7B%22lteu%22:%220.10%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.00%22,%22csmTot%22:%220.80%22%7D],%22pixelId%22:%22yaxg4l9tlnc%22,%22ts%22:1677108367263,%22ver%22:%22r-1.30%22%7D?cb=2110212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.187.0 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://aax-fe-sin.amazon-adsystem.com/e/dtb/admi?b=JPV3h0orrTUb_rPkN_q0Ee8AAAGGe3KtTwUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICDQ6nxn&rnd=9627250535381677108360708&pp=e1d7gg&p=kwl5og&crid=2974:5755727
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 23:26:07 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 7AEE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 23:26:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLl1W,pingTime:5,time:7892,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:294,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:10 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7142c3e6-c759-3f6f-75c1-a7e8412b2b95&tv=%7Bc:4ZLl1W,pingTime:5,time:7892,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:765%7D,%7Bpiv:100,vs:i,r:,t:2890%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:2890,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:765,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2144~0,1~100%5D,as:%5B2145~300.250%5D%7D%7D,%7Bsl:i,t:2890,wc:0.0.1600.1200,ac:995.700.300.250,am:i,cc:995.700.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:jload,dtt:294,fm:twDBLY4+11%7C12%7C13%7C14%7C15%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C17134%7C18%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e%7C1f%7C1g11%7C1g12%7C1g13%7C1h%7C1i1%7C1j%7C1k%7C1l%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1o2%7C1o3%7C1o4%7C1p%7C1q%7C1r1%7C1s%7C1t%7C1u,idMap:1o*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:767,sis:960%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.174.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-174-139.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:10 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CV-j0ADngtbqWSfl&d=supercoach.heraldsun.com.au&g=36976&g0=sport%2Clobby%2Csupercoach%2Clobby%2Cindex%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1218&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fsupercoach.heraldsun.com.au%2F&b=5744&t=BSYYCFCU7u2wkeeBuCehBo9DPq51V&V=139&tz=0&_acct=anon&sn=2&sv=Cl5VqnDjDqGcD1fzAJBKcPzJCOtjGH&sd=1&im=06030402&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-222-86.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://supercoach.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 23:26:12 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dc_oe=ChMIr9TtwaOq_QIVRhq3AB1xQgYLEAAYACCBi-NX;met=1;&timestamp=1677108374762;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 67F7 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr9TtwaOq_QIVRhq3AB1xQgYLEAAYACCBi-NX;met=1;&timestamp=1677108374762;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 23:26:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d.turn.com
URL
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&gdpr=0&gdpr_consent=
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&sInitiator=external&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=21
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

449 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 boolean| credentialless object| oncontentvisibilityautostatechange function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| utag_data object| auth object| loginStatusPromise object| FB object| __twttrll object| twttr object| __twttr object| __buffer object| _vms object| webpackChunklobby_news_hwt function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched object| global object| process object| ADB function| introJs object| vidora_ns object| vidora object| __zone_symbol__testPassivefalse object| __zone_symbol__ON_PROPERTYtestPassive object| __zone_symbol__messagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse object| googleImaVansAdapter boolean| VIDEOJS_NO_DYNAMIC_STYLE object| __zone_symbol__loadfalse function| videojs object| httpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc function| __zone_symbol__ON_PROPERTYload function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| utag_cfg_ovrd object| VM object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse object| __zone_symbol__focusfalse object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse boolean| __tealium_twc_switch object| newskey object| m object| nb string| gtagRename object| dataLayer function| gtag object| sectionData number| _sf_endpt object| __alloyMonitors object| __alloyNS function| alloy object| ads_api number| gptPluginLoaded object| apstag number| gcTicker function| rdt string| TiktokAnalyticsObject object| ttq function| snaptr function| fbq function| _fbq function| twq object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| nca_ipsos function| __zone_symbol__ON_PROPERTYscroll object| __zone_symbol__scrollfalse object| dm object| ipsos_ready object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| ads_core object| ads_extra object| googletag function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore object| __zone_symbol__ON_PROPERTYmessage function| setImmediate function| clearImmediate object| ID5 object| __zone_symbol__pagehidefalse function| pbjsChunk object| _pbjsGlobals object| apsUnits function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| __zone_symbol__blurfalse object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ggeac object| google_tag_manager string| GoogleAnalyticsObject function| ga object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow object| __zone_symbol__beforeunloadfalse string| matchId object| KAMPYLE_EMBED boolean| isAlloyConfigured object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| __zone_symbol__unloadfalse object| $this object| providersData object| npt object| brandmetrics function| __assign object| __zone_symbol__pageshowfalse function| __spreadArray object| __zone_symbol__touchstartfalse object| __zone_symbol__keypressfalse object| _brandmetrics boolean| apstagLOADED object| apscustom object| GooglebQhCsO undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| atsdetectionmodule object| atsenvelopemodule object| ats object| Criteo object| diagPixSentCodes object| __iasAdRefreshConfig function| omrhp object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata boolean| DotMetricsInitScript object| configArgs number| pixelRatio object| screenSize object| labels object| DotMetricsSettings object| gaplugins object| gaGlobal object| gaData function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| __zone_symbol__NSDK_Initializedfalse object| DotmetricsJSON object| DotMetricsObj object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| __zone_symbol__pushState-C5SVI0J6V74OJ29IA6K0false object| __zone_symbol__replaceState-C5SVI0J6V74OJ29IA6K0false object| __zone_symbol__detected-identifierfalse function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| __zone_symbol__clickfalse object| s_i_newscorpau-hsweb_newscorpau-global undefined| oneTagObj function| ebDecode object| bsResponseObj object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| categoryData object| GoogleGcLKhOms object| __zone_symbol__messagetrue object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| __zone_symbol__mousemovefalse object| __zone_symbol__mousedowntrue object| __zone_symbol__clicktrue object| google_image_requests object| __IntegralASExec function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

140 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
supercoach.heraldsun.com.au/ Name: _com.auth0.auth.rlB7tjDT2bUMtSbELPb-wBh0LAhUBcfg_compat
Value: {%22nonce%22:%22IwyxSwXQZiG~qkT-G98aiZ8mNMyHH0Zx%22%2C%22state%22:%22rlB7tjDT2bUMtSbELPb-wBh0LAhUBcfg%22}
supercoach.heraldsun.com.au/ Name: com.auth0.auth.rlB7tjDT2bUMtSbELPb-wBh0LAhUBcfg
Value: {%22nonce%22:%22IwyxSwXQZiG~qkT-G98aiZ8mNMyHH0Zx%22%2C%22state%22:%22rlB7tjDT2bUMtSbELPb-wBh0LAhUBcfg%22}
.heraldsun.com.au/ Name: utag_main
Value: v_id:01867b72a53400205be43d0207d403074002406c00b08$_sn:1$_se:1$_ss:1$_st:1677110156405$ses_id:1677108356405%3Bexp-session$_pn:1%3Bexp-session
.supercoach.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.8068114537128497
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.doubleclick.net/ Name: IDE
Value: AHWqTUm_e4rI_MDTBVs3BwTptUe5urjaYeDdZFtucqt_AtjICP5zFK6_U3cFnfhEJ48
.heraldsun.com.au/ Name: _cb
Value: CV-j0ADngtbqWSfl
.heraldsun.com.au/ Name: _chartbeat2
Value: .1677108357283.1677108357283.1.Cl5VqnDjDqGcD1fzAJBKcPzJCOtjGH.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncid
Value: d330b073d6c2abc05d19e7c0cffc74a1
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1677108357606.285136871
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1829578373.1677108358
supercoach.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
supercoach.heraldsun.com.au/ Name: _lr_retry_request
Value: true
supercoach.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.demdex.net/ Name: demdex
Value: 24864091870457534263326627074444930026
.tiktok.com/ Name: _ttp
Value: 2M7AgRpaj0iHurQNmmDjwOJIyCh
.heraldsun.com.au/ Name: _schn
Value: _w8oksq
.heraldsun.com.au/ Name: _scid
Value: fcd02fa8-89db-440d-a820-3118d22e2d6e
supercoach.heraldsun.com.au/ Name: mdLogger
Value: false
supercoach.heraldsun.com.au/ Name: kampyle_userid
Value: 392a-7152-518b-8620-cc8d-b44f-dd99-9048
supercoach.heraldsun.com.au/ Name: kampyleUserSession
Value: 1677108358214
supercoach.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
supercoach.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
supercoach.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 63.14695269319115
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1677108358262.c3b9dcd1-a9f9-4261-bdf1-e9d855b1acff
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 07ac10bc-7f64-4e4d-8586-1bad90a84e02.1677108357.1.1677108358.1677108357.816a8daf-0f22-4b36-aaf8-36de75045151
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=f685339f-2c0c-453b-b7e6-03bac0876a20&Created=02/22/2023 23:25:58&UserMode=0&guid=84a93b4f-fd70-4d08-a40c-9fefcbf5e310&ver=1
.heraldsun.com.au/ Name: _ga
Value: GA1.3.1360403360.1677108359
.heraldsun.com.au/ Name: _gid
Value: GA1.3.1006446125.1677108359
.heraldsun.com.au/ Name: _gat_gtag_UA_92560_41
Value: 1
.heraldsun.com.au/ Name: nol_fpid
Value: ezlx0ljucyfgjg1irwwxzpbtefknv1677108358|1677108358533|1677108358533|1677108358533
.heraldsun.com.au/ Name: _tt_enable_cookie
Value: 1
.heraldsun.com.au/ Name: _ttp
Value: CCayKlPSFqWWolx_Wi9xmph6Ruw
supercoach.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
supercoach.heraldsun.com.au/ Name: DM_SitId1557SecId13522
Value: 1
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C24887871712852754643324220534104783600
.rubiconproject.com/ Name: khaos
Value: LEGB0JLT-G-DPD
.id5-sync.com/ Name: 3pi
Value:
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwhsnanwY4AUABSAEQhsnanwYYAA..
.adnxs.com/ Name: uuid2
Value: 3716421066496071668
supercoach.heraldsun.com.au/ Name: _lr_geo_location_state
Value: VIC
supercoach.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
.heraldsun.com.au/ Name: s_tbm
Value: true
.heraldsun.com.au/ Name: s_nr30
Value: 1677108359038-New
.heraldsun.com.au/ Name: s_tslv
Value: 1677108359040
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Csport%7Cindex%7Clobby-supercoach-lobby-index
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 1218
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Csport%257Cindex%257Clobby-supercoach-lobby-index%2C99%2C99%2C1200%2C1%2C1
.heraldsun.com.au/ Name: s_cc
Value: true
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: PaQQ9pU/1rIzfZwTN6tzIz4GSMVAq7pUz1Sf1HQXrxt9pq054W8VtOuZsp3jG9OE08Y9BnRGeLCr7ERD9T4bJfeRsFt8JRzrSQ8KXPmNHmWjfQd20MpUxWdFtmFQ
.supercoach.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898
.supercoach.heraldsun.com.au/ Name: aam_uuid
Value: 24864091870457534263326627074444930026
.tapad.com/ Name: TapAd_TS
Value: 1677108359302
.tapad.com/ Name: TapAd_DID
Value: 6ee82581-78ce-4536-97c9-0cc14e785ed4
.imrworldwide.com/ Name: IMRID
Value: 43940dc0-b308-11ed-82ff-27765db8da16
.id5-sync.com/ Name: id5
Value: cdf166ad-a8f7-725e-9aa2-3119b2ccedda#1677108358737#2
.dpm.demdex.net/ Name: dpm
Value: 24864091870457534263326627074444930026
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004c3mD5Z0_
.serving-sys.com/ Name: G4
Value: 0009fM00Ku_
.serving-sys.com/ Name: OT2
Value: 0001DC1s8n
.serving-sys.com/ Name: u2
Value: 174e7bf2-3574-4f58-a787-5d65626dddd54Li050
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-akhwAAADsqkAN9
.t.co/ Name: muc_ads
Value: 0615dd29-6a3f-454f-86fc-e51835ac6c68
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.twitter.com/ Name: guest_id_marketing
Value: v1%3A167710835937086333
.twitter.com/ Name: guest_id_ads
Value: v1%3A167710835937086333
.twitter.com/ Name: guest_id
Value: v1%3A167710835937086333
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19411%7CMCMID%7C24887871712852754643324220534104783600%7CMCAAMLH-1677713159%7C3%7CMCAAMB-1677713159%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1677115559s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19418%7CvVersion%7C5.1.1
.adsrvr.org/ Name: TDID
Value: c1bb5659-86dd-4534-b6ac-f3c582eac470
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAE3GwRGAMAgEwIqYAeEI2I1yWkWK9+u+1uZRFC4ZkhIvQyrnFiRIrz6yfVvoabmWaTl6/6ofc9y9pkAAAAA=
.heraldsun.com.au/ Name: _sctr
Value: 1|1677024000000
.newscgp.com/ Name: sp
Value: 962a5ff5-40d2-47dc-9f24-af49746d0e21
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYyNDg4Nzg3MTcxMjg1Mjc1NDY0MzMyNDIyMDUzNDEwNDc4MzYwMFIPCLvlytvnMBgBKgRTR1Az8AG75crb5zA=
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: sgp3
.casalemedia.com/ Name: CMID
Value: Y-akh5Yzh6T3zdtwG7umwAAA
.casalemedia.com/ Name: CMPS
Value: 4697
.casalemedia.com/ Name: CMPRO
Value: 4697
.amazon-adsystem.com/ Name: ad-id
Value: A7rLQrx-Rk7MspGT4r2AIdU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.twitter.com/ Name: personalization_id
Value: "v1_G1/5VWpjxccp1/UmSvnHTw=="
.eyeota.net/ Name: mako_uid
Value: 1867b72b4fe-35ba00000108435c
.eyeota.net/ Name: SERVERID
Value: 17244~DM
.linkedin.com/ Name: li_sugr
Value: 4449f63c-d8e6-46e1-93bd-51cf39da1dfb
.linkedin.com/ Name: bcookie
Value: "v=2&e555f533-d1f2-4747-8bd9-a94e154c3ec3"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2813:u=1:x=1:i=1677108360:t=1677194760:v=2:sig=AQESPCPoHP2eQhwh5C6_zOq8Y_KYWtd0"
.scanscout.com/ Name: uid
Value: CI-0be81a86c8bd33659032bd6292cd5417
.scanscout.com/ Name: UIAA
Value: 24864091870457534263326627074444930026
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1677108360478"
.heraldsun.com.au/ Name: __gads
Value: ID=fceb11440b0bb327:T=1677108360:S=ALNI_MZvM50vz4R24ennvS8s_-LnrYHhCw
.heraldsun.com.au/ Name: __gpi
Value: UID=00000bca71392c3c:T=1677108360:RT=1677108360:S=ALNI_MZMTetJjCHXnrbK6ZOfsUn_a02yhw
supercoach.heraldsun.com.au/ Name: ln_or
Value: eyIxNzY1MzgwIjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQI3YnC8skKQPwAAAYZ7crYuYdVLBT5a8etI2jzpOW6_vzFtHT0kOjMJHQt3w4bOdt1Ch47qapJucg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIoHPjT1niYgQAAAYZ7crYu5vL5KhvMlXC6fzrNyC0-StAn1qFsajNwb4uLyQqoOnFYQHVxeS5uq8PpdvKQfQ
.bluekai.com/ Name: bku
Value: pSL99/iA2ZBOlsDh
.demdex.net/ Name: dextp
Value: 358-1-1677108359025|470-1-1677108359127|481-1-1677108359228|771-1-1677108359329|903-1-1677108359432|19566-1-1677108359541|23728-1-1677108359642|30432-1-1677108359743|30064-1-1677108359844|66757-1-1677108359945|134096-1-1677108360098|144230-1-1677108360200|144231-1-1677108360300|144232-1-1677108360401|144233-1-1677108360502|144234-1-1677108360608|144235-1-1677108360732|144236-1-1677108360833|144237-1-1677108360934|147592-1-1677108361037|461447-1-1677108361137
.www.linkedin.com/ Name: bscookie
Value: "v=1&202302222326012985e6d0-3709-4251-8cb3-f2835dc1a317AQHYQVA7m4nSB-QcLhjksacr_gTutTTy"
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 903B7E43-C2B2-4D66-B2CB-DCCD52297D7C
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2H`iG%Y6m!A#FT.TOK_Dm7hk)YQ*aHMVh^a^Kuu=9#GOYW#ENpO0x#ki'G=*f=kWO]g0jJtL#jDjsNv::wL#9(GdyNhTp_jNFZ9
.brand-display.com/ Name: _knxq_
Value: f316238e-7a8d-c3f7-37e8ffa1.1677108361.0.1677108361.1677108361
.openx.net/ Name: i
Value: ea87d122-b825-40e7-bebb-6b9401e76d79|1677108361
.criteo.com/ Name: uid
Value: 5a4b7d8a-2a40-4cb2-98e8-d026166fc275
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y-akhwAAADsqkAN9&KRTB&22978-Y-akhwAAADsqkAN9&KRTB&23194-Y-akhwAAADsqkAN9&KRTB&23209-Y-akhwAAADsqkAN9
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEDN6o11hFvUC45YuT7nbyYg&KRTB&22987-CAESEDN6o11hFvUC45YuT7nbyYg&KRTB&23025-CAESEDN6o11hFvUC45YuT7nbyYg&KRTB&23386-CAESEDN6o11hFvUC45YuT7nbyYg
.heraldsun.com.au/ Name: cto_bundle
Value: RZLhcl9Oa1JuTjhmU0xyZGpyY3Jjd3l3UnZhJTJCalpMRVBFWEFrblVOekkwQmZIWjFjVXhxU2JLeEl1ZkVFVENVNUxVbUs5JTJGemZUSEJoRlNIY1ZRNGw2dSUyRnRXWTBkVXMlMkZhQk1BZ1c2Tjh2bWc0aHlsdyUyQkpLZ2wxRWQ3Qk9pSnB2VExyRDVvbWgxOXhUR2dZakJIeFdOVlFGd3JiWENsYXolMkJlJTJCS2RadHJrJTJCTzUyc2hvJTNE
supercoach.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.krxd.net/ Name: _kuid_
Value: PZUoVkLY
.simpli.fi/ Name: suid
Value: D2485CEEA55D4C25BF4F378D008DAF22
.yahoo.com/ Name: A3
Value: d=AQABBImk9mMCEOHWznYwEjSpZc1QEwS5OE4FEgEBAQH292MAZAAAAAAA_eMAAA&S=AQAAAjLYfTsNXC-x2orjskMy4wY
.spotxchange.com/ Name: audience
Value: 45005089-b308-11ed-8b3c-1682dc250407
.zemanta.com/ Name: zuid
Value: fpU-dTwnwsu6ogjH_RDJ
.mathtag.com/ Name: uuid
Value: f1c863f6-a489-4e00-a619-888cbd7452d3
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIOyPXYajIGXCKB0+A8/5OaEBWQ5sDBZDIbSI2epUWI4+5yWjFuv7QJre/tPjn2MunCE5PtmhoXDfjoKMgmoql6HGcFqG6/buODN7kx2H+04A==
.pippio.com/ Name: did
Value: YoIe5axHHGitvZ-m
.pippio.com/ Name: didts
Value: 1677108362
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CIrJ2p8GEgUI3k4QAA==
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f1c863f6-a489-4e00-a619-888cbd7452d3&KRTB&16736-uid:f1c863f6-a489-4e00-a619-888cbd7452d3&KRTB&23019-uid:f1c863f6-a489-4e00-a619-888cbd7452d3&KRTB&23114-uid:f1c863f6-a489-4e00-a619-888cbd7452d3
.rlcdn.com/ Name: rlas3
Value: VhPhk9fzEVPMuNeNgF+UqewB4HvRWI8Vj38ANVEidwU=
.rlcdn.com/ Name: pxrc
Value: CInJ2p8GEgUI6AcQABIFCOhHEAASBgiktysQAQ==
.dyntrk.com/ Name: dyn_u
Value: 07010010_63f6a48af28d7
.bidr.io/ Name: bito
Value: AABAZ07H7UkAACBTFEc84g
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: SPugT
Value: 1677108363
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1678233600%3A226_245_201_197%7C1677628800%3A164_248
.pubmatic.com/ Name: SyncRTB3
Value: 1678233600%3A220_13_247_22_3_96_107_71_8_21_54_56_7%7C1677628800%3A223%7C1678320000%3A35%7C1677888000%3A63
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIzreuhcbNyjsQBRIZCgpyaWdodG1lZGlhEgsIzObgjMbNyjsQBRIVCgZnb29nbGUSCwiawJKRxs3KOxAFEhYKB3J1Ymljb24SCwjM5uCMxs3KOxAFEhcKCHB1Ym1hdGljEgsI8pKLu8bNyjsQBRgBIAEoAjILCPKKjujczco7EAU4AVoIcHVibWF0aWNgAg..
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2a5b:18z8~2a5b"
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c1bb5659-86dd-4534-b6ac-f3c582eac470&KRTB&22918-c1bb5659-86dd-4534-b6ac-f3c582eac470&KRTB&23031-c1bb5659-86dd-4534-b6ac-f3c582eac470
.pubmatic.com/ Name: PugT
Value: 1677108365

12 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=303582513389.88306?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=303582513389.88306?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=303582513389.88306?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://ad.turn.com/r/cs?pid=21
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=903B7E43-C2B2-4D66-B2CB-DCCD52297D7C&sInitiator=external&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://pippio.com/api/liveramp.com
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://ad.turn.com/r/cs?pid=21
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 109)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy block-all-mixed-content; default-src https:; media-src https: blob: data:; style-src https: 'unsafe-inline'; font-src https: data:; script-src https: blob: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; connect-src https: wss:; frame-src https:; prefetch-src https:; frame-ancestors https:; form-action https:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22bd011bba32e5e44fcd1bf167894f71.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
aax-fe-sin.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
beacon-sin1.rubiconproject.com
beacon.krxd.net
beap-bc.yahoo.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.js7k.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn1.adoberesources.net
check.analytics.rlcdn.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.api.news
d.turn.com
d32guktqcrn2b4.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lm.serving-sys.com
match.adsrvr.org
match.prod.bidr.io
metrics.heraldsun.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
newscorpau.demdex.net
o479328.ingest.sentry.io
odr.mookie1.com
omny.fm
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
platform.twitter.com
players.brightcove.net
pn.ybp.yahoo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
pubads.g.doubleclick.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
sc-static.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
supercoach.heraldsun.com.au
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
syndication.twitter.com
t.co
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
tips.com.au
token.rubiconproject.com
tpc.googlesyndication.com
tr.snapchat.com
trc.taboola.com
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.news.com.au
www.omnycontent.com
www.redditstatic.com
x.bidswitch.net
y6vdtbezmcosf0en7rera5gnmoy4v1677108358.nuid.imrworldwide.com
ad.turn.com
c1.adform.net
d.turn.com
uipglob.semasio.net
103.229.10.247
103.229.205.242
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.43.90.54
103.71.26.126
104.16.85.20
104.18.10.47
104.18.24.185
104.18.25.185
104.20.106.62
104.244.42.131
104.244.42.197
104.244.42.200
104.254.148.252
104.69.166.9
106.10.218.42
106.10.236.40
107.178.254.65
107.22.40.64
119.161.10.12
13.107.42.14
13.112.47.49
13.115.235.137
13.211.184.0
13.226.70.184
13.227.248.101
13.227.254.27
13.228.146.168
13.228.15.221
13.250.236.77
13.33.79.24
13.33.88.123
13.33.88.80
13.33.88.96
13.35.14.254
13.35.15.213
139.5.84.243
142.250.4.149
142.250.4.156
142.251.10.148
142.251.10.99
142.251.12.132
142.251.12.155
142.251.12.157
142.251.12.94
145.40.73.5
15.197.193.217
151.101.1.108
151.101.129.140
151.101.193.140
151.101.65.175
151.101.65.44
151.101.66.49
157.240.15.13
157.240.15.35
162.19.138.82
172.104.45.159
172.217.194.138
172.217.194.149
172.217.194.157
172.217.194.94
172.217.194.95
172.253.118.132
172.64.101.9
172.67.38.106
18.138.150.118
18.138.18.111
18.138.86.105
18.141.80.142
18.155.68.116
18.155.68.45
18.155.68.8
18.155.68.87
18.161.111.49
18.198.226.167
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.50.85.210
192.229.237.25
199.127.207.184
199.232.44.157
220.150.223.50
23.106.69.72
23.207.180.112
23.207.180.192
23.207.180.199
23.207.180.236
23.207.180.247
23.207.181.29
23.39.5.30
23.45.116.82
3.211.174.139
34.111.113.62
34.111.151.213
34.111.79.67
34.120.155.137
34.120.195.249
34.124.209.251
34.198.254.80
34.98.64.218
35.174.222.86
35.190.43.134
35.190.60.146
35.213.12.39
35.241.45.82
44.230.85.187
50.31.142.95
52.119.187.0
52.222.144.98
52.46.155.104
52.74.162.2
52.76.107.159
52.84.251.103
52.84.251.118
52.84.251.126
52.84.251.33
52.84.251.38
52.84.251.86
52.84.45.86
52.95.125.22
54.151.157.82
54.179.29.59
63.140.48.134
65.9.158.139
67.199.150.86
69.173.158.64
69.173.158.65
69.173.158.67
72.247.81.162
74.125.130.154
74.125.130.157
74.125.200.97
74.125.24.156
74.125.24.157
74.125.68.154
8.43.72.97
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
019756e91511a9b21fb52a032cdee194824d572957a81063aa17276c4dcabfed
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
032e643e873bcbcb7c649cfb7fc1a205923457596aea888152fca9e3b0e38c8d
0400405f195033304c0e22cf6c198294858dc3053af119df665ff6fe60804b1c
05333b8f52718aca57dbe28e6b2956fd2840b6d60ce7d57aca4b096ad4cdaa27
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
063c160558a5e2371f6c9c997695773937c868bcfe24c863851e8384b25f5813
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08424461d604369f06ece55690acc9f07d675f5433525cf544aef3e0ac48ac66
08521ed33214df099c037cff71468eb0c565633081ace195c9da6eb85a16c0fc
0866a54e6bceeae0c0a1fddca18e17ddab30d315ce8c38c8ee2f55be2c86ca60
09ef3185c70b92a89a42173554dcba0971bf6ff6807d8f2beb587eb211e38f8a
0aa05ba11ed7cd12d84b0b101a7d1a7118af9f423e2e027321d35d50f4a10442
0b36ebf2f05d2fbe5b2631a5f2209d9ebbce1052d2223f9a4ddd25ebe2d74efa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e6809406e07c770b85da35a4faf706f8750b5db94cdc475aa4dfa79033f80eb
0e978d238d5c41225bcd905cf8add12e444e2cf30f04691a949cebe0789f174c
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ff9ef6b85bd1143ab294e2837bf1363e938de5869971280e1858140cc9966cc
10103e40d98e3a24f4566ecc813da637c1cdec0aca5a2b4996ea69372b955dae
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1484780c45d02ababcf072d136c2129f9406905d2e6e616746271b8ee0f257f2
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
181fa83a06680650c0e2b20baefdb54f98d542cee596bbdd4cb1da88c71a6527
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1873c94c42119ef95ad52d8c28bc79e8d80402b2c7953f5031d3ee499f195f26
1abf66584a146abcfa0a1635ede00e0dfce3844c436628a7edbb924bbb2d67a5
1b15c102ae2b5b89963d7c78bff8be72bebeba53c7b178347f954b4359fb5639
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1bfd4de1ee974914b69d3692bd5cfcf13ba3a1c6a5fc47a6e0691f79ca19b71f
1dabb10f9fbc8b4da438d3dd37af3f3202ac3184d83497536cdbaa1c12036a45
1e329edbe678b8a3615eeff892d7c5094ee04bb6a7256a9ab5a8e1d4a6d51d4f
1fbda1e46b2b2849d1d5cc62ef5b99d26636e1a12d92edd11ed919d01bc5807a
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
21253b645972db8c8f07eab412d7bc2ec0de10a81144d544e340879822b4d35d
22711b23d3e481df0255cebd9a7a0df4f5261cbc7909962ada5da7d9ef35dcbc
25bb1113068c1c7b9996ee51c22119c5379c6284be87e4b4000596a777a522ab
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28d3c4990c5bb406c545ecdb67410f4216f47fd67c8bc62532fdad5adc307efc
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b07953616626dfca6562071ea6c90d9f6ddfc923ff9568323e8459db87615c0
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c967d0a3bf0e504606e5362d713985b53d04e8570511e444ff6565b589c225f
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2dd85571c4c7c27aab3744b87de05e9a621390c2664149281d234e3e7fd0ec8e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3528195e6af4e53d97fa596f8c6e62b517d884e584bfb3e4d5de348447842c59
35c92e09798ce5d52f2c2af85cd9df19b8406cba6122c2545f50a9f98c1521db
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3879117cfe798c496513ff5f2f5a1de58d08d5d06c265d5593e3b0c68d0c271b
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3b9e1424468282934fb47505da12447327b335c7aef11d6d74863e190c5b901f
3bde7963c6171f24a8b6289eeec6af3276293c0f5a8abf95705d2ebce94687fe
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d251f5ee1c4ed268ca1753204e8209ac779d7cd1ed7103967d6d03e91de609e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4ebcd05765b7a44a22a4e5bba0c6029d2f1ff6c2866619bcc0c328af0f911e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4227501cdf63e0b4e2b919c7f06b718654c589053d8acefd5630e905742c9fbb
4234887a4c9024f9814bbd722d45b89a2e547abe0f842bcdce29f277cbed9666
42a5b09908a5dd4a9664125684e98e3299b714843bfed20536ee9fde412de9cc
4309c278b19cc65d2b31fae807a2373dae84c5ae2fa6ec6c2a8e8c15cb9ab87a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4468d08891fca625d4051ab4e7a33725527fe4174864c8c6866c93a88defe88a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47460bc3de3976bb9fbe70bd11338058012a2514b92f27d5ea68427ff0f487f8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4daa16a8baa1863d649ad0e3569a2ea5c3ef5584601ca8544eff030fb9c2cb29
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e45ca3e7ea9d92653a436a506c1767bbc0cf8051cc689d4d8c0b24c71a3ea1d
4ea1efddf48539b557b657f68ddf5e3ab161af818eaf9f5bf92505d0668b306f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511b67b07a90c30bed95a6e3b1a7708d978d53f01e5fad89403590aaf22fb134
513567f0a1c3de9417ae31e22229e54b75812a12a6460343f4e965a49413ff9b
523dd657c4dfc24fb3581266d122a1addd4afcf2a391002b2fb2747a7ee4c085
52c784d524d2524b2da9d5951e288bf76a88929c42aa9db1d365602da50a28da
5328f9898f37c3b22b25977eacfe5c2abfadf0d0e263704693b831c3fa6d9b1a
53486081237ff1c635b6e07b05c6f1ff37e24d49c861ae550cdc562246729a4a
53d1ab4be4067c13985d6031f5a843bbedc9dfb7dbea0ee73dd8065bd75c647b
543fe4b85f8a3f41a1e58f1e4ae6dd9df58774edf88f5b707b6bcf311d3251fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56409900ffa5c01279fcfe9f156fe2aae0c9de26e10a39bb3b6c666826eea12e
56963003b01734c810ca2aa6ac651871f418a1d54461f06a60bd7010b2bd8aa3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59e252a74692a8029c6f1f033f68815f2781fbcb047327a49595bd88df50174d
5af5de069385501001b91e4ea1cd24d0cc059fe9141d2a29b9022110a02f9edf
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5b45a78271d48a203d62a08aaadd273e841b4d8d7e89e767f87ddeb96bf8082f
5c8f8bbb6e670e152d44ed1d5a373c9481e8bf377b4f05cb62a9abcd3c433637
5d4942a6c27e7ea76bef60f21fb00f72ee1398c6e57dda88bd2f6c53262e24e0
5d927ab03beeb924ba53f4cea941a328d81adfc689c2dcef23ab89195f435ba8
5db93ff8f6e0112424b4ace4a4b7688ac223517a4cf12e36bc8cac5edae07c38
5e5f8726820e9fceadb021dcfb8f22324c0c6cefa269ed8d04c8420357a6b8d0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fa179bb6a43d208de3a3fcfb289e117067e152f9c6fcbd5b68a1187ea2210d9
618843158ccc24172fe7ac6ab8b755bf371cf5965c469407613041778e43e503
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633481ce37a872535a865e6095f9612b179508e20e917ae63fcf9adc5f63ce16
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65623ba024c39f3e0fd17ce630f541d895db058b82ed92c78be467707add0d78
67357e72beccdb1e6d058136eedc16ea52b4ba4dcb89cc75968a1b28e26c3a1c
67af5d26be860bfcb6d7db018155f558ff1dedaeafa98aca97e7042ca15924c5
68b299dbf020512e4a72f4f18f3346d2f8cb37d039dcc3c41ae69500dc3779a0
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
6928d0fe26953781fdfc16657a58aab75b5801e7fe3b88700225e70dd3850dc7
69a20fd1d9704b066c532b34dabb78d00d163b8b701a16c5c83bce2f972a65a7
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1d9798796b4bde923fccd815b2e223a46f3034e5a1a63283454784397a4c66
6d2566403daace7e465d741fb9abc4615f81152735c1587460019f1dc08740fb
6e3c6e47d66f83b38e35d392575e43a35356de10f0246e001c2f7f411d0791f2
6e7f4e5b7b6fba8fe6be832513c9a2bdc4aeb6f4e37ee20bbff9c6abbb0a674f
6e8f128b01ba68dcfdc212758efdd805fa0a38585cf781400bddd050dc27dc35
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7302d68eaa15a67a7cce67a4b5c226cdcfe546d37c56cdc21aec4e5ef5799bb2
736c7404f183cc3f13ccd9d0ff3a1b2045a2f3dd0130014354d3327e74237a7a
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
75b30ac3717e0d43d5b4ac4ae4973951f07dbd05142662c1608fe504055147e5
7639e4680fed5066d603770930ba8bee08acc6cec2d004683fbbdce24f25c44f
7772e1b342f357e35fb462355432ffdb9dfae2263b99b4addd2c1ff95f4ab7cd
78e5eef5a4c0897721038a13810d3a39cc3779c2f308de609cd34823a90bf0a6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b404b9a484eabf02274d1b2903119f3b3355ccda686cb1ca264b9e034496823
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c96ba3dee85b281e14dc0913acf4cb7ed9ea939b4e46b64dc15af21c2abb631
7d7b30f197a9b1808a59410e51c0bf4e0924790b73606c5b54dc537d536a7361
7dd9adee5089f16796091e7f9b4df758cafb95bf7b3742709e4e237316f95f59
7f6008ca479fb9e50da5b7cee97fa7c1251f20373ab588273803f69545005080
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
8224ff2bc3b73463011b9139a89a4a195d749e3ab63d286406d70696458e3bc7
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
830bf311604c3303fa7726756aa6ea1a96ceedc07f5e77ab0d54d16fdcab8c97
831eb55b0683d70cbc8cfb526b99ea53d44fbc5e28594586bcff0ab7801a866e
83472595381fbd93444a79e1db9b41468ecd1c5a56f874f3cc43797253900dc3
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
859f7c10c87aa6293fc6f28eb7c7033b0fa3ce33f13922bba8ff7183953fe325
869063410ae46c8f64343b2faaca750ff275cfce302b9e809082d483d3ab6a73
86d718165adfb25f70b77128d8a404edcacba3c0dcc2a5417af5621582c82ca2
87103957dd6c71be7e62d890126ef363a3a7e0d5a23a3230178ccbdcc97b05fc
89a0eff8d578577ca7cf7d54651522fee8cea920311819b9ded36c4a2bd042e6
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8d2ca6041b063257489dd38ed102b3123ac771cbefe0eae401f4d6f4cd1dfad7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec974f98a68710a1f33994e4b94ce7b131097a5adf24baf9d669577b133a384
8f6b34ea3932f96a9c2fb0f60afea518e40dba0f252ee7fb778b8e9c4be8918b
8fb97144f37a70f7294a7fbd2ac3505a00cd8be084fa2935cc25557bc19c9e9d
8fc6970335c9c9c3ee415b6ceb954a1ee2fbfea9a70807433b9db4594882af9f
904533dd74f54a6def75360f7e7793fbb83762aad9097f2601895c6960e784bc
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92f64f8f0ea9ef0c2d74b7cd8c9843fc0b3303c9552793f0d7da34f40bcda244
9356c90bff9a3cfcc6d370026ec50d06645b3d32fcd0e432754f37d228fd8c2b
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
968c616f3fadaad9f59bf5572a74e9c94a2563d094e0f9c9f669a0ef1c6bd87e
96caf09ed7f9de28743126d8289dcf736b32a54e5cae23718c3cc507974c9ef4
9711945e90a656dc7c6e00b4b323adf711fb00d2b9f1fb3e231e3373eb0df5ce
97304e66cf7a4feb4c4a154f97581cd0b7256d12040ebcc00fc9b10f432a8a5f
98addbe891312888a794d312286b44b4551eb9d349c8ec621ba40c7c233cd45e
99a8fde9ff38042a1c776d8ccfe3348d55abf6928e45b6802cd861701e3c1589
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a143ca1ac0ac1866eb1e1532bbb7835b0b8597fa370fcf0283a6f3a21f67428
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626
9ac1dc5b452dfcb44503508a16c9d97e291add1066c84e197358dbd74b5e7aed
9cf8994e9d3f7846bb4d2137dc00af5e7fddf8f5d9f627e8f3baaee58d17a69a
9f4e0d95d076668b9a5b15c8dcad8de90867decce2e5acf9a1020d8b6e86a1cb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18181c6470ff5f55ef69ab926e01d6b4dac897db3e6aeb953b91fafd086dcec
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd
a75147c46eb6d05dacd09e3990e7710cd2be3820344bb328a47967c764bd418d
a78db89d915b7bfc27d1365d73ff651e74515b5cc73c52d6386d8ed9559e06ec
a91c30598cdddf4e87ed879037c9fe0b11cb58fff18e9b2b19cd598e22a4b7f2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b0651ca51c66d069097a44e700ce92c4af40b42987d181891e3eb42ef7184495
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0ebea7fd51d04b4e550829e6ebbcd81ddb8bf995d36bd686fc41e599329e777
b11ba2b47d13da58bc505154d1c99abd2850b726ced6a63d94859e39f6433e6f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f34ed518e2039af2b9f37ac95d38f592092df7a1a51cf927c3d23dc938aba0
b27c0bd61116f98e23e6d181ff31043cbba1f5e2c8c0cbfa4b8fb350f9e11650
b297c5aa48aa043b5a5ab81f5c5a11405e525a3648b33c450ceca244c2e5d718
b3d11fd8397dd365d10c7f32d77e32eeb1e0d20406aceb2e76aac8a145329964
b50552563c561fbf9ed331d948cafc003ad18b2fed2c2860c5d2cc61b9516df6
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b95044263f3f5e3922fc23918a43efa57b42d73c6ce374219e9b323770b3d438
b9ab0adbf14bb925daf076ca8991eda8a0c1c7199ae0d818b3acb95fe728d26e
ba2e5178a90693f8371e7b9989bb699c649d1f33bef2ceb6dd67c8118813e7a7
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bdba86a2301573400c8eaaaf90d7660e27234413118c39b3618e8572c25c562f
bf16303d01177252671bfd19187a9da327f415095570b5467131e4b4b0e607a0
bf694576cc8a6237e864b2e1294231925bbc7468c59fd42a3027d59a69f5e2ac
c00abf7da8a246c460de8fe5192f8850f247de82230d9d8b9f040ee6ddd853ce
c0509ee503a40ffc0cf58e1d7b9a6225dd915f67101f426176f662b3b7f55b41
c12518607dd5c7393565336721a3c04e1b735d2f53b01b367ee705fa17db006a
c1795a7307b29b1e9e38b821359f5d43e1eae27fbcc3d9f67b9867c17dc6327f
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c38a71b9483a8bb743b6dcb7835c7fb1d9c1902368efc2f3704232eee9433bf2
c6deeefb6cafea5221f3f64d75ce76e36959d58a55fea1515e216f7a42de4267
c6f09adec78e811410b127829b9855178c6fc3ced22876b81a0e249be4253ddd
c75ea671538d44847b052d7799de9a7b1333294174733b8139495faed6e67108
c7f529f4d3725a569a24d24f4203ce0ff79d2b7ffca48a30ce7444728808fb2f
ca62753320e665f9ba3578bed450c7133a325ad74057b5d9a411c005bf444ff1
caac47853b9bdeaeffc3feff26b9902c0066cc16cc49aef7eca193d1d7f20b3f
cba86c0f026f9b8b1bccee7425c5995248755566cc59a8cc9878f520523d6961
cd1744b555cfa1ca043621bc929fdcf452e5bf1fc80dc7735e690f8a87950f9c
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cecc0204a2303490737989008d814693a2ebf53f7204e5a2cf5520d94caaa385
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1cd1732afda8d086bca8281a43e3b622a0f1ad8b145686a9334a86dbe056254
d1d9996adf227409e389ca01edbee915547f33a9765e24cf542a259e25210cd2
d1ed1677dc75607eb6865e91977014c05346e13285475a93ba4e8fcec5239a3a
d568103e057eac05bc2f99b84bd3a783ea711059bd9e0056ec6af9f5c2461cec
d5719bfe9c1f816ff3f05f8b4fe76e7747f4224b1f7bfd72a136f20465764c65
d6bdf9a5758c26137e3fb8bab7b67fb05cd507d374f3524fe056730d6e7c2660
d6be591c82bf92f1e6051b41e863f566d0529ce796014e7aae15548ad4d7bf49
d6d86d147ad21764c3b7567678f063a1fe48b5fbed5feb4d2c87932ec2c5cad6
d73aaa768b49658e4e4d4049008a04783f4c668c299cf5b0286352257ae1adc3
d7d66a94efc44da1e7c2b34fa5463b6326d706548e90f9dde0f77fe0582169f1
d845e1a8079ce3b5fa4aab2f667450c107dcfaa5806d2ef1bdbbd92861ca5834
d864077aa7d3062d9d87106d30f3ff9c305d169de8073013a74f1c899c5928a5
d91d751ba3d787d90e783b7e05704f02452b1d1626663efaf7493b3d4e6c31b0
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df6da203d9b63b236ea56b22153bd7c21ff3a7b311a9a75ccfda97a37c3df6d5
df86ee1ff38b797cd52103e90a8f3ae36e86e48379461bd13e3da267c0f23312
e028e913b35513540d2d8b87956782c205b5950f17abf55680476bf071910040
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1962f7519a5cdfaca53458f531eae43c1bef1ac41222ec15640247f37c9b6d6
e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25c51e5e6f03dc0513385a1d8730f36537309864c444ab253ed66b2bf2db3
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e44465246d0b7f2f5357c5f87b449c532e1851148710f871fd0066ca9fa87fd1
e532c7c8985c6dc16308e53737a3ec58f9d55b1c28238382e0a14ff753fd2e14
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d76fc21fc99a75d8809af853c3a4de04f331d95c62d0f96ca1be8cd5f6f142
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3
e9650a4bd1e8070df9eb6d750042e47f8d8784026e7b71781d1791dc8ccb6d0f
ea1b9f18cee0738c081464e9e858b9233873af009dbd436d3abae9371440c103
eb080e82d0cee3796eb1c80e76e1ccc63cb4cd82a86de8919f5a2be54c63a90f
eb1e8e84257027ae3feff8f88e512977094d01e375227ad2b7499640a5a92d73
ec9135edd58a3a2a6bfe25e9598c31fa8f48c5c84e8c8c3b79508742c0fe446a
eda66660e3697c79394073d8612dbce395eccdd20f40387c05f132882b00f04e
eda80047727d4a0d0e6cfc0616b2defd00b1f37145411474a779ac3f6defbab6
ee2038ee4b5d1b0ad0d699a90b605cbc7aebc8b18f62a12b6596a067241ad42b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eedd49621b38f275303c3f88a999ee576072d8e100aac6b0ce08e488682f0e42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef259123763f8cf2ff351adc6fbe0cd45234ecd1014c38d7c93b78c28bff31f6
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f222758f1d0f71c12e10a1bdaa04bf9e1f446d7de788103d3005676e513c4582
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f3928327fb9a23ef29178326793ba7b88b176a55c108144e6dab537feff6f55d
f433743c1338cb35777ffd51f4c2731b3a027e1a6225bc2b6824f70cd2ea6352
f44eca878798a90210611d9451d6b3a91526aa26dff5ca7dddb40654ba949caf
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f65a324b2e4003515de55535f4a6b4f2e1e0160fd479510c6fbd51d63961c738
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6e8bde2a648a9e234472ec5f1316bdd57ab22d9d89a83a36192e980075b0c32
fb8f7653f8e9eb5bb33992cce33fa43c3379d5aa1873ad36e6885a719f91ae66
fc298c7755e31bf1ba06104b3af5ad3cd3515fb7a23688c3e5a576ed9f8afc86
fe5b9fce5a9f999cf3d5e4778e38011c5a003ec08a1facdca8fa5690aabe654b