urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.52.235.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Submission: On January 21 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 150 IPs in 14 countries across 128 domains to perform 572 HTTP transactions. The main IP is 23.52.235.84, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 708438.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 6th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54 23.52.235.84 16625 (AKAMAI-AS)
1 13 23.52.245.131 16625 (AKAMAI-AS)
29 104.80.232.194 16625 (AKAMAI-AS)
1 151.101.130.217 54113 (FASTLY)
2 18.67.108.56 16509 (AMAZON-02)
3 34.160.169.226 396982 (GOOGLE-CL...)
3 23.214.44.119 16625 (AKAMAI-AS)
6 13.35.147.40 16509 (AMAZON-02)
2 18.67.93.30 16509 (AMAZON-02)
8 104.80.234.7 16625 (AKAMAI-AS)
1 23.46.34.73 16625 (AKAMAI-AS)
9 18.244.214.42 16509 (AMAZON-02)
7 172.217.24.46 15169 (GOOGLE)
1 104.80.232.152 16625 (AKAMAI-AS)
4 142.251.221.70 15169 (GOOGLE)
3 13.107.21.200 8068 (MICROSOFT...)
1 18.67.107.130 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
1 13.224.181.6 16509 (AMAZON-02)
2 34.197.62.181 14618 (AMAZON-AES)
1 151.101.129.175 54113 (FASTLY)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 23.198.63.128 16625 (AKAMAI-AS)
11 142.250.66.226 15169 (GOOGLE)
3 18.67.92.138 16509 (AMAZON-02)
1 18.67.93.100 16509 (AMAZON-02)
2 104.26.12.18 13335 (CLOUDFLAR...)
2 104.19.148.8 13335 (CLOUDFLAR...)
3 18.67.111.88 16509 (AMAZON-02)
1 151.101.1.140 54113 (FASTLY)
2 23.48.96.232 20940 (AKAMAI-ASN1)
4 13.35.147.41 16509 (AMAZON-02)
1 18.67.93.23 16509 (AMAZON-02)
1 151.101.1.229 54113 (FASTLY)
4 141.95.98.65 16276 (OVH)
1 34.149.26.226 15169 (GOOGLE)
4 3.24.81.246 16509 (AMAZON-02)
1 13.224.181.11 16509 (AMAZON-02)
14 53 172.217.24.34 15169 (GOOGLE)
1 13.35.147.22 16509 (AMAZON-02)
2 13.227.74.96 16509 (AMAZON-02)
2 54.234.197.85 14618 (AMAZON-AES)
1 23.52.246.153 16625 (AKAMAI-AS)
1 23.198.51.98 16625 (AKAMAI-AS)
3 157.240.8.35 32934 (FACEBOOK)
2 13.107.246.31 8075 (MICROSOFT...)
1 18.67.93.129 16509 (AMAZON-02)
11 54.66.223.253 16509 (AMAZON-02)
1 52.77.143.203 16509 (AMAZON-02)
1 20.50.2.28 8075 (MICROSOFT...)
19 172.217.24.35 15169 (GOOGLE)
2 141.95.98.64 16276 (OVH)
2 52.62.123.0 16509 (AMAZON-02)
1 18.67.93.59 16509 (AMAZON-02)
2 63.140.56.170 16509 (AMAZON-02)
1 1 18.139.46.221 16509 (AMAZON-02)
1 63.140.56.177 16509 (AMAZON-02)
1 7 52.63.50.87 16509 (AMAZON-02)
1 18.67.114.43 16509 (AMAZON-02)
6 15 103.43.90.117 29990 (ASN-APPNEX)
2 34.102.253.54 396982 (GOOGLE-CL...)
2 6 104.18.36.155 13335 (CLOUDFLAR...)
1 23.214.35.161 16625 (AKAMAI-AS)
1 67.199.150.87 3257 (GTT-BACKB...)
1 182.161.73.145 55569 (CRITEO-AS...)
4 69.173.158.65 26667 (RUBICONPR...)
1 151.101.129.140 54113 (FASTLY)
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 20.114.190.119 8075 (MICROSOFT...)
15 21 69.173.158.64 26667 (RUBICONPR...)
6 142.250.76.110 15169 (GOOGLE)
1 34.111.140.246 396982 (GOOGLE-CL...)
6 12 35.71.131.137 16509 (AMAZON-02)
2 151.101.28.84 54113 (FASTLY)
4 13.224.178.105 16509 (AMAZON-02)
1 151.101.28.157 54113 (FASTLY)
2 172.217.24.40 15169 (GOOGLE)
2 151.101.193.108 54113 (FASTLY)
2 4 142.250.71.70 15169 (GOOGLE)
8 8 18.143.106.89 16509 (AMAZON-02)
2 23.48.97.11 20940 (AKAMAI-ASN1)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
4 23.198.59.89 16625 (AKAMAI-AS)
2 11 52.46.143.56 16509 (AMAZON-02)
2 18.153.252.252 16509 (AMAZON-02)
4 151.101.128.84 54113 (FASTLY)
2 2 54.153.211.209 16509 (AMAZON-02)
2 142.250.67.2 15169 (GOOGLE)
1 8 142.250.204.4 15169 (GOOGLE)
3 142.250.71.67 15169 (GOOGLE)
1 1 44.209.190.13 14618 (AMAZON-AES)
1 52.37.23.212 16509 (AMAZON-02)
1 1 104.80.232.246 16625 (AKAMAI-AS)
3 51.75.92.187 16276 (OVH)
2 51.75.95.112 16276 (OVH)
2 51.75.89.188 16276 (OVH)
1 57.129.23.120 16276 (OVH)
2 57.129.22.38 16276 (OVH)
1 51.75.93.54 16276 (OVH)
1 51.75.93.98 16276 (OVH)
1 51.75.88.178 16276 (OVH)
1 51.75.89.127 16276 (OVH)
1 51.75.92.37 16276 (OVH)
1 51.75.95.135 16276 (OVH)
7 8 151.101.194.49 54113 (FASTLY)
1 21 207.65.33.82 62713 (AS-PUBMATIC)
2 5 35.213.12.39 15169 (GOOGLE)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
4 23.52.255.186 16625 (AKAMAI-AS)
1 5 67.199.150.81 3257 (GTT-BACKB...)
3 3 44.213.227.236 14618 (AMAZON-AES)
1 3.233.89.241 14618 (AMAZON-AES)
2 15 172.64.151.101 13335 (CLOUDFLAR...)
3 3 64.74.236.223 22075 (AS-OUTBRAIN)
1 5 54.255.42.175 16509 (AMAZON-02)
2 3 35.186.193.173 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 67.220.226.233 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
3 3 35.78.136.80 16509 (AMAZON-02)
1 2 209.191.163.209 32475 (SINGLEHOP...)
1 2 172.64.146.152 13335 (CLOUDFLAR...)
1 1 52.84.251.19 16509 (AMAZON-02)
1 2 18.67.93.44 16509 (AMAZON-02)
1 131.153.206.100 59210 (PHOENIXNA...)
1 1 74.121.140.211 30419 (MEDIAMATH...)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 52.220.44.78 16509 (AMAZON-02)
1 2 119.9.108.191 45187 (RACKSPACE...)
1 34.124.209.251 396982 (GOOGLE-CL...)
33 172.217.24.33 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 151.101.65.44 54113 (FASTLY)
1 74.118.186.107 6336 (TURN-US-ASN)
2 52.84.251.34 16509 (AMAZON-02)
4 172.217.24.42 15169 (GOOGLE)
6 172.217.24.38 15169 (GOOGLE)
1 13.35.147.10 16509 (AMAZON-02)
2 142.251.221.74 15169 (GOOGLE)
4 4 89.207.22.76 41041 (VCLK-EU-SE)
2 182.161.73.146 55569 (CRITEO-AS...)
1 1 51.79.154.29 16276 (OVH)
2 2 52.223.2.229 16509 (AMAZON-02)
2 3 93.158.134.90 13238 (YANDEX)
1 52.95.132.171 16509 (AMAZON-02)
1 64.233.170.156 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 202.233.84.1 131957 (MICROAD M...)
3 4 185.84.60.23 198622 (ADFORM)
1 35.213.109.249 15169 (GOOGLE)
1 182.22.28.252 23816 (YAHOO Yah...)
2 104.18.38.76 13335 (CLOUDFLAR...)
5 207.65.33.76 62713 (AS-PUBMATIC)
21 52.1.47.4 14618 (AMAZON-AES)
1 23.52.239.49 16625 (AKAMAI-AS)
2 2 103.229.10.171 16509 (AMAZON-02)
1 23.48.96.249 20940 (AKAMAI-ASN1)
2 2 52.72.60.253 14618 (AMAZON-AES)
2 2 35.214.250.92 15169 (GOOGLE)
1 1 192.96.203.13 30633 (LEASEWEB-...)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
2 3 35.244.154.8 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 23.52.227.63 16625 (AKAMAI-AS)
1 1 139.162.40.113 63949 (AKAMAI-LI...)
1 220.150.223.50 4686 (BEKKOAME ...)
1 54.199.158.16 16509 (AMAZON-02)
2 2 13.250.207.233 16509 (AMAZON-02)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 8.18.47.7 398989 (DEEPINTENT)
1 195.5.165.20 44968 (IPROM-AS)
2 2 18.138.170.160 16509 (AMAZON-02)
1 1 198.8.71.131 54312 (ROCKETFUEL)
572 150
54    23.52.235.84 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-235-84.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
client.api.news
13    23.52.245.131 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-245-131.deploy.static.akamaitechnologies.com
tags.news.com.au
29    104.80.232.194 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-232-194.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
2    18.67.108.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-108-56.syd62.r.cloudfront.net
d2n6ofw4o746cn.cloudfront.net
3    34.160.169.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
3    23.214.44.119 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-44-119.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
6    13.35.147.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-40.syd1.r.cloudfront.net
tags.tiqcdn.com
2    18.67.93.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-30.syd62.r.cloudfront.net
assets.vidora.com
8    104.80.234.7 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-234-7.deploy.static.akamaitechnologies.com
statsapi.foxsports.com.au
1    23.46.34.73 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-34-73.deploy.static.akamaitechnologies.com
players.brightcove.net
9    18.244.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-42.sfo53.r.cloudfront.net
static.adsafeprotected.com
7    172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f14.1e100.net
news.google.com
1    104.80.232.152 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-232-152.deploy.static.akamaitechnologies.com
cdn.optimizely.com
4    142.251.221.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f6.1e100.net
ad.doubleclick.net
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.67.107.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-107-130.syd62.r.cloudfront.net
static.chartbeat.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    13.224.181.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-6.syd1.r.cloudfront.net
au.tags.newscgp.com
2    34.197.62.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-62-181.compute-1.amazonaws.com
pixel.zprk.io
1    151.101.129.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.198.63.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-63-128.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
11    142.250.66.226 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
securepubads.g.doubleclick.net
3    18.67.92.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-92-138.syd62.r.cloudfront.net
c.amazon-adsystem.com
1    18.67.93.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-100.syd62.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.12.18 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    18.67.111.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-88.syd62.r.cloudfront.net
cdn-gl.imrworldwide.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    23.48.96.232 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-232.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
4    13.35.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-41.syd1.r.cloudfront.net
au-script.dotmetrics.net
1    18.67.93.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-23.syd62.r.cloudfront.net
cdn.adsafeprotected.com
1    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    34.149.26.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
4    3.24.81.246 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-81-246.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    13.224.181.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-11.syd1.r.cloudfront.net
ncg.tags.news.com.au
53    172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f34.1e100.net
pagead2.googlesyndication.com
googleads4.g.doubleclick.net
cm.g.doubleclick.net
www.googleadservices.com
googleads.g.doubleclick.net
www.googletagservices.com
ade.googlesyndication.com
1    13.35.147.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-22.syd1.r.cloudfront.net
config.aps.amazon-adsystem.com
2    13.227.74.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-74-96.sfo20.r.cloudfront.net
geo.privacymanager.io
2    54.234.197.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-197-85.compute-1.amazonaws.com
ping.chartbeat.net
1    23.52.246.153 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-246-153.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
1    23.198.51.98 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-51-98.deploy.static.akamaitechnologies.com
a20352597942.cdn.optimizely.com
3    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
2    13.107.246.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    18.67.93.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-129.syd62.r.cloudfront.net
rm-script.dotmetrics.net
11    54.66.223.253 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
dpm.demdex.net
newscorpau.demdex.net
1    52.77.143.203 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-143-203.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
19    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f3.1e100.net
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    52.62.123.0 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-123-0.ap-southeast-2.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    18.67.93.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-59.syd62.r.cloudfront.net
esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009.nuid.imrworldwide.com
2    63.140.56.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-56-170.data.adobedc.net
newscorpau.sc.omtrdc.net
edge.adobedc.net
1    18.139.46.221 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-46-221.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.56.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-56-177.data.adobedc.net
metrics.heraldsun.com.au
7    52.63.50.87 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
1    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
15    103.43.90.117 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
6    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    23.214.35.161 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-35-161.deploy.static.akamaitechnologies.com
a.teads.tv
1    67.199.150.87 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
2    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
21    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
6    142.250.76.110 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net
play.google.com
1    34.111.140.246 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.140.111.34.bc.googleusercontent.com
logx.optimizely.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    151.101.28.84 (Sydney, Australia)

ASN54113 (FASTLY, US)
s.pinimg.com
4    13.224.178.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-178-105.syd1.r.cloudfront.net
js.adsrvr.org
1    151.101.28.157 (Sydney, Australia)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f8.1e100.net
www.googletagmanager.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    142.250.71.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f6.1e100.net
8228261.fls.doubleclick.net
8    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.48.97.11 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-97-11.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
11    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    18.153.252.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-252-252.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
4    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    54.153.211.209 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com
ps.eyeota.net
2    142.250.67.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
adservice.google.com
8    142.250.204.4 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
www.google.com
3    142.250.71.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net
www.google.com.au
1    44.209.190.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-190-13.compute-1.amazonaws.com
usermatch.krxd.net
1    52.37.23.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-23-212.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    104.80.232.246 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a104-80-232-246.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    51.75.92.187 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-4-id5-sync.com
2    51.75.95.112 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
2    51.75.89.188 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
1    57.129.23.120 (France)

ASN16276 (OVH, FR)
c3.eu-3-id5-sync.com
2    57.129.22.38 (France)

ASN16276 (OVH, FR)
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
1    51.75.93.54 (Germany)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
1    51.75.93.98 (Germany)

ASN16276 (OVH, FR)
c6.eu-3-id5-sync.com
1    51.75.88.178 (Germany)

ASN16276 (OVH, FR)
c7.eu-3-id5-sync.com
1    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c1.eu-4-id5-sync.com
1    51.75.92.37 (Germany)

ASN16276 (OVH, FR)
c3.eu-4-id5-sync.com
1    51.75.95.135 (Germany)

ASN16276 (OVH, FR)
c7.eu-4-id5-sync.com
8    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
21    207.65.33.82 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
5    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    23.52.255.186 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-255-186.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    67.199.150.81 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    44.213.227.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-227-236.compute-1.amazonaws.com
i.liadm.com
1    3.233.89.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-89-241.compute-1.amazonaws.com
i6.liadm.com
15    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    54.255.42.175 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-42-175.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    35.78.136.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-136-80.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    52.84.251.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-19.sin5.r.cloudfront.net
live.primis.tech
2    18.67.93.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-44.syd62.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
1    131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.220.44.78 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-44-78.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
1    34.124.209.251 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
33    172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f33.1e100.net
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
2    52.84.251.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-34.sin5.r.cloudfront.net
au.audience.newscgp.com
4    172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f42.1e100.net
fonts.googleapis.com
6    172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f6.1e100.net
s0.2mdn.net
1    13.35.147.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-10.syd1.r.cloudfront.net
check.analytics.rlcdn.com
2    142.251.221.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
imasdk.googleapis.com
4    89.207.22.76 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-nessy-float2.dotomi.com
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    51.79.154.29 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip29.ip-51-79-154.net
onetag-sys.com
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    93.158.134.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
1    52.95.132.171 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com
s3.ap-southeast-2.amazonaws.com
1    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
bid.g.doubleclick.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
4    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    182.22.28.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
21    52.1.47.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-47-4.compute-1.amazonaws.com
dt.adsafeprotected.com
1    23.52.239.49 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-239-49.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
2    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    23.48.96.249 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-249.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    52.72.60.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-60-253.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.214.250.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.250.214.35.bc.googleusercontent.com
csync.loopme.me
1    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    23.52.227.63 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-227-63.deploy.static.akamaitechnologies.com
secure.flashtalking.com
cdn.flashtalking.com
1    139.162.40.113 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1453-113.members.linode.com
gocm.c.appier.net
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    54.199.158.16 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-158-16.ap-northeast-1.compute.amazonaws.com
dps.jp.cinarra.com
2    13.250.207.233 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-207-233.ap-southeast-1.compute.amazonaws.com
cm.adgrx.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    8.18.47.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    18.138.170.160 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-170-160.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
Apex Domain
Subdomains		 Transfer
54 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 163
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 195630
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
bid.g.doubleclick.net — Cisco Umbrella Rank: 917
319 KB
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com
639 KB
38 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 721
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3571
pixel.adsafeprotected.com — Cisco Umbrella Rank: 851
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
541 KB
36 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
image5.pubmatic.com — Cisco Umbrella Rank: 74760
simage2.pubmatic.com — Cisco Umbrella Rank: 870
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image4.pubmatic.com — Cisco Umbrella Rank: 1237
42 KB
30 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
eus.rubiconproject.com — Cisco Umbrella Rank: 579
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
43 KB
29 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 113062
516 KB
28 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 708438
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
437 KB
26 api.news
content.api.news — Cisco Umbrella Rank: 72875
client.api.news — Cisco Umbrella Rank: 188101
434 KB
23 google.com
news.google.com — Cisco Umbrella Rank: 6054
play.google.com — Cisco Umbrella Rank: 31
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 2
78 KB
21 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum.casalemedia.com — Cisco Umbrella Rank: 1252
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
15 KB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
290 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
secure.adnxs.com — Cisco Umbrella Rank: 490
35 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
84 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
js.adsrvr.org — Cisco Umbrella Rank: 1465
insight.adsrvr.org — Cisco Umbrella Rank: 637
14 KB
16 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 100298
mhr.talk.news.com.au — Cisco Umbrella Rank: 752449
ncg.tags.news.com.au — Cisco Umbrella Rank: 206627
289 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
5 KB
11 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
newscorpau.demdex.net — Cisco Umbrella Rank: 146639
13 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 410
207 KB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1278
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
2 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 22849
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 22671
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 22571
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 22483
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 22726
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 22859
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 22657
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 22649
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 21856
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 21870
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 21847
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 21840
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 21878
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 21834
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 21808
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 21876
2 KB
8 foxsports.com.au
statsapi.foxsports.com.au — Cisco Umbrella Rank: 696924
13 KB
7 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 157312
au.pixel.newscgp.com — Cisco Umbrella Rank: 159946
au.audience.newscgp.com — Cisco Umbrella Rank: 133525
50 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
570 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
imasdk.googleapis.com — Cisco Umbrella Rank: 485
140 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3616
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7511
esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009.nuid.imrworldwide.com
68 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
59 KB
6 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1194
29 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
2 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1011
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4233
idsync.rlcdn.com — Cisco Umbrella Rank: 451
2 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 58329
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6483
27 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 3539
bs.serving-sys.com — Cisco Umbrella Rank: 2065
lm.serving-sys.com — Cisco Umbrella Rank: 3455
27 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
3 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
2 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
2 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 871
2 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
x.clarity.ms — Cisco Umbrella Rank: 7993
22 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 824
cdn3.optimizely.com — Cisco Umbrella Rank: 5738
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 188556
logx.optimizely.com — Cisco Umbrella Rank: 1562
131 KB
3 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 954
secure.flashtalking.com — Cisco Umbrella Rank: 2387
cdn.flashtalking.com — Cisco Umbrella Rank: 1296
10 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 6258
999 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
1 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
1 KB
3 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4100
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
2 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29183
671 B
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 679
dis.criteo.com — Cisco Umbrella Rank: 608
924 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2888
collector.brandmetrics.com — Cisco Umbrella Rank: 3185
21 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2199
geo.privacymanager.io — Cisco Umbrella Rank: 1860
53 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
15 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 246497
25 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
992 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 790
882 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
502 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
3 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
62 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
856 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
853 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 880
sync1.intentiq.com — Cisco Umbrella Rank: 3054
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1105
522 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 859
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
489 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1811
beacon.krxd.net — Cisco Umbrella Rank: 784
528 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
1 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
146 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 869
21 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1381
ad.turn.com — Cisco Umbrella Rank: 843
920 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 17688
628 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
581 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1396
401 B
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2238
3 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 20045
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
94 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 98076
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 129384
4 KB
2 cloudfront.net
d2n6ofw4o746cn.cloudfront.net
46 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
795 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6118
277 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
44 B
1 cinarra.com
dps.jp.cinarra.com — Cisco Umbrella Rank: 9092
38 B
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 6864
243 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2934
436 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4748
405 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
554 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 26470
652 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 2640
473 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
697 B
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3994
623 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 11737
218 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 11949
641 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1872
174 B
1 amazonaws.com
s3.ap-southeast-2.amazonaws.com
827 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
440 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 4136
818 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
99 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 646
417 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
610 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
738 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
451 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
555 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
515 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
423 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
501 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
397 B
1 t.co
t.co — Cisco Umbrella Rank: 656
376 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
18 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1450
637 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1434
619 B
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 173341
271 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1335
9 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 11994
20 KB
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 5342
972 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1685
24 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3055
250 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6426
9 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 scanscout.com Failed
dt.scanscout.com Failed
572 128
Domain Requested by
29 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
27 cm.g.doubleclick.net 14 redirects www.heraldsun.com.au
s.amazon-adsystem.com
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
googleads.g.doubleclick.net
26 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
25 content.api.news www.heraldsun.com.au
21 dt.adsafeprotected.com www.heraldsun.com.au
19 tpc.googlesyndication.com www.heraldsun.com.au
securepubads.g.doubleclick.net
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
15 dsum-sec.casalemedia.com 2 redirects www.heraldsun.com.au
js.adsrvr.org
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
14 simage2.pubmatic.com 1 redirects ads.pubmatic.com
www.heraldsun.com.au
14 pixel.rubiconproject.com 10 redirects www.heraldsun.com.au
s.amazon-adsystem.com
14 pagead2.googlesyndication.com ad.doubleclick.net
www.heraldsun.com.au
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
13 tags.news.com.au 1 redirects www.heraldsun.com.au
resourcesssl.newscdn.com.au
tags.tiqcdn.com
au.tags.newscgp.com
12 ib.adnxs.com 5 redirects tags.news.com.au
www.heraldsun.com.au
s.amazon-adsystem.com
googleads.g.doubleclick.net
acdn.adnxs.com
11 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
11 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
www.googletagservices.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
9 match.adsrvr.org 5 redirects js.adsrvr.org
s.amazon-adsystem.com
9 static.adsafeprotected.com resourcesssl.newscdn.com.au
www.heraldsun.com.au
fw.adsafeprotected.com
pixel.adsafeprotected.com
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
8 sync-tm.everesttech.net 7 redirects ads.pubmatic.com
8 www.google.com 1 redirects www.heraldsun.com.au
securepubads.g.doubleclick.net
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
8 ups.analytics.yahoo.com 8 redirects
8 www.gstatic.com news.google.com
www.gstatic.com
8 statsapi.foxsports.com.au resourcesssl.newscdn.com.au
7 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
7 token.rubiconproject.com 5 redirects www.heraldsun.com.au
eus.rubiconproject.com
7 news.google.com subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
6 fonts.gstatic.com fonts.googleapis.com
6 s0.2mdn.net www.heraldsun.com.au
s0.2mdn.net
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
6 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
www.heraldsun.com.au
6 play.google.com www.gstatic.com
6 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
5 csi.gstatic.com imasdk.googleapis.com
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 x.bidswitch.net 2 redirects js.adsrvr.org
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
ads.pubmatic.com
5 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
4 simage4.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 fonts.googleapis.com securepubads.g.doubleclick.net
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
4 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 ct.pinterest.com s.pinimg.com
www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 fastlane.rubiconproject.com tags.news.com.au
4 au.pixel.newscgp.com au.tags.newscgp.com
4 id5-sync.com tags.news.com.au
cdn.id5-sync.com
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 ad.doubleclick.net tags.tiqcdn.com
8228261.fls.doubleclick.net
www.heraldsun.com.au
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 an.yandex.ru 2 redirects www.heraldsun.com.au
3 www.googletagservices.com securepubads.g.doubleclick.net
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 3 redirects
3 b1sync.zemanta.com 3 redirects
3 i.liadm.com 3 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
3 www.google.com.au www.heraldsun.com.au
3 secure.adnxs.com 1 redirects www.heraldsun.com.au
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 www.facebook.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 pubmatic-match.dotomi.com 2 redirects
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 creativecdn.com 2 redirects
2 pippio.com 2 redirects
2 csync.loopme.me 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cms.quantserve.com 2 redirects
2 eb2.3lift.com 2 redirects
2 dis.criteo.com 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
ads.pubmatic.com
2 dclk-match.dotomi.com 2 redirects
2 imasdk.googleapis.com 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects www.heraldsun.com.au
2 au.audience.newscgp.com tags.tiqcdn.com
au.tags.newscgp.com
2 static.criteo.net tags.news.com.au
static.criteo.net
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 ce.lijit.com 1 redirects s.amazon-adsystem.com
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 adservice.google.com 8228261.fls.doubleclick.net
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 lm.serving-sys.com secure-ds.serving-sys.com
2 hb.yahoo.net www.heraldsun.com.au
s.amazon-adsystem.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 s.pinimg.com www.heraldsun.com.au
s.pinimg.com
2 x.clarity.ms www.clarity.ms
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 lb.eu-1-id5-sync.com tags.news.com.au
cdn.id5-sync.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 ping.chartbeat.net www.heraldsun.com.au
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 mhr.talk.news.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
2 d2n6ofw4o746cn.cloudfront.net www.heraldsun.com.au
1 ade.googlesyndication.com www.heraldsun.com.au
1 p.rfihub.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 cdn.flashtalking.com www.heraldsun.com.au
1 secure.flashtalking.com www.heraldsun.com.au
1 image4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 t.adx.opera.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 sync.aralego.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 servedby.flashtalking.com imasdk.googleapis.com
1 js-sec.indexww.com tags.news.com.au
1 cksync.yahoo.co.jp 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
1 y.one.impact-ad.jp 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
1 aid.send.microad.jp 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
1 tr.blismedia.com 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 s3.ap-southeast-2.amazonaws.com 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
1 onetag-sys.com 1 redirects
1 check.analytics.rlcdn.com tags.news.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 sync.1rx.io www.heraldsun.com.au
1 trc.taboola.com www.heraldsun.com.au
1 um.simpli.fi ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 prebid.a-mo.net s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 s.company-target.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 static.ads-twitter.com www.heraldsun.com.au
1 logx.optimizely.com cdn.optimizely.com
1 d.turn.com 1 redirects
1 alb.reddit.com www.heraldsun.com.au
1 bidder.criteo.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 a.teads.tv tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 metrics.heraldsun.com.au tags.news.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 newscorpau.demdex.net tags.news.com.au
1 esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009.nuid.imrworldwide.com www.heraldsun.com.au
1 collector.brandmetrics.com cdn.brandmetrics.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 ncg.tags.news.com.au au.tags.newscgp.com
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 www.redditstatic.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 cdn.optimizely.com tags.tiqcdn.com
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 players.brightcove.net resourcesssl.newscdn.com.au
1 client.api.news resourcesssl.newscdn.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.search.spotxchange.com Failed www.heraldsun.com.au
0 dt.scanscout.com Failed www.heraldsun.com.au
572 218
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-06 -
2024-12-05		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
bedsberry.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.vidora.com
Amazon RSA 2048 M03		 2023-12-12 -
2025-01-08		 a year crt.sh
statsapi.foxsports.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-08 -
2024-05-10		 a year crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-30 -
2024-05-30		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-30 -
2024-01-28		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-23		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
*.kampyle.com
SSL.com RSA SSL subCA		 2023-11-07 -
2024-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-01-02 -
2025-02-02		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
secure-ds.serving-sys.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2023-03-10 -
2024-04-07		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
bs.serving-sys.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M01		 2023-04-12 -
2024-05-10		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-19 -
2024-07-19		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-12-03 -
2024-03-02		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
logx.optimizely.com
GTS CA 1D4		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-19		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
lm.serving-sys.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.eu-3-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.eu-4-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-13 -
2024-12-22		 a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-10 -
2024-06-26		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
edge.adobedc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-21 -
2024-11-20		 a year crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-26		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-05		 10 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2023-10-03 -
2024-11-03		 a year crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2023-03-14 -
2024-03-14		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2023-11-30 -
2024-12-29		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-14		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-04 -
2024-05-03		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
sync-dsp.ad-m.asia
ZeroSSL RSA Domain Secure Site CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-17 -
2024-06-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh

This page contains 79 frames:

Primary Page: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Frame ID: 57233282D154858A3515755C9759F372
Requests: 245 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oFbdXnZ2atOHcVUJG9PMg0sM4MF~vu5m&nonce=GFPlfmkH4ZAzHav6ZUthXfTRjR9ZJnJX&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0%3D
Frame ID: 774D1F5262A844EA86973F96E2198A08
Requests: 5 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 9BC3AE5009B4FE54168E49ACD250F5DA
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1705810009138&publicationId=heraldsun.com.au
Frame ID: 42D34A525E342D42E1A2536330ACD2F2
Requests: 14 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: 39B5B9474D1396F911A7E498242C6A0E
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: E62EF66357D130D530BFC168A919A105
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: BA4591C090F1467013427D4D04B5F043
Requests: 22 HTTP requests in this frame

Frame: https://s.pinimg.com/ct/core.js
Frame ID: 17F019A94C5DB3C36C9ECCA7FA73369A
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: FD652DD1A38AC12740B44CAAAD243960
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: D0375F4ADB6E75DF926AD3DA1A5D7A8C
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 7C685C973845E9EC3B0AA64E264EB2EE
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 41B331C40EC049C50307F16AD2FDBAF3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 94C4C3850236EF559F07E6CB3EA61CBF
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5
Frame ID: 6146BEBC92A6CFF9533E5CDD69C8DA0B
Requests: 3 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111
Frame ID: B7A77F6D6D1AD66BA4F8D7CF0528D801
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 3A19B4CF07BF9BBBA314BBC8560E673F
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: B80B93F6792AAA533E3A653D323BC717
Requests: 4 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&gdpr=0&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&dpid=55953
Frame ID: CDF1E179748AEA41992F357DFA87E781
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 35324AA2C388FA0A63A490CDF2193A96
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 039EB8784B52F6F12986C559BA6A7E84
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: E5C43CB031C3CC628F7DE320DC23312F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 7806C98C975E882692412557F0A29039
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 70650BC9163BAB16689DFAA4FA6493CB
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&google_gid=CAESEIzrC0u6J3mxZ07s30kKWBY&google_cver=1
Frame ID: 6EABDD7E4019C744D512FF8366A133AF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 040B4634373AA6D4C0C7FF37478C27AA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: AFE38E6406E05C3084B86F36F647F88F
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Frame ID: 402265898176D572B98BFEA67946EBBB
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&expiration=1708402011&gdpr=0&gdpr_consent=
Frame ID: 188B9F50638766009D40DA132064F507
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: BE4353278E520046CD0CA0E7706DE053
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: F52516E3CE5E410912FD4369E9B92F19
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 57F5A33923F36538594EC52AB3A379ED
Requests: 14 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336f65ac-985d-4200-b1cc-76e4b0e64f16&gdpr=0&gdpr_consent=
Frame ID: 1769C84021275A28A74EFAAD2F9FD1A5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
Frame ID: 9B54D90AFDD84EF6CE005FD50D4341BB
Requests: 1 HTTP requests in this frame

Frame: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA37BFBB1D7B5A8E489DB84EABE2C4A7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: EB367E8F1903651EDBAF3E1BE9647EE2
Requests: 16 HTTP requests in this frame

Frame: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 744E0A09566596CB6B470F4A7CFD3A45
Requests: 25 HTTP requests in this frame

Frame: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EF1DC81E164B451C1995F9E13383C77
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 3BEF1D816A6A37B011EC65FEB4CD8413
Requests: 17 HTTP requests in this frame

Frame: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A198481FE247D1DDBC56FCB29364061
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT0vCwhHXslQ-eLmk53TTjDqJF53o751MWTfVFqVuwjg-0NWLnC6aROueL8ZFGA98NZQFa2f2LfwbsUQYrno0aTJC8cRdMZPQob7GHAmebrnTDWNjDAEJJWS7BuhZc6eqZYo3WFUoPIreJEsq4HYFEVgWdUI_0Ac5XlPum2rPfJ9--J-7q8rq3W2HnTajITIz4Q4_ENnp58SBVD0UO_OHTkskBIZSYC0KPVi0x0nUij8kTjgNysT7mp9V_kID60CYmlsWZopAoQORaqnPWOSuC4M77EIej30LjyMlUcoqjMeNOX0uxjCLGQsTMDRqcS153jtjsooaRWTEXxFCLZZaL22BUGXsiMODWbqWmckcKVdC-AdB9&sai=AMfl-YTyts0tEdtM5aIg7gQQnexT71BAAVk2CmO1byGvXqwI-lqMFaW2WK5RsWXxDsW3nfbz-bZWCh9oI5ncEEYe8EteAso8JPCVtMU33xVMvqV6O0-0BELYApuVNgnxBkg&sig=Cg0ArKJSzI-CocCF8ygNEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 2EEF228A1D0956A8BFFE4C6331538D42
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIMDELCB_MIEGLrhq_8BMAE&v=APEucNV-ajjF48AyBtxUkfWdmgz9kpdbyuCCwaHQIGxGxjsPBG9Iw6eX6pHbjwgN1aP-SSKZO67wKH7Be9j9kSTofgO-0HJr7w
Frame ID: D786E94A780B4E60E8F59D115435959D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6C770DFAF91791ABFA386EAF8FB1F961
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BFFC5E2BE8D9C5179FB433A26F5709E3
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138457828826&pubOrder=3004275014&cb=926463935&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f8-b812-11ee-a8b1-0a0b5642f92d
Frame ID: 38366607D6CA2D037932D5FBAF63A5F0
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=0x0|1&pubId=5367917944&chanId=171638111&placementId=6436335771&pubCreative=138459058570&pubOrder=3274688055&cb=965833614&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f7-b812-11ee-a8b1-0a0b5642f92d
Frame ID: F7449D473B8BE7827DB9A5FDE318E02B
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13563337967118153751/index.html?ev=01_250
Frame ID: 05506F90DCB3180833EB9F25A8C8FDE0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1261BBB2C38A35D78D65BD71645D1B1E
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E8682E5F36B3AD96A56312DB951CBA6D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 53A9846B620C61319FF25C0CA06A4AEE
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A295D85BE4C6177DEE7AB4C19EB7A6E6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: DCA2D66043F0B91E888D4C9395FF1924
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 53A65A57D1F4E75EB3C1E3A77992688F
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1DD870978AFDB99C29ABFDFCE0DCEE6A
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CA2776B50A67B8E02D266650F894E8D4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DCE3AC2240099D8D5EA486A1315F6899
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=
Frame ID: 4988BED6922F82D11B1A069A32A44544
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5432142544913378092&gdpr=0&gdpr_consent=
Frame ID: 40F8626C8030EC098E88B354E9BDD413
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=445&user_id=6eaa2baa-55e5-37ab-9353-f258d4bc27da&ssp=pubmatic&bsw_param=0335911a-7a5a-4369-953f-66e45f8e417d
Frame ID: 9BF55DC8819B67005AF5E33B1ADDB352
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H
Frame ID: E3C5B5D4F66EA779CE7AFB7E47A5CC2E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1368ac9i7eel
Frame ID: F1414BA18563BBA3BE26A20BC33DC925
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 3D9ADCBD441B8E6064E2234145741208
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bafe19d50c9459580f5f6da5f83e476
Frame ID: 6D9C532A79D85815A6953D4841BAA48E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3FF31037CEF7169C622607E0ECD2DF3F
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixp5FsgBUsNLlU0cTOLBBkLLcKA&gdpr=0&gdpr_consent=
Frame ID: 86BBD9B4139B635B63CA01E44C5CFFDA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=514b8e45987845539092ebfcaf572fcc
Frame ID: 4DC62250CC340033853524882CABAB66
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F21A66146C30D00EF2B6D494119A0559
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 74C56D81A8472931724AAB4BE9739B62
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bUbF8T4SBsW2amyUX5isZQ
Frame ID: 1CB8B858825C6F9923167A14D870DE82
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 5B5D1F66D86B710E159DF0931EBC6BDA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
Frame ID: 08601A42E9B5FE28CE7A1918848F417B
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: EEE3834A5D9DCD1B1DFE038729A4492B
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
Frame ID: 8666BC6CECA6CDEDE3C13C7974284FDE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=851cdc80-b812-11ee-b2c2-6fd221ab7f7d
Frame ID: 31890DBEEF9BF33BC0B71A866C83AFBE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: CF0BDC3426983EAA733A563414FE50E5
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 28CEE76B2924F430ED7005713DA52E6E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 703FC0B35BD4DA16C4B733E67EB11E81
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 7E4EA06B4193F65E7548D5DB53EEF961
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FxkkSW971Rrp6N5&gdpr=0&gdpr_consent=
Frame ID: 4FF0F9E89D0861E1BB38FFC60C391CB1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1973209971654081089
Frame ID: 9EC07D9DE348A2027AA57805A5B77200
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&170... HTTP 302
    https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

572
Requests

86 %
HTTPS

0 %
IPv6

128
Domains

218
Subdomains

150
IPs

14
Countries

6186 kB
Transfer

54183 kB
Size

221
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1705810007454682861 HTTP 302
    https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 194
  • https://cm.everesttech.net/cm/dd?d_uuid=08641750116573051724609479775623132067 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZayYWgAAAFNKrwN9
Request Chain 201
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2910383275664022864
Request Chain 217
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8736539291829164602
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDg2NDE3NTAxMTY1NzMwNTE3MjQ2MDk0Nzk3NzU2MjMxMzIwNjc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECh9ppuZYqsVRFIG2sbJS98&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 233
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
Request Chain 240
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5
Request Chain 241
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111
Request Chain 244
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&gdpr=0&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&dpid=55953
Request Chain 252
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 255
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZayYWtae0Cl5WRAnQkG97wAA%265025
Request Chain 261
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=08641750116573051724609479775623132067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=08641750116573051724609479775623132067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 269
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=08641750116573051724609479775623132067 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08641750116573051724609479775623132067
Request Chain 271
  • https://tags.bluekai.com/site/43981?id=08641750116573051724609479775623132067&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 289
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmF5WVdnQUFBRk5LcndOOQ==
Request Chain 293
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZayYWgAAAFNKrwN9&expires=90
Request Chain 296
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZayYWgAAAFNKrwN9
Request Chain 303
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZayYWgAAAFNKrwN9
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MWYxYmY5ZDMtZjA1MC00MDM3LTliMGQtYjA0NjIyOWU3MWZl&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b046229e71fe HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&google_gid=CAESEIzrC0u6J3mxZ07s30kKWBY&google_cver=1
Request Chain 305
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 306
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1f1bf9d3-f050-4037-9b0d-b046229e71fe&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Request Chain 309
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZayYWgAAAFNKrwN9 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZayYWgAAAFNKrwN9
Request Chain 316
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZayYWgAAAFNKrwN9
Request Chain 317
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZayYWtae0Cl5WRAnQkG97wAA%265025&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZayYWtae0Cl5WRAnQkG97wAA%265025&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=25aae4be733c409499518f410527da90 HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe HTTP 303
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNfA5hvKh3ISl2EPjayB2c&google_cver=1
Request Chain 319
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZayYWtae0Cl5WRAnQkG97wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
Request Chain 321
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=VHSIHqduF1F18rksZIHX
Request Chain 322
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
Request Chain 323
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=514b8e45987845539092ebfcaf572fcc&expiration=1708402011
Request Chain 324
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721534812&external_user_id=9146fec3-8859-4bf3-b054-b3d62392dc7e
Request Chain 327
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRMZ8K4O-1W-DC23 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
Request Chain 328
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZayYWgAAAFNKrwN9&img=1
Request Chain 329
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJNWjhLNE8tMVctREMyMw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDOtM31IxN5dlgZ8FISkisQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=
Request Chain 332
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
Request Chain 333
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KIFolb3kO8w_TguG93VjDMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4o9Bw3dE2oJS8JvkpkG5YYuidtAAqSZnDFidVA--~A
Request Chain 334
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V4T_vgTLTEW1EykWUirDOQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V4T_vgTLTEW1EykWUirDOQ
Request Chain 335
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWRjMzY1ZmIwYjMzMTAwZTRmMGUzYjdlNjIwNWNiZDMxMDEwNDZkMg
Request Chain 336
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMZ8K4O-1W-DC23
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKe3VM89guLlEyTptLuMK90&google_cver=1
Request Chain 338
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXdi07LWTEAABRrlV6AgQ&expires=30
Request Chain 339
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRMZ8K4O-1W-DC23 HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LRMZ8K4O-1W-DC23&dnr=1
Request Chain 340
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRMZ8K4O-1W-DC23&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LRMZ8K4O-1W-DC23&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 341
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRMZ8K4O-1W-DC23 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMZ8K4O-1W-DC23 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMZ8K4O-1W-DC23&ckls=true&ci=liv68Igknc&nc=false&trid=-1935263615
Request Chain 342
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRMZ8K4O-1W-DC23
Request Chain 343
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRMZ8K4O-1W-DC23&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRMZ8K4O-1W-DC23&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&ovsid=LRMZ8K4O-1W-DC23&dpid=58160
Request Chain 344
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMZ8K4O-1W-DC23
Request Chain 345
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZayYWgAAAFNKrwN9&t=2592000&o=0
Request Chain 346
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336f65ac-985d-4200-b1cc-76e4b0e64f16&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kH-fybSnT-KSyacE_9ySfw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 349
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=58d11282-6a19-4723-9e65-ea966d9c9d2c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&ttd_puid=58d11282-6a19-4723-9e65-ea966d9c9d2c%2C%2C
Request Chain 350
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=&ct=y
Request Chain 351
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 352
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTA3RjlGQzktQjRBNy00RkUyLTkyQzktQTcwNEZGREM5MjdG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-Ph7BaOBChhhEKMd6mLUU&google_cver=1
Request Chain 356
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&gdpr_consent=
Request Chain 423
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_cver=1&google_push=AXcoOmSlo6rRuVXrv6cj8__4sPb9etZsaeOkF1O8bHEV7dI7Uk6E4N7wQgL4ncc52TSdsYHKnTqIO03agwO4w3N_AfuQuWvUWnA2WeLBeJdcupIb4xI7UEX07tJe2fAnpcw2Fg5letvCKLoGpIlotxs5tw HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7aa4721fab1a20c2&is_secure=true&networkId=14000&version=1&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_cver=1&google_push=AXcoOmSlo6rRuVXrv6cj8__4sPb9etZsaeOkF1O8bHEV7dI7Uk6E4N7wQgL4ncc52TSdsYHKnTqIO03agwO4w3N_AfuQuWvUWnA2WeLBeJdcupIb4xI7UEX07tJe2fAnpcw2Fg5letvCKLoGpIlotxs5tw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALQlfJkbzydQMB8DN5AAAAAAA&expiration=1705896414&google_cver=1&is_secure=true&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_push=AXcoOmSlo6rRuVXrv6cj8__4sPb9etZsaeOkF1O8bHEV7dI7Uk6E4N7wQgL4ncc52TSdsYHKnTqIO03agwO4w3N_AfuQuWvUWnA2WeLBeJdcupIb4xI7UEX07tJe2fAnpcw2Fg5letvCKLoGpIlotxs5tw
Request Chain 425
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDOtM31IxN5dlgZ8FISkisQ&google_cver=1&google_push=AXcoOmR5Ij3J2DzkmwzUPxPFjTMIQ7-Zlh47520Lqu-znxJUn8waeLC43quWYXkgG_hYmPrttRWuO9mP_VYhtpfWBSxo5ZpmlhBcpWnNCoKu_sUy5Syb0R88aaaxP6kSGZwN5-ZPS1_YdTwBC5Le5SSU6fs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=AXcoOmR5Ij3J2DzkmwzUPxPFjTMIQ7-Zlh47520Lqu-znxJUn8waeLC43quWYXkgG_hYmPrttRWuO9mP_VYhtpfWBSxo5ZpmlhBcpWnNCoKu_sUy5Syb0R88aaaxP6kSGZwN5-ZPS1_YdTwBC5Le5SSU6fs
Request Chain 426
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAOClFkTZ4_KAKfHQfEnzEk&google_cver=1&google_push=AXcoOmSDmlEm2TMNFFc3FcsYUIkZvke0V_e4MR9beO0b7DaAN680ra4szfltbwuf4S6SKdf2Tn2CAXI4h4rB4wiBkO5vYPzTKdoo7noOU8sH_iLyCgEZ4Zul8pqQn010QltXf77JDueJ0YEUnLtYoH2eDoM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSDmlEm2TMNFFc3FcsYUIkZvke0V_e4MR9beO0b7DaAN680ra4szfltbwuf4S6SKdf2Tn2CAXI4h4rB4wiBkO5vYPzTKdoo7noOU8sH_iLyCgEZ4Zul8pqQn010QltXf77JDueJ0YEUnLtYoH2eDoM
Request Chain 427
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHhcYiB-kvVHfAgaUQ6ciRU&google_cver=1&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EMY7UpyBYijhaxGi_S691sf3wFjsr46XWjKLsQMP67YUe7bjYYFJN5Cvjg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EMY7UpyBYijhaxGi_S691sf3wFjsr46XWjKLsQMP67YUe7bjYYFJN5Cvjg&google_gid=CAESEHhcYiB-kvVHfAgaUQ6ciRU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1Mzg0MDIwMzQyMjMyNTIzNzIy&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EMY7UpyBYijhaxGi_S691sf3wFjsr46XWjKLsQMP67YUe7bjYYFJN5Cvjg
Request Chain 428
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDSMuk7z5lMg5Hia-UHOyt8&google_cver=1&google_push=AXcoOmRn2NFnZNIvdAQwNeE22SkpEg8UQ6-MP6b_jDXyARzjdU78ct4K5flmov7-0WMzl8YdpKzyDWLuRgwjEO7F4mUjyDC-hbq_8kEglT1vVyhpTI09u9mVMME3opQOfh-736NLf5g8J9upiuENOBbfRos HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRn2NFnZNIvdAQwNeE22SkpEg8UQ6-MP6b_jDXyARzjdU78ct4K5flmov7-0WMzl8YdpKzyDWLuRgwjEO7F4mUjyDC-hbq_8kEglT1vVyhpTI09u9mVMME3opQOfh-736NLf5g8J9upiuENOBbfRos&google_hm=VkhTSUhxZHVGMUYxOHJrc1pJSFg=
Request Chain 429
  • https://an.yandex.ru/mapuid/google/CAESEAXdaKHhdaZIcxzcTOE5-aI?ext-param=AXcoOmSoEHzKilKkfnN6xz_-VQpIpXbBY_rdxpmqxz4yaPPmKY-HTNyQNJT9wJ9b0R965mj9-X3D7zC4pXGevXEn38GSeKlu6izG2x3YnXvkuKA6HayEjFAIJyT1wL3NWDe5lnZhC5djAfbbpH4kfSOVTVBT&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAXdaKHhdaZIcxzcTOE5-aI?redir-setuniq=1&ext-param=AXcoOmSoEHzKilKkfnN6xz_-VQpIpXbBY_rdxpmqxz4yaPPmKY-HTNyQNJT9wJ9b0R965mj9-X3D7zC4pXGevXEn38GSeKlu6izG2x3YnXvkuKA6HayEjFAIJyT1wL3NWDe5lnZhC5djAfbbpH4kfSOVTVBT&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAXdaKHhdaZIcxzcTOE5-aI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
Request Chain 437
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayYWtae0Cl5WRAnQkG97wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJNN77Gjb6VvOfTo6tKm7fQ&google_cver=1
Request Chain 439
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjE0MjU0NDkxMzM3ODA5Mg%3D%3D
Request Chain 441
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 471
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdJZY3KqIsOgt-9I54w2AM&google_cver=1&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNwaIY2IPGFySSwTjzB3ZVHw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIdJZY3KqIsOgt-9I54w2AM&google_cver=1&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNwaIY2IPGFySSwTjzB3ZVHw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NDU5OTk4NjE1OTI1OTg5MQ&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNwaIY2IPGFySSwTjzB3ZVHw
Request Chain 472
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEqkVdTZNDjMq87sfTyuBc8&google_cver=1&google_push=AXcoOmTFbUDUY2WWtGejAdH2eJUMRDLZYMdu_9ZIS2Tpq5YDiX-XHW_Zd5hcyD1wdu6J167F3WlEIHgZabM2ll-oST9E6zjn0Qk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kH-fybSnT-KSyacE_9ySfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTFbUDUY2WWtGejAdH2eJUMRDLZYMdu_9ZIS2Tpq5YDiX-XHW_Zd5hcyD1wdu6J167F3WlEIHgZabM2ll-oST9E6zjn0Qk
Request Chain 482
  • https://fw.adsafeprotected.com/rfw/st/1851044/76751983/skeleton.js?adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5c4365c2-c527-e52b-b13f-596cc327a82f,c:1VTvLC,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-bff5bc4d-fgvl8,rg:au,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:358,mot:0,app:0,maw:0,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n1%7C1o1,idMap:1k*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:381,oid:82a22317-b812-11ee-954e-726ff3830928,v:19.8.473,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 488
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5432142544913378092
Request Chain 507
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5432142544913378092
Request Chain 508
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gmiCxI1l1sGZbNqT0jvOn9BlhcKZbNCQgGhOZKr8
Request Chain 510
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixp5FsgBUsNLlU0cTOLBBkLLcKA
Request Chain 511
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
Request Chain 512
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0d7fc1fc-3226-4bd9-a999-90a207b6c7ea&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 513
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAXdi07LWTEAABRrlV6AgQ&expiration=1707019614
Request Chain 518
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5432142544913378092&gdpr=0&gdpr_consent=
Request Chain 519
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0335911a-7a5a-4369-953f-66e45f8e417d&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=6eaa2baa-55e5-37ab-9353-f258d4bc27da&ssp=pubmatic&bsw_param=0335911a-7a5a-4369-953f-66e45f8e417d
Request Chain 520
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H
Request Chain 521
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1368ac9i7eel
Request Chain 523
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bafe19d50c9459580f5f6da5f83e476
Request Chain 524
  • https://idsync.rlcdn.com/420486.gif?partner_uid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkwN0Y5RkM5LUI0QTctNEZFMi05MkM5LUE3MDRGRkRDOTI3RhAAGg0I3rCyrQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b9f87dae44ac2f813c20e0da38f156f69996fe85f9cf5679b164fbb0dc33cbb5791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiOWY4N2RhZTQ0YWMyZjgxM2MyMGUwZGEzOGYxNTZmNjk5OTZmZTg1ZjljZjU2NzliMTY0ZmJiMGRjMzNjYmI1NzkxNDI2YjU0MTdkY2UyMRAAGgwI3rCyrQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiOWY4N2RhZTQ0YWMyZjgxM2MyMGUwZGEzOGYxNTZmNjk5OTZmZTg1ZjljZjU2NzliMTY0ZmJiMGRjMzNjYmI1NzkxNDI2YjU0MTdkY2UyMRAAGgwI3rCyrQYSBAgCEABCAEoA&google_gid=CAESEIF2HUiS_CrfV5PcKGqTvvw&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=5874f849-da4e-409e-992c-e51fff756727
Request Chain 525
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8736539291829164602&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 526
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M8ZuYmVE2uUrZjbZBlJL5Mmbebjc.pg-~A&gdpr=0
Request Chain 527
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Request Chain 528
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7400542808841046203
Request Chain 544
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixp5FsgBUsNLlU0cTOLBBkLLcKA&gdpr=0&gdpr_consent=
Request Chain 545
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=514b8e45987845539092ebfcaf572fcc
Request Chain 548
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bUbF8T4SBsW2amyUX5isZQ
Request Chain 565
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=851cdc80-b812-11ee-b2c2-6fd221ab7f7d
Request Chain 566
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 569
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 570
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FxkkSW971Rrp6N5&gdpr=0&gdpr_consent=
Request Chain 571
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1973209971654081089
Request Chain 572
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4a8f76d6523c1fb1&is_secure=true&networkId=17100&version=1&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALOivzFb8yQgM9x_jeAAAAAAA&expiration=1705896417&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&is_secure=true&gdpr_consent=&gdpr=0

572 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1705810007454682861
  • https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
446 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
c2a81174ddee03c5d852e13f9724bdc501e044bef98411e44145d82be280ea07
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 04:06:48 GMT
expires
Sun, 21 Jan 2024 04:06:48 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 456432 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d48db39809cdae2a0564044c5fccc5f44-1705810007&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=48db39809cdae2a0564044c5fccc5f44
x-content-type-options
nosniff
x-elasticpress-query
true
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 123 242 443
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Sun, 21 Jan 2024 04:06:47 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Sun, 21 Jan 2024 04:06:47 GMT
location
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
4D1GJEGT1GCV0Y5Q
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=259820
accept-ranges
bytes
content-length
11472
x-amz-id-2
wh9KebbyRj+d142y6tc21p5N8dWqVI/mnkEOS3Nwey+jIgd6KJX2pmQ6oREneLwnX6WcrkmhkgQ=
expires
Wed, 24 Jan 2024 04:17:08 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
server
AmazonS3
x-amz-request-id
1Q5F0NCFGRNN1BTF
etag
"ad24be3fafec705de20c00e56afe05ae"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=174206
accept-ranges
bytes
content-length
12052
x-amz-id-2
SDXHYbYN+u6ZH+AlsWcwU4O5dD4wD/aXkAVnJrVgnSyXTd4JQWGAbvUhccov1qyNu4GImKo+LG4=
expires
Tue, 23 Jan 2024 04:30:14 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
94076C9A0E3A3A44
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=141365
accept-ranges
bytes
content-length
12440
x-amz-id-2
FVxrZVkkbfLBjVxVQlm+KnHElgpxDXe9DiE6MS03dC7M+JUoxNwgsc/vppAJ4H+YOabnuYu7+Ls=
expires
Mon, 22 Jan 2024 19:22:53 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
9FDA4BA2EA21C11E
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=120567
accept-ranges
bytes
content-length
11372
x-amz-id-2
dxbVmBb27zjEUo3TRrkPAyAJ7WBGroxrFrjELPDvXs/hbR93S1RbS6d5k6zENRKFyNqVYFuHBME=
expires
Mon, 22 Jan 2024 13:36:15 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
72045c6b93aeb78e8fe8ac11d57b8a921c22ec2bcc9b0e0e3965a436e56e0d22

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 03:51:03 GMT
date
Sun, 21 Jan 2024 04:06:48 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
945
x-cache
HIT
content-length
8050
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1705809063&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=%2FCA2opzPGS5yignVRAJK%2FT7RPytKVxZv76Ew5whWSkU%3D
x-served-by
cache-bne12522-BNE
last-modified
Sun, 21 Jan 2024 03:51:03 GMT
server
Apache
x-timer
S1705810008.150100,VS0,VE0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1705809063&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=%2FCA2opzPGS5yignVRAJK%2FT7RPytKVxZv76Ew5whWSkU%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
852
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bea9bf7def21dd40b781823407a9a48764c5b7650a1cd228f262436c513f10e0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-e0d"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331404
content-length
1486
expires
Sat, 17 Feb 2024 03:43:32 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cdfab6ef2581a9bc24c2d1bd2b7d6fb5d9f94d7383981b92d7a5873a9ab41c99
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-207d"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331571
content-length
3167
expires
Sat, 17 Feb 2024 03:46:19 GMT
css-metro-desktop-critical-homepage.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		191 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7f8e5d99a87f6ae2d4f2bf02852f46a56eb8c240591e337a8894b8723689abe0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-2fd85"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2331597
content-length
26877
expires
Sat, 17 Feb 2024 03:46:45 GMT
93e7ec
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/93e7ec
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92ef866d70f202b1ac87a6c10b182335bb859ddc4adbef532537714675d2099c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
strict-transport-security
max-age=600 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-pathqs
TRUE
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
x-arrrg4
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
content-length
8783
pragma
no-cache
last-modified
Wed, 09 Feb 2022 15:13:49 GMT
blaizehappened
true
etag
"dfac83b7263dc754be072221df849a7ecfc785c9e17ff9a73003bb401c27e353"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f93e7ec&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=48db39809cdae2a0564044c5fccc5f44
expires
Sun, 21 Jan 2024 04:06:48 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		41 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
88368ae9b2482d286c5ed652a8b6c94f220d5a4a00cb502e19cd6bda85d39da1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Fri, 06 Oct 2023 07:06:24 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"651fb1f0-a5cc"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1010351
content-length
16468
expires
Thu, 01 Feb 2024 20:45:59 GMT
3c194d125b3eb4db769d4bcc833dbae7
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3c194d125b3eb4db769d4bcc833dbae7?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2b782f0dd5cb96af854693f2d9a3224ed923fc019267daf87390c9ba5f1de548

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
NO
edge-cache-tag
3c194d125b3eb4db769d4bcc833dbae7
content-length
4589
last-modified
Sun, 21 Jan 2024 00:05:01 GMT
server
Akamai Image Manager
x-serial
1920
etag
137c22ea8111f25a653582a01de80ec7-3c194d125b3eb4db769d4bcc833dbae7-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5169521
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 21 Mar 2024 00:05:29 GMT
c2ff0ac453e7ecf4fd01cddef7e60f04
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c2ff0ac453e7ecf4fd01cddef7e60f04?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
28dd4b91a4b594a6b2a86fca3ffc3c0eddd2870ca779fb57846a371baeaaddf7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
c2ff0ac453e7ecf4fd01cddef7e60f04
content-length
4167
last-modified
Sun, 21 Jan 2024 03:43:13 GMT
server
Akamai Image Manager
x-serial
660
etag
0730dd764af74887bec58ff6f1501c42-c2ff0ac453e7ecf4fd01cddef7e60f04-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182472
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 21 Mar 2024 03:41:20 GMT
11265a17c6f9d446ccf52fa404a12d3a
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/11265a17c6f9d446ccf52fa404a12d3a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
24ef5c31b2152ec20322b593ce5693800799ca384bee7e40c924efd152f1ed36

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sun, 21 Jan 2024 03:59:33 GMT
server
Akamai Image Manager
etag
2038e7a2cea75f0eacda68718ccb84d5-11265a17c6f9d446ccf52fa404a12d3a-150
edge-cache-tag
11265a17c6f9d446ccf52fa404a12d3a
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183490
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
6359
expires
Thu, 21 Mar 2024 03:58:18 GMT
99b8ff69e574fc30fd8e1f05e5d3af5b
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/99b8ff69e574fc30fd8e1f05e5d3af5b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
49ff252019c0ddf3cf64097a96858aa6569fb34ff308f367fc41f3e0d638a444

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
99b8ff69e574fc30fd8e1f05e5d3af5b
content-length
5643
last-modified
Sat, 20 Jan 2024 18:00:55 GMT
server
Akamai Image Manager
x-serial
1340
etag
2acdad83f29d3fa3744cd5f7cf15b9f1-99b8ff69e574fc30fd8e1f05e5d3af5b-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5147616
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 20 Mar 2024 18:00:24 GMT
4e0c2c5fd817d613c4cfe68bf664c800
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4e0c2c5fd817d613c4cfe68bf664c800?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9910b69240abb1d5bd4992ecf3d6bd2c4d4628dc6c0d0df65c84ea4f10113576

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sat, 20 Jan 2024 05:05:08 GMT
server
Akamai Image Manager
etag
c2303d300f8c9022f1f4b9d7973a5204-4e0c2c5fd817d613c4cfe68bf664c800-150
edge-cache-tag
4e0c2c5fd817d613c4cfe68bf664c800
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5101073
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5151
expires
Wed, 20 Mar 2024 05:04:41 GMT
f8d7ddb3a3cfff7807a6efb5d9133488
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f8d7ddb3a3cfff7807a6efb5d9133488?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
af37a3c76099650c6e1a954279b846edd976e5d75e52ab0420b37ab42c019a93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Fri, 19 Jan 2024 22:04:42 GMT
server
Akamai Image Manager
etag
1f2ded1eb2a0ba37677d68f9644311ca-f8d7ddb3a3cfff7807a6efb5d9133488-150
edge-cache-tag
f8d7ddb3a3cfff7807a6efb5d9133488
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5075927
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
6547
expires
Tue, 19 Mar 2024 22:05:35 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-2b9b"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2331606
content-length
1532
expires
Sat, 17 Feb 2024 03:46:54 GMT
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:51 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d0f-7b68"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2331592
content-length
6281
expires
Sat, 17 Feb 2024 03:46:40 GMT
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:51 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d0f-c14"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2331719
content-length
960
expires
Sat, 17 Feb 2024 03:48:47 GMT
1b355538b6cb4c804dcccb02c616fb39
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1b355538b6cb4c804dcccb02c616fb39?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fcc3eaed6d5a9eea1ec8c3508bcbb6662c0cfa5c45855a5696cc83a0b1601a10

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
1b355538b6cb4c804dcccb02c616fb39
content-length
6626
last-modified
Sun, 21 Jan 2024 02:32:55 GMT
server
Akamai Image Manager
x-serial
777
etag
83b4f73d2b5804ff34c39bf8a9802b11-1b355538b6cb4c804dcccb02c616fb39-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178157
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 21 Mar 2024 02:29:25 GMT
e96f32c2259cbb5f01d5c7bf332a4d78
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e96f32c2259cbb5f01d5c7bf332a4d78?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4f1408a5c32b4970c7c6b5ea2fcf8ac77de2916a2b8813d1c285d4840a90337f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
e96f32c2259cbb5f01d5c7bf332a4d78
content-length
2819
last-modified
Sat, 20 Jan 2024 18:03:01 GMT
server
Akamai Image Manager
x-serial
1544
etag
a4b609c706ff6cf69bc31758dfc64ba8-e96f32c2259cbb5f01d5c7bf332a4d78-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5147857
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 20 Mar 2024 18:04:25 GMT
c9f382f5b2c659d29d2eb804acc1d628
content.api.news/v3/images/bin/ 		0
0
ca691765a54b53a69420671bbe266926
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ca691765a54b53a69420671bbe266926?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
494555c97306dbd917df86a5a1058c4518f843fa9be103030f8ae0e290c18f4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sat, 20 Jan 2024 22:06:07 GMT
server
Akamai Image Manager
etag
e08fe8c2a083e0af3fbc7b8ab8c520bc-ca691765a54b53a69420671bbe266926-150
edge-cache-tag
ca691765a54b53a69420671bbe266926
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5162374
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5864
expires
Wed, 20 Mar 2024 22:06:22 GMT
edad65ee966052fd67f6d60cae8dc3a2
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/edad65ee966052fd67f6d60cae8dc3a2?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
411dbf5864c1ea1973cf5ee4714b4defe820600412aab5bc856fc983a791954f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
edad65ee966052fd67f6d60cae8dc3a2
content-length
5306
last-modified
Sat, 20 Jan 2024 21:15:19 GMT
server
Akamai Image Manager
x-serial
1976
etag
c1bf1299ef0f1c990be222deaa5f3c2c-edad65ee966052fd67f6d60cae8dc3a2-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5159350
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 20 Mar 2024 21:15:58 GMT
rea-logo.png
d2n6ofw4o746cn.cloudfront.net/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2n6ofw4o746cn.cloudfront.net/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-56.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 17:28:32 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 21:17:00 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
10406297
etag
"731035d55715734eff2f2a0f9afb31e7"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28648
x-amz-cf-id
xMcR1u2yWmJ3zUB25aI1hkrbZSOzw3CzLIsvOVjRq4U-7Qdbo39r7A==
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sun, 21 Jan 2024 04:06:48 GMT
cache-control
max-age=29448
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1686179714.642139"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5ccc09fdf107c1a69faa7d4b0dd9e409f9f3a91b44c2f6a04cf0144d7ecdfd24
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sun, 21 Jan 2024 04:06:48 GMT
x-datacenter
gce-asia-east1
etag
"515a6487a300201917c77899487ee30ea00dec762fac0d339e756c372cc5d5dd"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
x-amz-request-id
F8A63720F3D5AB98
content-length
347
x-amz-id-2
CQCVEyARCqenU/tY2qB7hXGbDbAoiOXjmV6cpnQEYR80YlM3cDpqQvmsVtYpfRI2TbcgMM7RM8I=
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
etag
"4d7595f832e4962b83a9428c3723233b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=382461
accept-ranges
bytes
expires
Thu, 25 Jan 2024 14:21:09 GMT
ktv-icon.jpg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ktv-icon.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 09 Nov 2023 00:18:01 GMT
server
AmazonS3
x-amz-request-id
HK5XT3KEEF4VSH37
etag
"481ac438f263d8b4ef0b66cb4ae1364c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=68053
accept-ranges
bytes
content-length
1051
x-amz-id-2
BjDPrezyJzpNh9xLkhqLcqRn6QJq3ThXFGZ8drgwWQdHEq2MF5zI47BEWDtdiTKeF9ZNJqNxGro=
expires
Sun, 21 Jan 2024 23:01:01 GMT
taste.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/taste.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
68090a50dff31ecaf3fe5037b0dc74ad158f2480a7908f9b610fb0bd06ec3794
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Wed, 04 Oct 2023 03:07:21 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"651cd6e9-381c"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=347993
content-length
3513
expires
Thu, 25 Jan 2024 04:46:41 GMT
kidspot.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/kidspot.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4c0e900d88a4d79acc98c18901c221ff93418f92cfb8e3b10f5030b5d026071a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Wed, 04 Oct 2023 03:07:21 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"651cd6e9-10b5"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=775212
content-length
1678
expires
Tue, 30 Jan 2024 03:27:00 GMT
bodyandsoul.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/bodyandsoul.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ccb31b1542aaee2eb3ce785ccc2b5ab2b009461292d220cd329c2112da343826
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Tue, 14 Nov 2023 00:14:24 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6552bbe0-18b7"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=453251
content-length
2357
expires
Fri, 26 Jan 2024 10:00:59 GMT
quote.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/quote.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Mon, 18 Dec 2023 03:22:15 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"657fbae7-539"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=339072
content-length
656
expires
Thu, 25 Jan 2024 02:18:00 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
E9CDDF2B5A502543
etag
"b0f5ec7455ded53e84de4fee006a5110"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=221382
accept-ranges
bytes
content-length
342
x-amz-id-2
4vhJZpXR184FTPaMCnGWCqzRecyPnGMiYI8QC41Od5onjzbbWXQqy1ic0p3X71pzoEgU2oCcjE8=
expires
Tue, 23 Jan 2024 17:36:30 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
NPJT6E25JB6XS8CX
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=272256
accept-ranges
bytes
content-length
284
x-amz-id-2
xkuysHiunw3ogNrq64+kS8JjUIHZYsbhA7+J3G5Wcgh5H9zUTO/gKl3ZbDwuTrydGvsQ0IuTxEc=
expires
Wed, 24 Jan 2024 07:44:24 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
F5BEA6B61E0080FB
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=211939
accept-ranges
bytes
content-length
16112
x-amz-id-2
XSzOWki59WzVq9WjYTh0wYct8vx6ZMGU+2dlGz4mFcCzrG616FshF/qMUy1ATUnp5n4952JjBwA=
expires
Tue, 23 Jan 2024 14:59:07 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

unused62
8096267
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
26D81E180649EDA0
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=90761
accept-ranges
bytes
content-length
15948
x-amz-id-2
M2jUpS/AGfEBmTbGt/LFWzcUzhc/pcInY7IeLixbMpXj46fs/Ac6WDCZUtTxRoItdyGk+D8pU5c=
expires
Mon, 22 Jan 2024 05:19:29 GMT
c9f382f5b2c659d29d2eb804acc1d628
content.api.news/v3/images/bin/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c9f382f5b2c659d29d2eb804acc1d628?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cbd56f0baf7fb7e448947d1918f1d4845484b4ad9b593a23a3c60720db376893

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
c9f382f5b2c659d29d2eb804acc1d628
content-length
40730
last-modified
Sat, 20 Jan 2024 10:05:17 GMT
server
Akamai Image Manager
x-serial
704
etag
bfc4a8a907a7ed987a86535e3212af1e-c9f382f5b2c659d29d2eb804acc1d628-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5119092
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 20 Mar 2024 10:05:00 GMT
f6a83cac45b8c37cc81173ae228aefed
content.api.news/v3/images/bin/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f6a83cac45b8c37cc81173ae228aefed?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4994c796a8d085e4429765c4d2849544cbd1bf6273c9697eef7925d84237c221

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
f6a83cac45b8c37cc81173ae228aefed
content-length
33032
last-modified
Sun, 21 Jan 2024 04:01:39 GMT
server
Akamai Image Manager
x-serial
11
etag
00b433688453995fea013ba1e7e3c225-f6a83cac45b8c37cc81173ae228aefed-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183712
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 21 Mar 2024 04:02:00 GMT
67001bebd015d4e1a5ea1d17a0a27a36
content.api.news/v3/images/bin/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/67001bebd015d4e1a5ea1d17a0a27a36?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
28a7850e7a2b6bc3b0361297af6390fd73b1ec3a8a99cd84fc253efb067baa0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
67001bebd015d4e1a5ea1d17a0a27a36
content-length
26043
last-modified
Sun, 21 Jan 2024 02:59:46 GMT
server
Akamai Image Manager
x-serial
1304
etag
41ec20e760ffcd44ab1dd6b0739fe748-67001bebd015d4e1a5ea1d17a0a27a36-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179931
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Thu, 21 Mar 2024 02:58:59 GMT
282bb69e014bafb5e2b9c7fbcf33ecad
content.api.news/v3/images/bin/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/282bb69e014bafb5e2b9c7fbcf33ecad?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f25dec6bd039dbd88cdfaf19f59a95ae3f6a61c7e8d3bf18c40382db87ac4c3d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sat, 20 Jan 2024 18:01:08 GMT
server
Akamai Image Manager
etag
39467280218260f9d6d0f6472fa28c86-282bb69e014bafb5e2b9c7fbcf33ecad-320
edge-cache-tag
282bb69e014bafb5e2b9c7fbcf33ecad
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5147647
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
21496
expires
Wed, 20 Mar 2024 18:00:55 GMT
95b0eccaa6e4efc5682c9370e3cb2a72
content.api.news/v3/images/bin/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/95b0eccaa6e4efc5682c9370e3cb2a72?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6fbad25b80edaa437b24ca5bd5e74e7e0467dcabefd5d7c94768d3be78bb5519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sat, 20 Jan 2024 18:10:14 GMT
server
Akamai Image Manager
etag
6338e6af1b1c373d1cdb68063b327ce1-95b0eccaa6e4efc5682c9370e3cb2a72-320
edge-cache-tag
95b0eccaa6e4efc5682c9370e3cb2a72
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5148151
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
11538
expires
Wed, 20 Mar 2024 18:09:19 GMT
5604efc96d4731b92c6bfdd100fa2a3d
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/5604efc96d4731b92c6bfdd100fa2a3d?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
55e798d8ba9ed6521bd609d225579352015d66291d8401bc22a01d7b9b594732

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sun, 21 Jan 2024 03:17:53 GMT
server
Akamai Image Manager
etag
47250960544eac2cf719137c74009796-5604efc96d4731b92c6bfdd100fa2a3d-320
edge-cache-tag
5604efc96d4731b92c6bfdd100fa2a3d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181150
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
17439
expires
Thu, 21 Mar 2024 03:19:18 GMT
8928a3c9d8e8e2b4a88d09c4f6f892a0
content.api.news/v3/images/bin/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8928a3c9d8e8e2b4a88d09c4f6f892a0?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1fb2f44ceae6aa37d8e069e42cb2f90c3a59523e0f0f184a6f281ec82433d6f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
8928a3c9d8e8e2b4a88d09c4f6f892a0
content-length
9675
last-modified
Wed, 17 Jan 2024 21:56:14 GMT
server
Akamai Image Manager
x-serial
276
etag
fffc1d44040534411dd24f0c4763db6f-8928a3c9d8e8e2b4a88d09c4f6f892a0-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4902647
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 17 Mar 2024 21:57:35 GMT
37ed636941a27683f9f31f9154f3e068
content.api.news/v3/images/bin/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/37ed636941a27683f9f31f9154f3e068?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a8de4b62e2e04f2795d160ff49d1d65bba4f1f2b97decb4e5f3e792bcf2cc61c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
37ed636941a27683f9f31f9154f3e068
content-length
1112
last-modified
Thu, 18 Jan 2024 22:38:32 GMT
server
Akamai Image Manager
x-serial
522
etag
4799be0399b5905374dab3850f4ff99c-37ed636941a27683f9f31f9154f3e068-320
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4991404
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 18 Mar 2024 22:36:52 GMT
15505786bf8b3bb61375e6cd5bc2081d
content.api.news/v3/images/bin/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/15505786bf8b3bb61375e6cd5bc2081d?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
610365a5f12795cdd4bba06c96bea7f8186f9765d719f7bb33abe7cc7961efd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
15505786bf8b3bb61375e6cd5bc2081d
content-length
9519
last-modified
Thu, 18 Jan 2024 03:35:50 GMT
server
Akamai Image Manager
x-serial
672
etag
90ba11dee5b3a9e96feecc4ebbc9f631-15505786bf8b3bb61375e6cd5bc2081d-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4922939
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 18 Mar 2024 03:35:47 GMT
a0ea387a82a37de112648fb22b9fc429
content.api.news/v3/images/bin/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a0ea387a82a37de112648fb22b9fc429?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
68d941ef76ef9789616c88d4cb4cf57ae2edf0d11a1c97e5d5c6042d4413891e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
a0ea387a82a37de112648fb22b9fc429
content-length
15649
last-modified
Thu, 18 Jan 2024 04:01:20 GMT
server
Akamai Image Manager
x-serial
391
etag
8aafe210809074ddad6b495f3792aa64-a0ea387a82a37de112648fb22b9fc429-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4924205
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 18 Mar 2024 03:56:53 GMT
4202ccecbcf9abbc6a1ca1ff280a888b
content.api.news/v3/images/bin/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/4202ccecbcf9abbc6a1ca1ff280a888b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f03d0e9f3d358c79e511a19fa83803eefda9a1fbce11e4b101cc9d493a4ac624

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
4202ccecbcf9abbc6a1ca1ff280a888b
content-length
23498
last-modified
Sat, 20 Jan 2024 12:48:13 GMT
server
Akamai Image Manager
x-serial
631
etag
b05093bcdb230d40d861efac6474d0c1-4202ccecbcf9abbc6a1ca1ff280a888b-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5128713
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 20 Mar 2024 12:45:21 GMT
59221f68556e5250be443239d5839f96
content.api.news/v3/images/bin/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/59221f68556e5250be443239d5839f96?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6206831bd518b14e63a0736b35825ed49d4f2302baf1b1629de6075247524e3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sat, 20 Jan 2024 18:01:50 GMT
server
Akamai Image Manager
etag
3c4e2a2e6b35fcec6454bb193a2e3abc-59221f68556e5250be443239d5839f96-650
edge-cache-tag
59221f68556e5250be443239d5839f96
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5147797
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
48745
expires
Wed, 20 Mar 2024 18:03:25 GMT
7268be737d9a700545fbf74e29a5a302
content.api.news/v3/images/bin/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/7268be737d9a700545fbf74e29a5a302?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7bef2aad25dc3c6c0e66457d3d28a69010aced90a4c8ccf41b384f1225cf1d82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sun, 21 Jan 2024 03:33:21 GMT
server
Akamai Image Manager
etag
b25a5e7679e0934b86996994ff33bdd3-7268be737d9a700545fbf74e29a5a302-650
edge-cache-tag
7268be737d9a700545fbf74e29a5a302
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181941
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
50579
expires
Thu, 21 Mar 2024 03:32:29 GMT
fdeb183ec3ed1b34ad56dfd5b4b5a21b
content.api.news/v3/images/bin/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fdeb183ec3ed1b34ad56dfd5b4b5a21b?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c5c6abefd29583b3c5d2390204dd9e1490ed973f2fd59c684176b7117f3ec117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Sun, 21 Jan 2024 01:56:23 GMT
server
Akamai Image Manager
etag
6edef5966c64aa0355c35aecb4149c9e-fdeb183ec3ed1b34ad56dfd5b4b5a21b-320
edge-cache-tag
fdeb183ec3ed1b34ad56dfd5b4b5a21b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5176184
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
15271
expires
Thu, 21 Mar 2024 01:56:32 GMT
32cf9c060002e47775ffe202dde046f6
content.api.news/v3/images/bin/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/32cf9c060002e47775ffe202dde046f6?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3b991be47fdc8d44c88f6d66ff7d68e181a6babd7f54b1c91df56aa83aeaf4b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
x-check-cacheable
YES
edge-cache-tag
32cf9c060002e47775ffe202dde046f6
content-length
54433
last-modified
Sat, 20 Jan 2024 21:29:01 GMT
server
Akamai Image Manager
x-serial
236
etag
2ad3c7d9aa45143fe5b5cc5d403e8723-32cf9c060002e47775ffe202dde046f6-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5160113
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Wed, 20 Mar 2024 21:28:41 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
"65a89d10-37"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2331597
accept-ranges
bytes
content-length
74
expires
Sat, 17 Feb 2024 03:46:45 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		295 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d069db23f49f65064f0488f9653037d47c757af49b033d1066b92d23709d4d4f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
server
AkamaiNetStorage
etag
"f95a8be020e47eec31e6f815bf3fea83:1705366796.617494"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1563
expires
Sun, 21 Jan 2024 04:32:51 GMT
indies-loader.js
resourcesssl.newscdn.com.au/indies/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
135c38980e286aa356cd151198e12d0f3c577531dc068bae2ba82d2945ac60f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
N2EDkRHNZNkQ3IBNXC7lUt33doAiznQs
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
VVDQDJ5465E7RCG9
x-amz-server-side-encryption
AES256
content-length
2005
x-amz-id-2
Vns0ATJxGGwZYHu6XD5j+efrtRSWz7Jo0zRZMuWRYfDXeoltD9l7bNL8zm4dibrA/6OJE3z9ILw=
last-modified
Wed, 29 Nov 2023 00:01:29 GMT
server
AmazonS3
etag
"bb643d40ad0928161ad37ab2e9224f2c"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=675
accept-ranges
bytes
x-p
/indies/indies-loader.js
expires
Sun, 21 Jan 2024 04:18:03 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5ea6d83b67f5ea70dcbac2680dba6849b176e06ae130dcb82973fcf665d6d0df
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:43:50 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89e76-18e3e"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331707
content-length
28978
expires
Sat, 17 Feb 2024 03:48:35 GMT
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		961 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d5f41e8c57dc986e2921723ceb4fc17197802177d71d4d1de3564c918ee62ec0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
x-amz-request-id
0GP9PZJ0QJM62NKH
x-amz-server-side-encryption
AES256
content-length
234956
x-amz-id-2
quzhJlgyjhwg2EG3jfkhXch8ki7RSHiyKAY6dRdPQmB2OF2o9WNs4Z8xpVN3oydAGhXnEqAwC3o=
last-modified
Fri, 12 Jan 2024 05:08:51 GMT
server
AmazonS3
etag
"aa16d6786b73914bb5eb6112d6732f6a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=376
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:13:04 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=+twbxD1P/2b33meZxyVI8b2xn30=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-2b9b"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2331606
content-length
1532
expires
Sat, 17 Feb 2024 03:46:54 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a925505f3081d8806a240aa875ad4e470f2c6f4413175cd5701e18172487197e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-1984"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331645
content-length
2267
expires
Sat, 17 Feb 2024 03:47:33 GMT
js-mosaics-helper.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-mosaics-helper.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95ac383c4fa19e0a921e9d5f41e2ccf537d4988c70696192739a0ab87a91801a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-2824"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331616
content-length
3246
expires
Sat, 17 Feb 2024 03:47:04 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=4fad5c9e998f70e349a1a4db53af5ca9,aea201583136b12bb61ef5452d1b81b0,84e4bf18d04bea6e0a960d5e011d5cda,022ed75bec6d8304bf56bcf34d938bbc,f2bcbbd0714a3b9d568a9f3d4f1fd4c5,9686ed504e11a3b7931ad9c017697b31,74ccc6e6de4acfb015388d75ec08c4ac,e9e42c7bccb1f9dc854d1851222ad155,9e4c50006953affc7877bcc5a5824ef5,8fd991cb6a321e0844fb98015b8e0c40,b76d254ebcf0c60f215f22a41faf8492,7fd4e3619e5db0a0794d3dd74ca7b01b,5d8d87e7609fe59717c322abb9295286,caf1d6a82de15ee02d754c936827966b,aa28a46837b725cb0699e7faed7fbebc,f26cb85f43aa65780ad5454a04f65a33,117ad516ee4cd63c5931b47e4e69ca7b,0017693189c0d153a25e2f56b5060dfe,eb50c7ae5ac809b5cef5b7d5a3a0b43a,a59edf2294b437071f6c83641570d35a,707d075ffe77cfffa15540a073f80fcb,0663aa80a0c134ae639e5cf7c965eb1c,821c27d35ff508b10736b732fb47cc05,953c6740377dcd87aa09285a32fea90e,75cab4678bb51aaef1a6067628eef8b4,99a11c4238943fb1ebfd370267c1b16e,abe45418589212066cd24b8124263928,91584729dc05333730e2e7ee92218161,b76650e630a3169a0ebbd1810f667e03,3dee7f304372e8f46bb357bd96e24723,a0016ea0848aa969910df32494517d4c,f5064d5feb5203ec94e1cdee3629fee5,8ee569f2ff48958d5ae72fdb623498e5,f877873215dbabe54851a7eb54d3b0b0,8ad145956452d4eebdb5b043f1a12ef1,20fda2ef985b5168fd9e8e314bbb0fe1,f6cfae1bf0c26c4d1c2c7fb2bd482a29,1fa40b4891e7d40b27fb48d454f1a117,9491b064545049808de24deb0b59e7b6
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
a297331563fc894baf99a4d19de73dcf1c449f675e2edcd9d7707bb25affea44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 04:06:48 GMT
server
nginx/1.20.1
etag
W/"5c5-Y+zeksxdzqrtLQMKhF5FF7yF1z8"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
91139ac0-b811-11ee-abc6-c5d71bffbe78
content-length
842
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8a8c35898b3c720a9de12c22e1bc7858d4b3227c5d568806829d621ca2e2a61e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
740
x-rq
syd3 123 243 443
server
nginx
allow
GET
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=1
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires
Sun, 21 Jan 2024 04:06:49 GMT
authorize
login.newscorpaustralia.com/ Frame 774D 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=oFbdXnZ2atOHcVUJG9PMg0sM4MF~vu5m&nonce=GFPlfmkH4ZAzHav6ZUthXfTRjR9ZJnJX&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.44.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-44-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
ac8eb26a2413ff03d2ec1e417af71eedc6d5f2a92b0da08615672e20690302e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
848cafc90b60aaff-SYD
content-encoding
gzip
content-length
929
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Sun, 21 Jan 2024 04:06:48 GMT
expires
Sun, 21 Jan 2024 04:06:48 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 537 0 pmb=mTOE,4
x-auth0-requestid
6ceea5c48eb028f58eda
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1705810009
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10752e39650ae0e10a7917d4e282603a23d5fe7861461a76188b2e7b231c2cde

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
vG5kpuA9M3SwGg8NcWvJK73BsvP2PVgJ
content-encoding
br
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 04:02:53 GMT
last-modified
Thu, 18 Jan 2024 06:32:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
238
x-amz-server-side-encryption
AES256
etag
W/"0f4e3301aa25a345500985f180ce5ec1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
PNGKuggv6KwF4Np4nSjMbwLJxQvcZd-2O8DnMkIQn3NfTltI8c3xqw==
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		88 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b232164dba924938a176fd39e925a924e6cff0ccbccb582f6c3ccf560d7f0fb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
NMLTFT03f5b3GtilFSNOUQpPT2pMh_ry
content-encoding
br
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 04:03:03 GMT
last-modified
Thu, 18 Jan 2024 06:32:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
225
x-amz-server-side-encryption
AES256
etag
W/"9ac0217e8ba949a2f435422b65d3b36f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
buJ5dRW7UgwWcQ2wtfCXbRqwZ6B147YoqvJTGKb6eKvFs4tAlnrpbg==
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		237 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8ab16e3fea8a6ea7f5a151da3acfd6826ea94ee31a2d894d1de64eeedbc73a94
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-3b5d9"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331549
content-length
55242
expires
Sat, 17 Feb 2024 03:45:57 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e70c4605cfa84bbad7055f51b13fc721c9323cc152f47c7e4c491a3c8177590c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 18 Jan 2024 03:37:52 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65a89d10-22a8"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2331711
content-length
3543
expires
Sat, 17 Feb 2024 03:48:39 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b4ed66466f4440bec6f97ecf822be57ec4350e55be30c458efb3657ce505549

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
1649
apigw-requestid
R3x_WgyhSwMEM6w=
expires
Sun, 21 Jan 2024 04:06:48 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
R3y93hHmSwMEQ7Q=
cache-control
max-age=1779
date
Sun, 21 Jan 2024 04:06:48 GMT
expires
Sun, 21 Jan 2024 04:36:27 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/generic-sub-navigation/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/generic-sub-navigation/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3f3c9d57240af0f93997b919f5df9a17f292d2e6359d28f308a3e596f7a4024a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
fvoZ.PeaMoeuyuG4hPOLIaVqdlRYAC7b
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
A3F3J59ZPY4GMWQB
x-amz-server-side-encryption
AES256
content-length
721
x-amz-id-2
kKfq33W8lpoqV6edyr0a5oX+sslK4bYbKfaIsCl4kdP6yiJ0DTFbwfTzS33cDaTKSkAVwJm6X+ck07XsST1saA==
last-modified
Thu, 18 Jan 2024 11:25:10 GMT
server
AmazonS3
etag
"299e1e1e6aa9fdbdb4d4508d008d35ee"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1273
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:28:01 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/generic-sub-navigation/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/generic-sub-navigation/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
220107cacc48efc3973db9f68bf3a63b15c435ddde7c970ac462fafd0a95999e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
aEqAObQm_nbxiXjVZmKylFZ4U6cymt9w
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
A3FAPS65J2W71YVJ
x-amz-server-side-encryption
AES256
content-length
1701
x-amz-id-2
p66w2cow9z6+I5Lc9kGKTc775zhdSssKxuC40ivTgPeBfxOgidmd7hMPttqXqzU1F04/Zttb7eo=
last-modified
Thu, 18 Jan 2024 11:25:10 GMT
server
AmazonS3
etag
"d6faa5c2b1640a4f6b907d0529b68149"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1325
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:28:53 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		1 KB
857 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
BX8.1.BP2llCaye6YGxY3rM4gyIbjuUX
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
A3F7YH3NE1Y8REV8
x-amz-server-side-encryption
AES256
content-length
482
x-amz-id-2
WenFs17m40CechmYB4SUTlmPfSG3MDdLAkB6XolmEPwMpfuCREcrXIfoSZNtbLjPam+g2VbSbsdh/+y0UMvvnQ==
last-modified
Thu, 18 Jan 2024 11:25:15 GMT
server
AmazonS3
etag
"36ca8df1b51aa7fd5e82601bc8ea150e"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=276
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:11:24 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f0ef50bf45765ae087cc01984ebe59f10ff50a76af8b0677dda5b436347ee9dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
jnLD40wU3SOix_ps2TXzx5OeGFu9bgUW
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
A3F8X86CQCXWWKFE
x-amz-server-side-encryption
AES256
content-length
7978
x-amz-id-2
PxQoMN67J+gsk7MLupygpz9SllKarvU3Yha2KRtiYXLrhbPFQFpk7g6YylAgIe15VxA6ZSTgVJ8wYlPfAQmAIA==
last-modified
Thu, 18 Jan 2024 11:25:15 GMT
server
AmazonS3
etag
"464d07cc240e49c3763eb7b00e119a07"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=79
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:08:07 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b0a1f192e81bb6ad28e001ed495db8da2e4e0e43bf402ed8c4090770ea0353aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
m1xkSZFw3UUIxApUwFL0qSeQkNksjYC7
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
2YE34BY8WJBGS4E3
x-amz-server-side-encryption
AES256
content-length
3192
x-amz-id-2
5Lq41TVT1Ax4yKCxrRed4E2B6f5A2YGC/9NC/85AX28W+SsA0a/FSIsKw2ziSSQ3b7W0sO5rWFagq+gzZWkmZw==
last-modified
Wed, 17 Jan 2024 00:42:12 GMT
server
AmazonS3
etag
"27993dc8caba6cce2958d045bc15534f"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=234
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:10:42 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		266 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
432383a9d063e565fc52bd6edf809a2c539f7cf559994245861a1eaedba07a27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
n.l6Mr6e2KzMvl5lCw_lDCpl6Vwb3TYT
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
2YE397CQH0FBKX4G
x-amz-server-side-encryption
AES256
content-length
69313
x-amz-id-2
CR9tHaJngd2X3pNFVggioMR6YrwbwUXPAiiid+c9mi/uoQORih9agKiAP627ZiW83tPCB2E+5KA=
last-modified
Wed, 17 Jan 2024 00:42:12 GMT
server
AmazonS3
etag
"9ad9fcaef4f1d1759da4a749637126b4"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=439
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:14:07 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-30.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 13:02:26 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
64174
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
bvIzxEe2AuBLYd5Da1rdfOY4C7Z2o5sncq7NsibzNIEtb-v1xtZq-Q==
arrow_left_black.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/ 		295 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/arrow_left_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Wed, 15 Mar 2023 00:11:28 GMT
server
AmazonS3
x-amz-request-id
5H68CQRPWS597F3K
etag
"f55d1ae7b7bc941af883ba0e4179a13a"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=517318
accept-ranges
bytes
content-length
295
x-amz-id-2
sx/K2ixRblWLYlUVZPIID+B1UfvkvVCf+JzcKIm7UYTkQoV1BE6a8dlozzX2P00zwQ0D7rc7llg=
expires
Sat, 27 Jan 2024 03:48:46 GMT
arrow_right_black.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/ 		294 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/arrow_right_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Wed, 15 Mar 2023 00:11:28 GMT
server
AmazonS3
x-amz-request-id
4HJF9F0W1XPJW911
etag
"0213d7039af05f02cbd9551d0dec8d53"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=146976
accept-ranges
bytes
content-length
294
x-amz-id-2
zb/EM0QJs8vlcljoOQ5B7auMyI+vmSymNloECk25MysUQX90mQg8hl2IIZNokxwZVX8FlvQp7XA=
expires
Mon, 22 Jan 2024 20:56:24 GMT
query
www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/ 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.16.0)%3B%20Browser%20(lite)&x-algolia-api-key=&x-algolia-application-id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b78805de7287a5355999ae04c646ae6d3a919cf3eabe8b452c98f2ec0456dc7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-disposition
inline; filename=a.txt
content-length
4018
pragma
no-cache
x-alg-pt
8
server
nginx
vary
User-Agent, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
expires
Sun, 21 Jan 2024 04:06:48 GMT
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
3a70c6fbc9b25df449f6df29f657dff5d55f9950f881654a076067295a1ce657

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
141802098 144184548
access-control-allow-origin
*
cache-control
max-age=560
accept-ranges
bytes
content-length
752
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
8e17ce34a1730596e106292a3e0ed2266e8d17e8eb40ca411d9e03926b33ccdc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
94975666 88816035
access-control-allow-origin
*
cache-control
max-age=2002
accept-ranges
bytes
content-length
817
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
7c63d5e9356b64e1027b5bd8a5cf9db370e4626df8e46255000c53c69884f510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
88361699 78791038
access-control-allow-origin
*
cache-control
max-age=41
accept-ranges
bytes
content-length
778
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
bea851ff89c11e1666fa97026bbcb7f6a96e33df954f5c94c1229247891ca04d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
128480750 130493103
access-control-allow-origin
*
cache-control
max-age=339
accept-ranges
bytes
content-length
529
e128e8d26ce18544f47b104cb6517bf7
client.api.news/collections/ 		45 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://client.api.news/collections/e128e8d26ce18544f47b104cb6517bf7
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/generic-sub-navigation/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14faadd4e6b9c2390dc409933d0c70bdc4c7f85b48a26efa7d2e766df5a2341f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
x-origin
CAPI
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
content-length
3619
last-modified
Sat, 20 Jan 2024 22:15:41 GMT
server
AmazonS3
etag
"e72abda0452c48410d080e9d143cf07d"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=40
accept-ranges
bytes
x-amz-cf-id
RGJC0PxDuTLzOktVswNvphIbVwm0795Ohyt44vOcchSMvqI37ABw7Q==
expires
Sun, 21 Jan 2024 04:07:28 GMT
title-arrow-blue.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		168 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-blue.svg
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2022 05:11:08 GMT
server
AmazonS3
x-amz-request-id
TDEEBKKC1Q58263S
etag
"66be3d1dd6a8e48ce691f235e6119f50"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=191481
accept-ranges
bytes
content-length
156
x-amz-id-2
9ese8clKkWWiPejSzXFMMTRnTa4X/dJiVOCEt/ExjUM2YTRLAvL9qBhOfUQRTMx6t8kYE1AygLw=
expires
Tue, 23 Jan 2024 09:18:09 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.44.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-44-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers
3ef65392
login.newscorpaustralia.com/akam/13/ Frame 774D 		0
0
QtNEkI
login.newscorpaustralia.com/LdI8sb37WoFxVgiVqrQ1aH_KVpk/iOEiDNSrrb/ZV46Lw/KyxvJ/ Frame 774D 		0
0
sec-4-1.css
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 774D 		0
0
sec-cpt-4-1.js
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 774D 		0
0
index.min.js
players.brightcove.net/5348771529001/938M1Zecs_default/ 		931 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.34.73 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-34-73.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
PeOMqIIQk0AX.dt12S5B9WegUKTCIoLY
Content-Encoding
gzip
Date
Sun, 21 Jan 2024 04:06:48 GMT
x-amz-request-id
7CX8XRZ7T5GAGHAS
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
255199
x-amz-id-2
EsuAy1xefWVEeGWRzHLMTYrwpqjkh+zGVZXb2nb0jY+TFHUZ3f5uJIx86WvxOobSfmfVbKLISKg=
X-BCOV-Response-Mode
1
X-Served-By
cache-syd10176-SYD
Last-Modified
Mon, 18 Jul 2022 05:27:06 GMT
Server
AmazonS3
X-Timer
S1658122027.661738,VS0,VE1480
ETag
"ee60f1c90237e0fc32d8071fe73d0e86"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=46
Accept-Ranges
bytes
X-Cache-Hits
0
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=53708
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
date
Wed, 17 Jan 2024 03:04:00 GMT
x-amz-cf-pop
SFO53-P4
age
349370
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
0wLS7ObkDamEixY0qhLWY-nkJ1-FP0VJSTQMPlnXyPX01VfU6j918w==
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=L9de/0P7odlRgSftvLCv+31ULVE=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.44.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-44-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ab4134369398656a18ff7a84a790b2bbbe88282c75af9e05b4884fba83a296c
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Wed, 08 Nov 2023 05:12:30 GMT
x-amz-cf-pop
SYD62-P2
etag
"14295098f99f1ff4727aa471dce658b9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=41
accept-ranges
bytes
x-amz-cf-id
Nxk7D3t_SCrRHCHLaR1MO9JJ7QK4wTgLKVTffalgRX-lbMW99KYiYg==
content-length
82238
comments-count
mhr.talk.news.com.au/api/v1/ 		114 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=956463051e76b13da497ed542d05f0dd,%20ee9025ba3b8c4dce95e5c20dd4d8f46d,%20e8fe156a5b240fb38f57981c739447a0
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
42d00df74ef93cbd88bfabf059b8cc053c8dcb163cb8a7c5fa3cf618b845d905
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jan 2024 04:06:48 GMT
server
nginx/1.20.1
etag
W/"72-jf2oduxJC3wlQI7obi4GE6DU9jc"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
bd6546f0-b811-11ee-9436-8777c83a4e5a
content-length
105
x-xss-protection
1; mode=block
tennis_ball.png
d2n6ofw4o746cn.cloudfront.net/sport/files/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2n6ofw4o746cn.cloudfront.net/sport/files/tennis_ball.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-56.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0241f963e2e777bc6e05666a1784ff08c1078953124bdd9da249128708546f73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
RW2xTLYW9e8ityNxeCtSDla3rnHiDHl_
date
Sun, 21 Jan 2024 04:05:57 GMT
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 01:39:44 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
162
x-amz-server-side-encryption
AES256
etag
"6dfd551d4dc94b529117171b6edc2bc1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17642
x-amz-cf-id
r21vA0GVxduVtxI26sK1etiytNgUOsyhULNc9Hx8r0UihtD0_msFWQ==
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
sffe /
Resource Hash
a5409ed14e9dff7a05818b8dbedd143cf9dbfb9dafc9cb643c7c8b7b75ed94d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60638
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 19:56:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:38:55 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_823638
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
3494226
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QUKr1Cr72X0AX6ROKxdn2iUswr_8QXtmDxkojTGs3GZlvJS65n5RWQ==
fixturesandresults.json;from=2024-01-18;to=2024-01-28
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/63/ 		17 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/63/fixturesandresults.json;from=2024-01-18;to=2024-01-28?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
830268e715c355e3289a5c458c4925cb38aa132579d828b024bc61c24be54d40

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
137332401 135537697
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
1727
fixturesandresults.json;from=2024-01-18;to=2024-01-28
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/138/ 		13 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/138/fixturesandresults.json;from=2024-01-18;to=2024-01-28?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
84ac63fe5a7f0767aa1559d03737fa4ee0d6701144529d1506b09ff245ea9a60

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
132846313 132651210
access-control-allow-origin
*
cache-control
max-age=2
accept-ranges
bytes
content-length
1507
fixturesandresults.json;from=2024-01-18;to=2024-01-28
statsapi.foxsports.com.au/3.0/api/sports/football/series/9/seasons/138/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/9/seasons/138/fixturesandresults.json;from=2024-01-18;to=2024-01-28?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
dae930d02f38b96a08d5c3466b1da3acaa614c13e6a7e8a9d8491ddeed5c78d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
90260922 95225035
access-control-allow-origin
*
cache-control
max-age=3
accept-ranges
bytes
content-length
1454
fixturesandresults.json;from=2024-01-18;to=2024-01-28
statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/seasons/295/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/seasons/295/fixturesandresults.json;from=2024-01-18;to=2024-01-28?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.234.7 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-234-7.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
ef5184bc3d8518210bd52dcedd01dd73c3ecbbfdeb7e6f5bab82ac73539bb449

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
125904879 126224043
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
1123
nbl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/nbl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c21be9db4a5aa36ef2488085f60682b852099e863f6b9d87647f17761cf9e3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 05 Oct 2023 03:17:45 GMT
server
AmazonS3
x-amz-request-id
3SG2Z9WTTHF2MWS3
etag
"801ad54b871f51617ce7c6016ea8f2f1"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=164159
accept-ranges
bytes
content-length
27842
x-amz-id-2
T1p2cwQLztk9hx10wKeulkQRVId0XQDqEI8Eo4xLTPIM+YkPml1oo6clK6gv/3QRXwtLGydQe2Q=
expires
Tue, 23 Jan 2024 01:42:47 GMT
alm.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/alm.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
12a3170ec516303dd7108508ec6c5b44d8fc14f906a72e03fa65771199e37b5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Wed, 04 Oct 2023 23:49:51 GMT
server
AmazonS3
x-amz-request-id
M9HQDHM0RPAYF1HW
etag
"e5db01249e0c1fafb663e0c9bd8fc134"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=191888
accept-ranges
bytes
content-length
25554
x-amz-id-2
B4nW1IFJDA/EGvLYGXKbyirNZHiVMPbkL6Z92N8zZ1I4SysI6qEQQ86ddZh+HzYWP1aiUZeEy8I=
expires
Tue, 23 Jan 2024 09:24:56 GMT
bbl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/bbl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
945b317583c8a1af77063aad1ba55e6b549ff7f36a6dd47f4633de30db9239c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Thu, 05 Oct 2023 03:57:23 GMT
server
AmazonS3
x-amz-request-id
VQWZCANAGDSXDB49
etag
"2d9b000f6804e897c1ba8b0a3dcb414d"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=527161
accept-ranges
bytes
content-length
8362
x-amz-id-2
pL+6Y+233sapaxtLRfZFEIXtL9WeqO5ZuMNhWNW9JEdaxBTNH3kKZKV3xNrimjnoX1PbUdSPRM8=
expires
Sat, 27 Jan 2024 06:32:49 GMT
alw.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/alw.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ba97fdb79551ec612f180093a000ae30f31ac9b2e82304a771ea5b502aa09352

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Tue, 17 Oct 2023 00:03:34 GMT
server
AmazonS3
x-amz-request-id
3AE9AMCSBB5R0MFM
etag
"d71494b494b70d4354daafc27389780c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=558286
accept-ranges
bytes
content-length
25676
x-amz-id-2
OF92ZjnczTpS6E4u3yabdD6Y02fbhtb7l97mh2qyEeruAm24FJowTbZmp+Mg+wXXG/xq+B3dOSA=
expires
Sat, 27 Jan 2024 15:11:34 GMT
20352597942.js
cdn.optimizely.com/js/ 		426 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.232.152 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-152.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7d9ca9b4b105ab445d92340939e202c7a8713fdcf46e5b248a256d5c3fbce09
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
qtS78y0..fdaMQ6n9DX64kORBo6MBcPv
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
9K34NZWS380DN9DG
x-amz-server-side-encryption
AES256
x-amz-meta-revision
3741
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=28, origin; dur=207, cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="104.80.232.152";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1705810009209_389422684_456270435_23426_1663_3_6_146";dur=1
content-length
129870
x-amz-id-2
0nSjbJl9SveP1UbZ3SlZzaYGZdyVbQz0kXLzp/e6v2ilC83oqh8zJucbN93RIy1AhLJk85nkJLo=
last-modified
Thu, 18 Jan 2024 06:02:14 GMT
server
AmazonS3
etag
"5b928e713afa3baf7b6233d0d4b29edc"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=0
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17058100089000.8821512811419718
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Sun, 21 Jan 2024 04:06:48 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sun, 21 Jan 2024 04:06:48 GMT
cache-control
max-age=51830
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
dd234c39b4ed235b03089bd5e0a6a61f500e4167a9c3bfd90aa706e8d54c3ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14833
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:48 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FA4BB88C26D74E3E980952C25E920B4A Ref B: SYD03EDGE1417 Ref C: 2024-01-21T04:06:49Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.107.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-107-130.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 22:11:18 GMT
content-encoding
gzip
via
1.1 1061288c3b70629c909a1e67ad3bde84.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:04:59 GMT
server
nginx
x-amz-cf-pop
SYD62-P2
age
21330
etag
W/"65838f3b-11b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
8zxbqR4UB6JRDvQdZJuLdOzfCrGde0WTHr4nbn1RmTTyFBTVCy1m3w==
expires
Sun, 21 Jan 2024 22:11:18 GMT
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/v2/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b828e919c2ff55a336488d2ac02c554c1b69b0b662e2e0e6cb230f0e47cd4b6d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"e236ed52e7bb1e63b0dcc1b88d05734d:1705297966.932211"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=41335
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=35179
content-length
9944
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jan 2024 04:06:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57023
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vUi+TQV5T4nr6/ygPVMDWceAfbaMALj6UfEm3chywtgbiP+/U4VeofdIulyGiQKYUlyKWgApEwWCf81gZaeLgA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-6.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 03:51:53 GMT
Content-Encoding
gzip
Via
1.1 8eb3faf3f05da0ac024b118287e8d2bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD1-C2
Age
896
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
5kBIkPa7ghtqmYZGyz-YqXvN115NY1DQEWWggal07wclYzSdxhYyCw==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2024-01-21T04%3A06%3A48.919Z&country=au&newsconnectId=&fpid=48db39809cdae2a0564044c5fccc5f44
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.62.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-62-181.compute-1.amazonaws.com
Software
/
Resource Hash
21762b7c0a9bc4f20de49bfe3aad971f27e672a5b2baab7a0772a16624cff864

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b3077783c51c8729efd59143c4a9fdb4810e0651c4ccc802f0019a4aa3a2ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
j.n5VVWUYHp4cv6T.uDeK2W66z7OOX6n
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
68N9T1XSKNYFMD73
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
520
x-amz-id-2
kQ5TJuWdRVZENoXVlBzfyi/eeUCfJVoE6JBC5J/0IRdFzpbBe1i4hXTqAbOnUB1PcB43vsGpkKU=
x-served-by
cache-bfi-krnt7300081-BFI
last-modified
Wed, 03 Jan 2024 06:33:20 GMT
server
AmazonS3
x-timer
S1705810009.371301,VS0,VE0
etag
"823a344e9117258edc1d49163ab152bf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
2043
id5-api.js
cdn.id5-sync.com/api/1.0/ 		113 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
KJBKMGSJW2VQKR95
age
2863
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
848cafcefb6da7f9-SYD
x-amz-id-2
qQ5MQWd9QJwFXK+KgE3pt2qavQSKr9JiyAuJJp1nkGnssbtq6kQq4yVFQ3rZhoF7hEOtKvLgkNo=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Mon, 17 Apr 2023 14:27:15 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Sun, 21 Jan 2024 05:06:49 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a274dbe4a9a49f23e9a2822ac546709e:1673918295.329898"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=21237
content-length
2302
tad.js
tags.news.com.au/prod/tad/ 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ac7a7e3cca7249de345b8285948fc3c75c4feb3d4e3910b771bf2d66026b5b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2a2d2d810080be11dfcffe5fb8600ca9:1702862244.501948"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=28195
content-length
36254
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
9aec0fede341e426aa4a07e3b0d310508c48ab0f0dbe595b038cc79797cb3190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29472
x-xss-protection
0
server
cafe
etag
436 / 19743 / 31080520 / config-hash: 15866861927224639442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 04:06:49 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:27:41 GMT
content-encoding
gzip
via
1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront), 1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:25 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P1
age
2349
x-amz-server-side-encryption
AES256
etag
W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
RjuWoNdIvQXn6FtOUOQhZ4ICYWqb_uhrV1MKJSIDh7146SPPMspM5w==
prebid.js
tags.news.com.au/prod/prebid/ 		346 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
829988b63aa7ef15d7a2ffd3d8390bbc76abd7553d2a6e24a7b6e3f70a2aec55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"7ce90d5d6daf66e57ee1d20499435b62:1705279101.506604"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=22287
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-100.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2153668c8343c17f860ac3b1cd600c6d54fb38ec1fe13f324c7fb84442a7b6f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
J6FEzEyJjlZBBPumD9iHkMvJTC0b07IL
content-encoding
gzip
via
1.1 adb4605fb7528573053aec50d6f562c8.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 03:55:33 GMT
last-modified
Thu, 14 Dec 2023 12:35:34 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
677
x-amz-server-side-encryption
AES256
etag
W/"7a27c45ed0f54c936bbe8a794411dfc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
emsSwwAbMO-pURMhVKsBRr0kq0TVwrJ492_lZTFJYhrDkrGPVbnHKg==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a4d545738370d0190c0629df2efd5a552b3fd857e728ff0340374f8067e56e21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:48 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"6c8aeb614c060f84428a8a10b20e9537:1705386743.678321"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=52383
content-length
6308
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5b5c5a477fbef8dbdb68a01bd234d5dda7c05e221cedd93c198a362ff81758

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Jan 2024 03:37:24 GMT
server
cloudflare
age
1765
cf-polished
origSize=6056
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tm8KrONdDJzwMMVHs4MOBFW8%2FVKvad4QUu4xGRnkUbMx9t0v%2Btv24SzDlWE8gjRwWBPaeUxWv5geHCblS5Vwz%2FUMOYHXNtqQgpA9GY5G5U6td%2B9OlGbvGeyrhVZ8er9CYKH7eQEd"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
848cafd06cc2a808-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e87324ef196741f0048501fcda4f505b67464e010724be71f2eb917c0a3561a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
StjkVVdMvyiVmVM8W3fO1oWrBfR.jZZQ
content-encoding
br
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 04:04:31 GMT
last-modified
Thu, 18 Jan 2024 06:32:42 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
138
x-amz-server-side-encryption
AES256
etag
W/"619ac22e398a2866cd5581118f42b9a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
LEO_PPLIK3TkC1D9ypo4RUADjJYS-d9Q5DwAnXuh8a42UFGxbWtq1A==
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c45d49e8fa7d77cdc64b71878344b69b3cf73f9048ab5ad6c43866d2cb6838f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
mRetSBfhkjYVCyjcfMm4Vqcz05H04em0
content-encoding
br
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 04:05:08 GMT
last-modified
Thu, 18 Jan 2024 06:32:43 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
101
x-amz-server-side-encryption
AES256
etag
W/"006fa9c2f143a1c1a020c38a76dc6513"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
I3_Btri1OQZF3cjMBOaUM_-PMJfQVhOInQtgzSyBpKO1ptTymisM-w==
utag.1211.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb2691182293eff7b053a4b4973de4b4338774394d025b3d2534e0d04eea388f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
tYXKui8MYbjqMoHxpDw98JpAjUvhcfpQ
date
Sun, 21 Jan 2024 04:02:40 GMT
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
248
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
608
last-modified
Thu, 18 Jan 2024 06:32:42 GMT
server
AmazonS3
etag
"210813fa707bf152f002f480cd778782"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
x-amz-cf-id
_NAK-y_onxu1szqKVw79SnKW8kgn8ECaqrlKy4fKeCfJvr0k4liOkg==
pixel_93e7ec
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_93e7ec
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/93e7ec
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
date
Sun, 21 Jan 2024 04:06:49 GMT
blaizehappened
true
x-pathqs
TRUE
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_93e7ec&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=48db39809cdae2a0564044c5fccc5f44
x-arrrg4
https://www.heraldsun.com.au/
content-length
0
2988.js
script.crazyegg.com/pages/scripts/0018/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2aaeffffa6cdaba55276ee74c7b0d5028c79d369fb95cd978049f343a3972d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
111289
cf-polished
origSize=6112
ce-version
11.5.172
cf-bgj
minify
last-modified
Fri, 19 Jan 2024 21:12:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
848cafd07f87ab01-SYD
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-88.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ca892cbae8c423fa2517275674a017e8d6ceb3ab1cb55b0c483aedfc77f2212

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
T1Ix1vOUbfIi1tb2zBQdr87O.SE0Zyuq
content-encoding
gzip
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
date
Sun, 21 Jan 2024 03:42:07 GMT
last-modified
Sat, 20 Jan 2024 23:19:35 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
1483
x-amz-server-side-encryption
AES256
etag
W/"0e4b43d8f77050cd43b5c573505bf3a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
SDT5LZwz8_HFgUlEpCGuFsXY4PW9VKNnfMdiAtBYAzyt66D_xE-LcA==
pixel.js
www.redditstatic.com/ads/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5c4f333e017c9640455e5799950b8fbebded3b1f815debdb6f78a6bc9a599faf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 11 Jan 2024 16:53:48 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"7e21c5a8cd33b5b26adb70efa1378617"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8123
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
gzip
x-amz-request-id
XKGND0NZ509CX06F
x-amz-cf-pop
ATL56-P2
x-amz-server-side-encryption
AES256
content-length
21820
x-amz-id-2
vaHbI0o5FSMYgdPdaFYbOMSEAv6uHVsMSKgAyNtzcRFgrLIzvgo67PGjaYRJfk9obKt+U8vCrDU=
last-modified
Wed, 06 Sep 2023 14:35:36 GMT
server
AmazonS3
etag
"220840acac0b72605c541d1c968febe3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=553
accept-ranges
bytes
x-amz-cf-id
hca-17inFhrDhEHESrmINPGBV7ufa5XP4ONnOzH01FCtESc_rbD2yw==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202401180631&cb=1705810009010
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sun, 21 Jan 2024 03:59:28 GMT
via
1.1 359a113ca166631b42f31a0f2e6a1aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
442
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
K-YU7iCA9R1Bdt8kaoXEELi_tXhOW3i3Y7BQB9_ZUurHtx7u6c2ryg==
door.js
au-script.dotmetrics.net/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
5be95e759a87e17f8d8b0ec6852338e9c29fa924ccd13be21873aa3533a34f7b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"13062...251.2024012104"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
t-Tun85MjMO7EGqfxh4OrxC2TvppC8_l16QL3CIArnMgAlVKVDvGSA==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-23.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 00:59:20 GMT
Content-Encoding
gzip
Via
1.1 00f0469d54a973389150a36c64065326.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD62-P1
Age
270449
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
hTccwF6uOlehKk_NG_zRLcJCom7SnJJhLaRWepH-KossX80Cdb0H1w==
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:49 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Sun, 21 Jan 2024 04:06:49 GMT
metrics.main.bundle.js
tags.news.com.au/prod/metrics/v2/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/v2/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4d1d5973860243283b36d6b45058ea45945dc29c172b51f7e766208d14671779

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"5990b08dd051459f12486f328f976a67:1705297965.164246"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=41197
content-length
25004
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240121
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64cb89442a1c7beb6fd0c6860addccb36400ff4d9e71bb9edcb9de9bab3be45a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 04:06:49 GMT
x-content-type-options
nosniff
content-encoding
br
age
357
x-jsd-version
1.0.1941
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
861
x-served-by
cache-fra-eddf8230103-FRA, cache-bne12526-BNE
x-jsd-version-type
version
etag
W/"63c-VV/trlwRxCRit2F3Or4P3rraANQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
id5-sync.com/api/config/ 		135 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3cbb17ce946796035eb3a1d9bf9f23b21b343f0e2e6b4445802c06388bba2e3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.81.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-81-246.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Jan 2024 04:06:49 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.81.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-81-246.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sun, 21 Jan 2024 04:06:49 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 9BC3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-11.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
431
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Jan 2024 03:59:39 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 52fa887ba82513d16e3f586c3db681fe.cloudfront.net (CloudFront)
X-Amz-Cf-Id
j2OInp7y-Lye47SjZFFu7su0Yc0haH0bGpceoxI2Qb1dXzSJJVAB_A==
X-Amz-Cf-Pop
SYD1-C2
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5195
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:48:11 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1033
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 21 Jan 2024 04:39:36 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 42D3 		16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1705810009138&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e10dc16e162a41647dbffffcfa1f7352f8fabe0e25682d23020f8affce021129
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-rvLbzwhtskzjzbfQlxUfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-rvLbzwhtskzjzbfQlxUfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Sun, 21 Jan 2024 04:06:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		562 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e1d6fac818f24b4e5b81df28bebdd77a4453b729021b64d2c5cb08a03969fd83
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:04:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
28944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:04:25 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8P7xPk7LETUSrkiscNSeMvcRvrBHCB9aAs-TJG36kEeOtpHfxn49Dp5gsfmyL4Fg0d4P3-RArtx8KZD0FJt_WszUYlaXxuRrCqhhmvm-J9aW5bH9Hn4TTtdkQg1MiRzya-eXaWqfuqiT4iMl9kCt98A5SWA&sai=AMfl-YSSaASlKItMqYod-ws8C4AEpbEyDl7NaAmGIVUZlbxm4z2cGlRXLJqx13GIRdpwwJ6iu64oIaqAAGhnKD4&sig=Cg0ArKJSzPQMKOglVGzMEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20240118.39885&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:06:49 GMT
384959879014125
connect.facebook.net/signals/config/ 		143 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.141&r=stable&domain=www.heraldsun.com.au
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
963ee560123ed1702142171e8758bfbc010605d958b71dfb271443070cb52cb9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jan 2024 04:06:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37355
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
wx8vQpVn1iY0Z1nPNO9PoxxHtnZ2mnS2Tss+JYmi3cZzOFSMLvqLwaOGKTwr/7zTZQSwBFGxAj9veZu/AH48yw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
e27e04a189d40bfde1a4beeae5bab078cf587
bedsberry.com/aa72fe24e6f05fb/ 		299 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/aa72fe24e6f05fb/e27e04a189d40bfde1a4beeae5bab078cf587
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ee533f9b5f4a128d01ba3c170ea728a02705953ba7f615766aacb4c412305cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 21 Jan 2024 04:06:49 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 21 Jan 2024 04:06:48 GMT
5119
config.aps.amazon-adsystem.com/configs/ 		532 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-22.syd1.r.cloudfront.net
Software
CloudFront /
Resource Hash
85066d08f8ada283de39ac720f9c5020cc0210183e4a747e400f3dc96cbd817e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:41:38 GMT
via
1.1 bc447bebac6752b9d1351a9e5ee7d13a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
1511
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
8DC-0o21X3mmQB-Qql3MM5yU_NEYMA2T8tHNleCYFn7ImU2DJGzwAw==
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:12:22 GMT
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P1
age
3266
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
636
x-amz-cf-id
md5Lv0ekoA0jWu1-P0FiXkHhFOw45FZF5eC83-aUHirvAZZAyLiO3A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.92.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-92-138.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
date
Sat, 20 Jan 2024 22:19:45 GMT
x-amz-cf-pop
SYD62-P1
age
40999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LGXqYYHo2MTOTIUqN3AGg5i1UKtJpJ8Gkq1X37XjQIEe2JKMCHAX-g==
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sun, 21 Jan 2024 04:06:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 76E98C5519494A4AB84BB881AA3AFCA4 Ref B: SYD03EDGE1417 Ref C: 2024-01-21T04:06:49Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=291a73b9-07a8-4676-8fcf-aa210d4a0dda&sid=802436d0b81211eebab27131b6a358de&vid=80243430b81211ee9a5e1b28a519c375&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&p=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=&lt=825&evt=pageLoad&sv=1&rn=138219
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 04:06:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F5A306EBC64E48B0A62FC8DF0A866ACA Ref B: SYD03EDGE1417 Ref C: 2024-01-21T04:06:49Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		31 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-96.sfo20.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 13:45:43 GMT
via
1.1 2484d95e1962e4fa6652ac5bdc660206.cloudfront.net (CloudFront), 1.1 7a21e9c0eca084f9537ebb23906ea9fe.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P6, SFO20-C1
age
51666
x-amzn-requestid
d5f98fa7-2dc7-4f7f-921c-b4f3ea440123
x-amzn-trace-id
Root=1-65abce87-1e5350453ba90b1f029a6d1f;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
R101NGtkDoEEO5w=
content-length
31
x-amz-cf-id
GctQQOL5Uo68O5wJQgZwZ4s8z2pqmb0T9uY9BttuMFV8Fm59aHWYmA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=bSdfjDc-Vaie5hUR&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=14946&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=1905&t=BNM6cDC8u2E0DwP5uPRbD2WY2hU3&V=143&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=Dz2puKBlw1-nDANuM5B6cyeRCpHtOU&sr=external&sd=1&im=067b0ff2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.197.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-197-85.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
geo4.js
cdn3.optimizely.com/js/ 		309 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.52.246.153 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-246-153.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f89d6d9c00fc745757672bfb13512202b3538a13137945606f3c79851951a66c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Sun, 21 Jan 2024 04:06:49 GMT
Server
AmazonS3
x-amz-request-id
FY2JEW570HDCJR4E
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=34474
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
309
x-amz-id-2
Iydno6DyJ7OmBGb8Gz5a+LXIf/YDd8KaPbfr7vBpC5/57GS8RJHqwwWzHv7C5Aq3sfOafynTHHvUW7p2CWOwfA==
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame 39B5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.51.98 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-51-98.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bcd5ea3e52768c9daec64ac234488bbac1d24455a9bf61e9c2f4c39e9b52bb85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
931
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:49 GMT
etag
"a9ff176f4463d131a3856bb82fdc654a"
last-modified
Thu, 18 Jan 2024 06:02:06 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="23.198.51.98";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1705810009618_399923341_326223952_24_1552_1_5_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
yT6/ry2vmKP/mIGGVrO/PceRTeb/a0n8t0yL2X10bBnNI1e03iSqrh+zx0hGmhbpKJ7CyiPfH2A=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
689KF3R9X9J2R5JC
x-amz-server-side-encryption
AES256
x-amz-version-id
cQ3fZn_y41utliatODO_kY5HqWqqdE0m
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1705810009566&sw=1600&sh=1200&v=2.9.141&r=stable&ec=1&o=4126&fbp=fb.2.1705810009278.446930319&cs_est=true&est_source=2353117768323382&ler=empty&it=1705810009258&coo=false&es=automatic&tm=3&cdl=&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 21 Jan 2024 04:06:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1705810009566&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.2.1705810009278.446930319&cs_est=true&ler=empty&it=1705810009258&coo=false&cdl=&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 21 Jan 2024 04:06:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
97081477
www.clarity.ms/tag/uet/ 		827 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
241d7a90b4c0b91ecf1f43e0ebc018e0b66b3ca25705c3fe7567b29d6c9605cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
date
Sun, 21 Jan 2024 04:06:49 GMT
x-azure-ref
0WZisZQAAAABjKPniVNFsSKEunp87B9oKU1lEMDNFREdFMTIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
827
expires
-1
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=1d1a65e241ef2207397eae7fce15ac84&timewithTz=2024-01-21T04:06:48.919Z&country=au&newsconnectId=&fpid=48db39809cdae2a0564044c5fccc5f44
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.62.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-62-181.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
6J6ioZ4CSvlYqWfZpC_RSOjAFNvc1H2.
content-encoding
gzip
date
Sun, 21 Jan 2024 04:06:49 GMT
last-modified
Thu, 30 Nov 2023 05:29:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
etag
"1cace6cc49d6432004661d16654e37f7"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=90
accept-ranges
bytes
x-amz-cf-id
oyN8lNJSKQukpC1W3guWn_cV7-lv0Wi4_gc4F-nhVkmhsRhlGlzT-g==
content-length
1278
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1705810009587&pvs=1&pvid=d987b29b-09c9-40c2-b893-77be38c3503a&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13062
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
dotmetrics-hit-status
01 OK
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
JJEitH_T-BNzfUAQpfcoiOH1uGuLAPueaE_tK6Zzdl00s9vMJ-jAfg==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1705810009587&pvs=1&pvid=d987b29b-09c9-40c2-b893-77be38c3503a&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-129.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:44:32 GMT
via
1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
33748
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
aFmvxmrp9hAZyuslyImPd9H8Zk_nwdZeTKIjOebahR7lAADPiZte8w==
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1705810009607
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
f3daba9a3ddf58d8ff40ddea8804a7b699201a55a7d9a93600a16cf12209aa0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-apse2-2-v054-0b07f86d7.edge-apse2.demdex.com 3 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
gkXj8yJYTcw=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1564
expires
Thu, 01 Jan 1970 00:00:00 UTC
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=3049538932218008409&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D1363917837219654817$$&ns=0&rnd=3004710603&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.143.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-143-203.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5ee8d9eb05858b071e65eca79b3be556ff54005b47639e472a79b07494b7998b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2420
expires
Sun, 05-Jun-2005 22:00:00 GMT
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b44b560be04ddba3af44f712f0d53bf57af2a26c2cf38d89168030df3c8e433

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 21 Jan 2024 03:37:22 GMT
server
cloudflare
age
1767
cf-polished
origSize=58118
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjlU7on3nqVUeOxCiMeXmKtE%2BRj0fgoXKr35UTmeCAZhofXuS0AU0DjCxhzegSCBI6qoYqPZH4HJgAjR4v2PdVHb%2FJzm8jA7p6%2B0t%2FY2iGITi7NHF62lrNOcAltwE05OpWs8rAmA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
848cafd07cd5a808-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		961 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b5b5eaf2306b47b262c8ec712473894dc04865adc20f325e4733d5ca4e273d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
gzip
cf-cache-status
HIT
age
111290
ce-version
11.5.172
content-length
441
last-modified
Fri, 19 Jan 2024 21:11:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
848cafd27cc7a941-SYD
c.js
collector.brandmetrics.com/ 		0
143 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=248732
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date
Sun, 21 Jan 2024 04:06:50 GMT
content-length
0
content-type
text/javascript;charset=utf-8
script.js
au-script.dotmetrics.net/Scripts/ 		47 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=251
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
f1e5f48917032af2bcd1ff0180d41c30d2c66e850596de5d92889012546bb5f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 11:48:21 GMT
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"1da4a043c21ca45"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
i-T5pOd3gnf9wXikut3VDuMyWHkzWVudIv5MO0i6XCIuErmwd2C47g==
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 42D3 		0
207 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-jywJLjnFCMuprqdMCyGxLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1705810009138&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-jywJLjnFCMuprqdMCyGxLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/ed=1/rs=ABXTjI4kom1xSKBZt1Z_n_HWLxHO26DF_A/ Frame 42D3 		745 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/ed=1/rs=ABXTjI4kom1xSKBZt1Z_n_HWLxHO26DF_A/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1705810009138&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jan 2025 02:23:41 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AB... Frame 42D3 		198 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1705810009138&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
02a8a793472ec4c530efc75a259ac3ccafad18a1f56e68932ea3d8a2daac8481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71445
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 01:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:16:59 GMT
/
geo.privacymanager.io/ 		31 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.74.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-74-96.sfo20.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 13:45:43 GMT
via
1.1 2484d95e1962e4fa6652ac5bdc660206.cloudfront.net (CloudFront), 1.1 7a21e9c0eca084f9537ebb23906ea9fe.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P6, SFO20-C1
age
51666
x-amzn-requestid
d5f98fa7-2dc7-4f7f-921c-b4f3ea440123
x-amzn-trace-id
Root=1-65abce87-1e5350453ba90b1f029a6d1f;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
R101NGtkDoEEO5w=
content-length
31
x-amz-cf-id
KmBpqRSZH4C1bFCiYuL4oGq9q3yEy6OqfftmKZHnERThnbHEhGPgdw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6ImQ5ODdiMjliLTA5YzktNDBjMi1iODkzLTc3YmUzOGMzNTAzYSIsImRjIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwidHpPZmZzZXQiOi00ODAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1705810009807
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-41.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
c5028b188ad27092142879b6756c5f24314139311815f2f57dc97c7d36a44a7c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
6meCVMshUZUEw0D9ou0aCOq83Fa5FzKiGS9R3CYoo8lPLA3gnDuMUA==
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
291 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
09fe0b6d97e865973cd45575e59938eea863d06492ee6a0bf3df30774f73ca21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-88.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 03:25:06 GMT
x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
2504
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
EhLOaqT6vYCxmT-uSefnaALMeVOF5zyvjIQzQz4aKyemVzkpDh35RQ==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame E62E 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-88.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
343
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 21 Jan 2024 04:01:07 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
x-amz-cf-id
4TcxVofRmKlVYeWvItVnWpQu008WV1KTjcf7CRfuaWb2to76h1VTIg==
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.81.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-81-246.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Jan 2024 04:06:49 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.24.81.246 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-24-81-246.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sun, 21 Jan 2024 04:06:49 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
7751a9fdb6554687b3389ee96763258216ef691a9b
bedsberry.com/af00f84d93/ 		3 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/af00f84d93/7751a9fdb6554687b3389ee96763258216ef691a9b
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sun, 21 Jan 2024 04:06:50 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-bvvt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sun, 21 Jan 2024 04:06:49 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame E62E 		44 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009&c16=sdkv,bj.6.0.0&uoo=&fp_id=llvtxb8bdjvolmi2gwpicvksrhzy71705810009&fp_cr_tm=1705810009912&fp_acc_tm=1705810009912&fp_emm_tm=1705810009912&ve_id=&c30=bldv,6.0.0.673&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.62.123.0 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-123-0.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009.nuid.imrworldwide.com/ Frame E62E 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 17:55:00 GMT
via
1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
36711
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
LnCFATbUk_AoZvZhF6J_zCRjl8SoppsCVLlSbX4Dkd18XAMrrPSSIg==
dest5.html
newscorpau.demdex.net/ Frame BA45 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 21 Jan 2024 04:06:50 GMT
dcs
dcs-prod-apse2-1-v054-08b772d16.edge-apse2.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 20 Nov 2023 15:48:12 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
IK/7JrJZS3s=
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=08620609435615307024607362925462446777&ts=1705810009972
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-170.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZayYWgAAAFNKrwN9
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=08641750116573051724609479775623132067
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZayYWgAAAFNKrwN9
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZayYWgAAAFNKrwN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-046600ac8.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
qLS2LniQTfg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZayYWgAAAFNKrwN9
Date
Sun, 21 Jan 2024 04:06:50 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 12:38:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
55709
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138162
x-xss-protection
0
server
cafe
etag
1666572220375911148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 19 Jan 2025 12:38:21 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=08620609435615307024607362925462446777&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%0148db39809cdae2a0564044c5fccc5f44%011&ts=1705810010014
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
422fff1f81eab2ceda5bbb8fdc6aea7eef436c8d1dd5bd35c6269013e6267ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-apse2-1-v054-064b4649a.edge-apse2.demdex.com 3 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
pIgq0NhKQps=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1564
expires
Thu, 01 Jan 1970 00:00:00 UTC
s59541333816898
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s59541333816898?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=21%2F0%2F2024%2012%3A6%3A50%200%20-480&cid.&newsnkidcookie.&id=48db39809cdae2a0564044c5fccc5f44&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=48db39809cdae2a0564044c5fccc5f44&mid=08620609435615307024607362925462446777&aamlh=8&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D9%2Cevent18%2Cevent63%3D21&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Cnative%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=3%3A06%20PM%7CSunday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=21&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=48db39809cdae2a0564044c5fccc5f44-00000000000000000000000000000000-1705810009004-393249&v110=2024-01-21%2012%3A06%3A47&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-177.data.adobedc.net
Software
jag /
Resource Hash
2c22a9522b2a5b68a8ece54d4874ab1da85b34946cd98868705ed010cdb6e751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-aam-tid
zoDbE1lBRhY=
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-apse2-1-v054-0dacef82c.edge-apse2.demdex.com 5 ms
pragma
no-cache
last-modified
Mon, 22 Jan 2024 04:06:50 GMT
server
jag
etag
3663199104503775232-4617939547752557497
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sat, 20 Jan 2024 04:06:50 GMT
pub
pixel.adsafeprotected.com/services/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-fluid-1,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=7753650c-ff53-d72c-83e1-c468578cb729&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.50.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e6d24277cf1bb2891a7cbb2e55730e596104d6e606f68ef5b4e471c07d965ff4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
server
nginx
x-server-name
app12.au.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		113 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=ErFq2b3ABufrh&cb=0&ws=1600x1200&v=24.116.2102&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
via
1.1 c7cd0041811f30bfd9c4a00e82b6a3c8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
uQrVbxjtJKe-lKdtugWzGYIMZddxvQWQZ7d5-OMfgC1KsO6QglQG5g==
esp.js
cdn.id5-sync.com/api/1.0/ 		114 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
Z4EVM533TT4E5CJP
age
2347
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
848cafd32f57a7f9-SYD
x-amz-id-2
TrUD0uEFXS+++R52N5rDaQFByvKy6EFMD2qGSoLL2iSCDu8rkAj/jZUoqxg09bVCbbgFa6+94Jk=
ibs:dpid=358&dpuuid=2910383275664022864
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=2910383275664022864
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2910383275664022864
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-015882936.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
MVWX/4WaT64=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
an-x-request-uuid
870e66a7-c084-46fb-9cd0-52d9e1a06afe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2910383275664022864
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:49 GMT
content-encoding
br
last-modified
Thu, 18 Jan 2024 15:10:56 GMT
etag
"0x8DC1837ABBF2420"
x-azure-ref
0WpisZQAAAACsv/ATMmCXSJk5kHh/GDxPU1lEMDNFREdFMTIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6d57d744-801e-0015-03fe-4b3968000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
increment
id5-sync.com/api/esp/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
prebid
ads.playground.xyz/host-config/ 		0
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
61b2cbbe-997e-4155-b93e-a9348cfd40d3
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1a2e8a6f2056c27ec7da88d70dfacd8ac07bad116afc1b3ae0478b397077e4

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTG%2BCUWri8wX9j2rv8TSXa1TC5G9JeO4vuAMi1eExWmrreshall6zjoq5Zd4Yuejxq3Jj%2F%2FgX7ywI98t0w3AZbIMCzqaQH8Cq6ApkGeMmEzK4FCQ%2FWZaUqJHigjkUFU8wH4Hx4Zk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
848cafd3d8555515-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
bid-request
a.teads.tv/hb/ 		16 B
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.35.161 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-35-161.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 Jan 2024 04:06:50 GMT
prebid
ib.adnxs.com/ut/v3/ 		482 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6fc12551a010cc55eb5348e610e9d952c3cd4e881dddc96b66ee051282cd9a03
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
an-x-request-uuid
506d7fd3-6bbe-4966-a01f-14c7bbcf6a79
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
482
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=86260724332&lsavail=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		480 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=339b8d77c7f7748&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.9623092875965753
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b68136e0a50da6513b6f743a2e86cc31b9e554b220147f9879bcc12d1b5df357

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
480
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		480 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=34680c6c01a8044&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.23652876449160654
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
82e40ea50c00d933436ccd0702494eda05640f2e619a9c82bbe75ddff44a7c20

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
480
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		454 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=35908210c606e5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.8397255075049492
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f771914c7f10c23153264af99672d8af8275b2af56955db6b3357800d9d687b5

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		456 B
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v8.23.0&l_pb_bid_id=3649e4db62d5b78&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.12173044186177817
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
03add71f89b98b42896817f9e17c06b20069ba5d8b6d7c0c3591aba8f1720fdb

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
456
expires
Wed, 17 Sep 1975 21:32:10 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1705810010220&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=de4db848-3f7d-41bd-a75e-fea212fecc93&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_97292340&dpm=&dpcc=&dprc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame 42D3 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
fd829029d2e658294db89024b1cdd87d2f2460abc9e5e6fa4efaed2181108ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45055
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:17:42 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame 42D3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
3fa367d34569889ac9e1e8bb31eca0070e5fc83593e767664a7df5932209ba6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1826
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:17:42 GMT
ibs:dpid=470&dpuuid=8736539291829164602
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=8736539291829164602
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8736539291829164602
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-0f84e45ca.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
hrRbizjiR+0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8736539291829164602
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
collect
x.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Sun, 21 Jan 2024 04:06:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame 42D3 		236 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:17:42 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame 42D3 		1 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
51540eb57b2c3e809c1a6f8609bb3fea3df63ef7b56787365d051e505ecf9b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
794
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:17:42 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame 42D3 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
01b5bedbf089e7be9e47f79a2d73c4270aed84ec81aebe720608ca8ab6d3b13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6507
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:17:42 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 42D3 		161 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=1088960542355569755&bl=boq_subscribewithgoogleclientserver_20240117.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=43611&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f14.1e100.net
Software
ESF /
Resource Hash
a62417467fed981763f49bba9fa1e0af37a169476b186c0bb8ea6227e2d0ff49
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L... Frame 42D3 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.Mo56SEIyXJ8.L.B1.O/am=gEFi/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI64Ci0-lrKmlswGkCUf3GIn8gZFEQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
03827037016737f57d86b93d6de8aeebd412ea68ceaebe1c5e5d588708edc2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208147
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37190
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 03:49:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 18:17:43 GMT
token
token.rubiconproject.com/ Frame BA45 		0
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=08641750116573051724609479775623132067&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 21 Jan 2024 04:06:50 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 42D3 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 04:06:51 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 21 Jan 2024 04:06:50 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 42D3 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 04:06:51 GMT
log
play.google.com/ Frame 42D3 		131 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.bt2LoGvUJn4.es5.O/am=gEFi/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI6zxl4_YuBWO5N59PIdcVQc0QePMQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jan 2024 04:06:51 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 21 Jan 2024 04:06:50 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
ibs:dpid=771&dpuuid=CAESECh9ppuZYqsVRFIG2sbJS98&google_cver=1
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDg2NDE3NTAxMTY1NzMwNTE3MjQ2MDk0Nzk3NzU2MjMxMzIwNjc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECh9ppuZYqsVRFIG2sbJS98&google_cver=1?gdpr=0&gdpr_consent=
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECh9ppuZYqsVRFIG2sbJS98&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-070b82dee.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
R4UXo5KaQDc=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECh9ppuZYqsVRFIG2sbJS98&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/ 		0
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.140.246 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
246.140.111.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
x-envoy-decorator-operation
events-smart-router.edp-prod.svc.cluster.local:8080/*
via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
bc80879c-8d2a-4f04-9a3c-641dff664eec
ibs:dpid=903&dpuuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-041923d1a.edge-apse2.demdex.com 3 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
+aa2VjTwQ9E=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
date
Sun, 21 Jan 2024 04:06:50 GMT
server
Kestrel
content-length
189
core.js
s.pinimg.com/ct/ Frame 17F0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.28.84 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
br
x-cdn
fastly
etag
"261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1836
up_loader.1.1.0.js
js.adsrvr.org/ Frame FD65 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.178.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-178-105.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 00:45:08 GMT
Content-Encoding
gzip
Via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
Last-Modified
Wed, 17 Jan 2024 00:44:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C2
Age
12102
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
XdNL6icGcgDOHtlppdUZrslQ5hHOF5DzkUH0NvXXzlfmgH8hfVOQng==
uwt.js
static.ads-twitter.com/ Frame D037 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.28.157 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-syd10127-SYD
js
www.googletagmanager.com/gtag/ Frame 7C68 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f68db8e6212a36000a6b12a495a3b4ecef287cfd1652374a083e9860ce5930f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72762
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jan 2024 04:06:51 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 41B3 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.178.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-178-105.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 00:45:08 GMT
Content-Encoding
gzip
Via
1.1 f1d7bef7d2e148025cea4670117d1f4a.cloudfront.net (CloudFront)
Last-Modified
Wed, 17 Jan 2024 00:44:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C2
Age
12102
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Xl-1A_YQ_QL7bCpMecBjoiPkZqtVQvZqY1qguHIJelf47bF3HOKfEA==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 94C4 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Fri, 27 Jan 2023 02:11:02 GMT
Date
Sun, 21 Jan 2024 04:06:51 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
6210
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-bfi-kbfi7400061-BFI
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1705810011.053940,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
16042, 179
activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5
8228261.fls.doubleclick.net/ Frame 6146
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=793952085339...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
55f0911548582dcbfec33ee6af63ba747bfe48fa13d39c163cd41920350814c8
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
918
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:50 GMT
expires
Sun, 21 Jan 2024 04:06:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111
8228261.fls.doubleclick.net/ Frame B7A7
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=723739115231...
402 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
de1a1895fea0046b65904915fa63de74df18d60bf5bb2b3063ca625af55ab7b3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:50 GMT
expires
Sun, 21 Jan 2024 04:06:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 3A19 		209 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
485154e0a8595248b8dcc3a7728bc5c1a4f112c6cc2a9b02843d064befe380ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76523
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jan 2024 04:06:51 GMT
conversion.js
www.googleadservices.com/pagead/ Frame B80B 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
bd1eeab01ddc90adab4171265ea26531a6809f200f42b5d0e00912851dc8c370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18776
x-xss-protection
0
server
cafe
etag
20545684779221730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 04:06:50 GMT
cksync
hb.yahoo.net/ Frame CDF1
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&gdpr=0&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&dpid=55953
57 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&gdpr=0&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&dpid=55953
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
23.48.97.11 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-97-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 21 Jan 2024 04:06:51 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 21 Jan 2024 04:06:51 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&gdpr=0&ovsid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&dpid=55953
date
Sun, 21 Jan 2024 04:06:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
px
secure.adnxs.com/ 		0
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
an-x-request-uuid
4d04fd86-6ba5-4957-8478-338692dead65
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:50 GMT
an-x-request-uuid
0dfb116c-fdfb-4029-b8c1-c539e6ecc402
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-30.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
wT6fTTp2Wp9x94epHzhvN-P1p94Ci8pSw_88lbs3vUKXnlu7tcYuGw==
expires
Sun, 21 Jan 2024 04:06:49 GMT
adsct
t.co/i/ Frame D037 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=b97f9aeb-6a5a-4ab3-aaea-49d64cd4c9f4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=862ce957-e193-4c02-86ce-80637447006b&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
144
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
cfc939f3dc2c1aef
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
4ab25fa9c36976112840b29936ab2783acedad59cdca54a5753bc9c73e227d2d
content-length
43
adsct
analytics.twitter.com/i/ Frame D037 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b97f9aeb-6a5a-4ab3-aaea-49d64cd4c9f4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=862ce957-e193-4c02-86ce-80637447006b&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
146
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
4ec91789741e8889
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
99205d43d74c1439ff804510f2640528975736b16a9193620c58c9a8526c964e
content-length
43
701.json
id5-sync.com/g/v2/ 		630 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
3c4f6c57ef3cab86ee4e4aa0b06703cea74a5d89e581fd540afbb570074015f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame BA45 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
iu3
s.amazon-adsystem.com/ Frame 3532
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 21 Jan 2024 04:06:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JCXDPEX2SXZ4FK5R12ZG

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Jan 2024 04:06:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QH7RK8D3SN4EQXF88SPM
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.153.252.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-252-252.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.153.252.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-252-252.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
ibs:dpid=23728&dpuuid=ZayYWtae0Cl5WRAnQkG97wAA%265025
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZayYWtae0Cl5WRAnQkG97wAA%265025
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZayYWtae0Cl5WRAnQkG97wAA%265025
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-02c1398c6.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
wWOrTaw5Rfo=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYmO639RFX86UOvrxfDDpUVSFEtGxaGlUcC9redlB81kxqCVNU4%2BbnXVbvb57Wg46TZK85nwbC045pPdx09ZFqSLcopnczY%2B8uO51fFTtifA56XIpWPyoije3t6gTQYR104kaKvU"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZayYWtae0Cl5WRAnQkG97wAA%265025
cache-control
no-cache
cf-ray
848cafd85b115515-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame B80B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1705810010912&cv=9&fst=1705810010912&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
62100636b84f08dea9a48ad2460825dbe7e35d61f0d993a081fb8edf64647633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
uid
dt.scanscout.com/ssframework/ Frame BA45 		0
0
main.43c0095c.js
s.pinimg.com/ct/lib/ Frame 17F0 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.28.84 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:50 GMT
content-encoding
br
x-cdn
fastly
etag
"1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
19076
/
ct.pinterest.com/user/ Frame 17F0 		298 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1705810010953&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
2628738130821080
content-length
173
pin-unauth
dWlkPVpUazVNR015TTJZdFpUUXhaQzAwT0dFekxXRXdNVEF0TVdSalpXWTNaamN5T1RSbQ
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ Frame 17F0 		298 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&cb=1705810010954&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1356894408925913
content-length
173
pin-unauth
dWlkPVpXSmhNVFk1WVRrdFkySmpOaTAwWkRVMkxXSmtOell0TURVNE5qZGxZV1ZtT0RVNA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=08641750116573051724609479775623132067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=08641750116573051724609479775623132067&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-0f9397541.edge-apse2.demdex.com 0 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
zrc2eCeNS4U=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
104,303
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Sun, 21 Jan 2024 04:06:51 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7d480c568161ab0f058ba6393348d1a1ab938c29970cf43571b5f89c4a69fe84
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5
adservice.google.com/ddm/fls/z/ Frame 6146 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgyMjgyNjEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2hlcmFsZHN1bi5jb20uYXUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVn...
ad.doubleclick.net/ddm/activity/ Frame 6146 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgyMjgyNjEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2hlcmFsZHN1bi5jb20uYXUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBDT05WRVJTSU9OCmRlYnVnX2tleTogMzY2MTkwNjUwMDQ0MzA1ODYzNQpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDUKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA3OTM3ODEzCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIxIgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAxMjg3Mjk0NjczMzg3NTYwODg4NAo
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNuLgL7N7YMDFdvJFgUdfIwGcA;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7939520853396.5?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"12872946733875608884"}],"aggregatable_trigger_data":[{"filters":{"14":["7937813"]},"key_piece":"0x30dd8559988f15f5","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x90d23cd812e284d","not_filters":{"14":["7937813"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["7937813"]},"key_piece":"0xc99924bcb73b31be","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x5b261ee52e4cc447","not_filters":{"14":["7937813"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"3661906500443058635","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"12872946733875608884","filters":{"14":["7937813"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"12872946733875608884","filters":{"14":["7937813"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"12872946733875608884","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"12872946733875608884","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8228261"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111
adservice.google.com/ddm/fls/z/ Frame B7A7 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CMaMgL7N7YMDFSPIFgUdXaAF8A;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7237391152312.111?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame B80B 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1705810010912&cv=9&fst=1705809600000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_Sbk2mBV2sF3UOkibt7LJjxkTydvNcj7HzATLLyHkc2oz8joH&random=422215460&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame B80B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1705810010912&cv=9&fst=1705809600000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_Sbk2mBV2sF3UOkibt7LJjxkTydvNcj7HzATLLyHkc2oz8joH&random=422215460&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixie
ib.adnxs.com/ Frame 94C4 		42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1705810011125&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1705810011125&et=1705810011126&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame BA45
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=08641750116573051724609479775623132067
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08641750116573051724609479775623132067
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08641750116573051724609479775623132067
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.37.23.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-23-212.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
beacon-n013-pdx-prod.krxd.net
date
Sun, 21 Jan 2024 04:06:52 GMT
cache-control
private, no-cache, no-store
x-request-time
D=58 t=1705810012
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=08641750116573051724609479775623132067
date
Sun, 21 Jan 2024 04:06:51 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a021-ash-prod.krxd.net
/
ct.pinterest.com/v3/ Frame 17F0 		35 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&tid=2612777586108&cb=1705810011229&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
alt-svc
h3=":443";ma=600
x-pinterest-rid
6154621677492587
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame BA45
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=08641750116573051724609479775623132067&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
54.66.223.253 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-223-253.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-0330f6318.edge-apse2.demdex.com 0 ms
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
rtVrcg5KSFE=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
303,104
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Sun, 21 Jan 2024 04:06:51 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 3A19 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1705810011292&cv=11&fst=1705810011292&bg=ffffff&guid=ON&async=1&gtm=45be41h0v9100984934&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&frm=1&auid=83492687.1705810011&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
afe27501598b040ca0d26df43c834981e317ca9d82ec6445eff4bd646e7611a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1261
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.112 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.23.120 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.22.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.88.178 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.112 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.37 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.22.38 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.187 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
pixel
cm.g.doubleclick.net/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmF5WVdnQUFBRk5LcndOOQ==
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmF5WVdnQUFBRk5LcndOOQ==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705810012.594785,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmF5WVdnQUFBRk5LcndOOQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 7C68 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1705810011363&cv=11&fst=1705810011363&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&frm=1&auid=83492687.1705810011&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
b8ac9bc919e3c2ddf824ebcdc9b70e0dfb573d21d1d82537fa9cabb74c70770c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 3A19 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1705810011292&cv=11&fst=1705809600000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v9100984934&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_qLrq4a0GWZXUABTj7lClhSkYKjvirutOtiST37i2U06_4l51&random=2464609491&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 3A19 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1705810011292&cv=11&fst=1705809600000&bg=ffffff&guid=ON&async=1&gtm=45be41h0v9100984934&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_qLrq4a0GWZXUABTj7lClhSkYKjvirutOtiST37i2U06_4l51&random=2464609491&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZayYWgAAAFNKrwN9&expires=90
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZayYWgAAAFNKrwN9&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705810012.594899,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZayYWgAAAFNKrwN9&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame 7C68 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1705810011363&cv=11&fst=1705809600000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_KVohRfPKXEeUixVi9CGsFAc4UbgKLt31iEAEWaE6reF52v5l&random=239196266&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 7C68 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1705810011363&cv=11&fst=1705809600000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_KVohRfPKXEeUixVi9CGsFAc4UbgKLt31iEAEWaE6reF52v5l&random=239196266&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZayYWgAAAFNKrwN9
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZayYWgAAAFNKrwN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfzuMdtXmSDd0uCI47g50RT1NC%2BqXh2IJTlfqw2B1B7JBC1slZ0FQ%2B516avHgp8hG7p3Ox1mCsv4B1jMRuohSOks7vImJGoVhJ8L8jG1MW6dqyUn3p4XQglFPxQB54GfVPF7DOLJtv%2FgpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafdc8d955515-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705810012.594909,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZayYWgAAAFNKrwN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pr
s.amazon-adsystem.com/v3/ Frame 039E 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a6515fbd1a531084eaed1d484d70f4f43a7d79df9f60fc260b8973f034dad45c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 21 Jan 2024 04:06:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0JWEM0MH0A6GGC9DQGFK
ct.html
ct.pinterest.com/ Frame E5C4 		565 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:51 GMT
pinterest-version
2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1381186066734335
up
insight.adsrvr.org/track/ Frame 7806 		1023 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
68feb347199af0bba16467c33e95d94e76d6340d8572910030a12d34e46fabbb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 21 Jan 2024 04:06:51 GMT
server
Kestrel
vary
Accept-Encoding
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 7806 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.178.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-178-105.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 17:33:45 GMT
Via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
Last-Modified
Wed, 17 Jan 2024 00:44:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C2
Age
37987
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
l7CytVfQky0hNRJqieKaVHLF9ZNgNfWa2IuFSLMsmUUcVOyuh3X3Ww==
up
insight.adsrvr.org/track/ Frame 7065 		724 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
46c87b8ee3132d1162b7e1fe4c26cff5759a4ce660c38736815fd9e815879982

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 21 Jan 2024 04:06:51 GMT
server
Kestrel
vary
Accept-Encoding
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 7065 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.178.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-178-105.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 17:33:45 GMT
Via
1.1 ac2d783151ad01d001afb8d6b8b16550.cloudfront.net (CloudFront)
Last-Modified
Wed, 17 Jan 2024 00:44:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C2
Age
37987
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
YWVvhe8iQt9190ZxorgxVljSe0Di8ou_-rrgSW5BhKYB6A9o4c7Xfw==
setuid
ib.adnxs.com/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZayYWgAAAFNKrwN9
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=ZayYWgAAAFNKrwN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
an-x-request-uuid
eb0f1c5d-cf02-4eb7-a699-84a742a64dd7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705810012.674862,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=ZayYWgAAAFNKrwN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 6EAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MWYxYmY5ZDMtZjA1MC00MDM3LTliMGQtYjA0NjIyOWU3MWZl&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b0462...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&google_gid=CAESEIzrC0u6J3mxZ07s30kKWBY&google_cver=1
70 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&google_gid=CAESEIzrC0u6J3mxZ07s30kKWBY&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:51 GMT
server
Kestrel

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=1f1bf9d3-f050-4037-9b0d-b046229e71fe&google_gid=CAESEIzrC0u6J3mxZ07s30kKWBY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 040B
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:52 GMT
server
Kestrel

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame AFE3
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1f1bf9d3-f050-4037-9b0d-b046229e71fe&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
70 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:51 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 21 Jan 2024 04:06:51 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
syncd
x.bidswitch.net/ Frame 4022 		43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:06:52 GMT
Server
nginx
rum
dsum-sec.casalemedia.com/ Frame 188B 		43 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&expiration=1708402011&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848cafdd0dcd5515-SYD
content-length
43
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRqKYRJty3UHYTIoZ663uXVgtK%2BluOKtTnO7RyI%2BSafrlp%2BJnWdAxmNwaGni6IIA06EN9XOod247JZ7dxPNqD4jBHVHa6BeiOp01IoYaPmaZWBVGVJoqzEQTVaZLv4XGUux87grBk0%2FWHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZayYWgAAAFNKrwN9
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZayYWgAAAFNKrwN9
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZayYWgAAAFNKrwN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZayYWgAAAFNKrwN9
date
Sun, 21 Jan 2024 04:06:52 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
usermatch
ssum-sec.casalemedia.com/ Frame BE43 		2 KB
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4e10129f7f91b46bde28b59066a42b38941d9503956ef28a1ad88d0cf8c1ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848cafddae225515-SYD
content-encoding
br
content-type
text/html
date
Sun, 21 Jan 2024 04:06:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbYG%2BRa%2FACfNtFk0CpI5lznrFZ6hMKcfPksiqBK0KLZEDiOmwHcJSlPkREXtmMMlBeicMMmNLB%2FT63DEQ4fTc5%2Flaq7KPoXo%2BTOXMEW6qKmW2rrb9bRusPoZuLCjKqor7EGOBl3jMWEJkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F525 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 04:06:51 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57F5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154823
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 21 Jan 2024 04:06:51 GMT
expires
Mon, 22 Jan 2024 23:07:14 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 57F5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28567413&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
5295b849d0a9aca0c8ae21a716dabd0a99819f437b3ce2eee366b96835d2d595

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 Jan 2024 04:06:52 GMT
content-length
1672
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame F525 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8c7e53b982d18cb4565c9b9d0b668373d6e32cc0feca44ef402476f77845bf3f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 16:27:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44435
Connection
keep-alive
Content-Length
10965
Expires
Sun, 21 Jan 2024 16:27:26 GMT
khaos.json
token.rubiconproject.com/ Frame F525 		7 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
Pug
image2.pubmatic.com/AdServer/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZayYWgAAAFNKrwN9
1 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZayYWgAAAFNKrwN9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705810012.905062,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZayYWgAAAFNKrwN9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
35759
i6.liadm.com/s/ Frame BE43
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZayYWtae0Cl5WRAnQkG97wAA%265025&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZayYWtae0Cl5WRAnQkG97wAA%265025&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=25aae4be733c409499518f410527da90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
  • https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
  • https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
3.233.89.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-89-241.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=1f1bf9d3-f050-4037-9b0d-b046229e71fe
Date
Sun, 21 Jan 2024 04:06:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
usermatchredir
ssum-sec.casalemedia.com/ Frame BE43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNfA5hvKh3ISl2EPjayB2c&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNfA5hvKh3ISl2EPjayB2c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afJdSx0JeYJ2KP%2Fmd7VJw%2B4aNZtDziXCQhryvgbpIbg1LNc2ApW5EpuaYiz6iYkuRsbZfzBhygNOYshwZRu4XzRLOPZrT%2F9xTdjY9Jld6AdfTx1cJ9Ncoh9fEggdYvwKEZ6PtCOTLrR3Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafdf0a675c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNfA5hvKh3ISl2EPjayB2c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BE43
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZayYWtae0Cl5WRAnQkG97wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1j%2F27LDMRvcuXz4bbzG12JGrPihA9at6%2F0ekCy3Ui0LthrS2FEfqWt5wC2%2BCCxeVbmEU1qqby7%2BTuaSk814x52zlg5UheLeH2g2FQH6qqDCBtW5wkp9H7DSymsdmCsZkZqv4Hj%2Bh3bQ%2B%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafdfeb695c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BE43 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HPMQZ87PHEE1X9V0MPJ9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BE43
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://b1sync.zemanta.com/usersync/index/?gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=2&us_privacy=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=VHSIHqduF1F18rksZIHX
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=VHSIHqduF1F18rksZIHX
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GiOs%2FDNhLMe4YZreeUmLY0nlRayv5Mw67b6MRewQ521A%2BRMP42pbx%2BIbu%2B9ab7SW4fRboi7Q1a1pc%2BQDMPyYI4nq1BqzF41d2Cg1N%2FLSKWrHdgbEuwm6NzZR4SgSIKLi81ygM9BZRyMRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafe48ff85c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=VHSIHqduF1F18rksZIHX
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BE43
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
54.255.42.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-175.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
date
Sun, 21 Jan 2024 04:06:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame BE43
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=514b8e45987845539092ebfcaf572fcc&expiration=1708402011
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=514b8e45987845539092ebfcaf572fcc&expiration=1708402011
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t0Cm1fbp021SxW5eWBTHm%2FBrw19M7ovTifPcZZEqtPREOkJftL5OXoXxXmvHqUE8Agw3gsHv34DVQEgYJsTOLA95sTCMoACfW6Fp5javHeq%2B9ImJQWNi7tea61oOv47BD6Z4fJsbk5y4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafdf5abc5c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=514b8e45987845539092ebfcaf572fcc&expiration=1708402011
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BE43
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721534812&external_user_id=9146fec3-8859-4bf3-b054-b3d62392dc7e
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721534812&external_user_id=9146fec3-8859-4bf3-b054-b3d62392dc7e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1au6FfN%2Byn97UuTbkyIQ0gY7HuYJCKrlYd%2BKK0PftXUV2vBTbf%2FPsX5SknUDvo1ulkyn5mW22hEISE29sTtTkc%2BaQXxDjL0t3mCBu7yh91RP%2F6HKHlCIi2jks2Qm3OnAOA1RF9uSBwZNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafe06bc35c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sun, 21 Jan 2024 04:06:52 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721534812&external_user_id=9146fec3-8859-4bf3-b054-b3d62392dc7e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ecm3
s.amazon-adsystem.com/ Frame BE43 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RE3F9B61NR5Y991NMN1V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=llvtxb8bdjvolmi2gwpicvksrhzy71705810009&fp_cr_tm=1705810009912&fp_acc_tm=1705810009912&fp_emm_tm=1705810009912&ve_id=&sessionId=esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,ixt6brnrr5qq9szc8j19jknasyrqr1705810009&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17058100099082611&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1705810009008&c3=st,c&c64=starttm,1705810011&adid=1705810009008&c58=isLive,false&c59=sesid,&c61=createtm,1705810010&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1705810010&rnd=402619
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.62.123.0 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-62-123-0.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:51 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F525
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LRMZ8K4O-1W-DC23
  • https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1RHEKQR0093A71P0BJG9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
partner
sync.search.spotxchange.com/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZayYWgAAAFNKrwN9&img=1
0
0
pixel
cm.g.doubleclick.net/ Frame F525
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJNWjhLNE8tMVctREMyMw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDOtM31IxN5dlgZ8FISkisQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame F525 		70 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
aax-eu.amazon-adsystem.com/s/ Frame F525 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MKK82W88JQ81N5M7FMBM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F525
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7K0EKW6CDESTNQBSYCPB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRMZ8K4O-1W-DC23&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Expires
0
tap.php
pixel.rubiconproject.com/ Frame F525
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/KIFolb3kO8w_TguG93VjDMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4o9Bw3dE2oJS8JvkpkG5YYuidtAAqSZnDFidVA--~A
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4o9Bw3dE2oJS8JvkpkG5YYuidtAAqSZnDFidVA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4o9Bw3dE2oJS8JvkpkG5YYuidtAAqSZnDFidVA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame F525
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V4T_vgTLTEW1EykWUirDOQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V4T_vgTLTEW1EykWUirDOQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V4T_vgTLTEW1EykWUirDOQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TPF73340XS8GT870RX9E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V4T_vgTLTEW1EykWUirDOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F525
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWRjMzY1ZmIwYjMzMTAwZTRmMGUzYjdlNjIwNWNiZDMxMDEwNDZkMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWRjMzY1ZmIwYjMzMTAwZTRmMGUzYjdlNjIwNWNiZDMxMDEwNDZkMg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWRjMzY1ZmIwYjMzMTAwZTRmMGUzYjdlNjIwNWNiZDMxMDEwNDZkMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame F525
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMZ8K4O-1W-DC23
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMZ8K4O-1W-DC23
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C6C25D2DC243492B855F2408B320F18F Ref B: SYD03EDGE1517 Ref C: 2024-01-21T04:06:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPbNffRpHs4OlRumExwA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRMZ8K4O-1W-DC23
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame F525
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKe3VM89guLlEyTptLuMK90&google_cver=1
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKe3VM89guLlEyTptLuMK90&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKe3VM89guLlEyTptLuMK90&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F525
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXdi07LWTEAABRrlV6AgQ&expires=30
42 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXdi07LWTEAABRrlV6AgQ&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAXdi07LWTEAABRrlV6AgQ&expires=30
Date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame F525
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LRMZ8K4O-1W-DC23
  • https://ce.lijit.com/merge?pid=80&3pid=LRMZ8K4O-1W-DC23&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LRMZ8K4O-1W-DC23&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:52 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LRMZ8K4O-1W-DC23&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame F525
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LRMZ8K4O-1W-DC23&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LRMZ8K4O-1W-DC23&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LRMZ8K4O-1W-DC23&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
848cafe45b2e5587-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 21 Jan 2024 04:06:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LRMZ8K4O-1W-DC23&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
848cafe30ab55587-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame F525
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRMZ8K4O-1W-DC23
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMZ8K4O-1W-DC23
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMZ8K4O-1W-DC23&ckls=true&ci=liv68Igknc&nc=false&trid=-1935263615
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMZ8K4O-1W-DC23&ckls=true&ci=liv68Igknc&nc=false&trid=-1935263615
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
18.67.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-44.syd62.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
sVSjPBI7y7KBBjClNhbVRuOt-i63gf2GQKtR00PisNM68uk8HjFU8A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
via
1.1 eb3589b1230a45883fc0813bdb92ed5e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LRMZ8K4O-1W-DC23&ckls=true&ci=liv68Igknc&nc=false&trid=-1935263615
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
81N3eWj7MzZ51Gzdv-nIvSiEgQecCJNNYoNGFXiSAPViyHdfrs0qxg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
magnite
prebid.a-mo.net/setuid/ Frame F525
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRMZ8K4O-1W-DC23
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRMZ8K4O-1W-DC23
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
131.153.206.100 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRMZ8K4O-1W-DC23
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
cksync
hb.yahoo.net/ Frame F525
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRMZ8K4O-1W-DC23&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRMZ8K4O-1W-DC23&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&ovsid=LRMZ8K4O-1W-DC23&dpid=58160
57 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&ovsid=LRMZ8K4O-1W-DC23&dpid=58160
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.48.97.11 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-97-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sun, 21 Jan 2024 04:06:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Sun, 21 Jan 2024 04:06:53 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS0ybEZYbFVKRTJ1RWZkT21Ja05lMlJHbncxMXlIZFhqVX5B&ovsid=LRMZ8K4O-1W-DC23&dpid=58160
date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame F525
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMZ8K4O-1W-DC23
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMZ8K4O-1W-DC23
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
an-x-request-uuid
c1bb4cd0-b97c-4d14-be31-3b2a8d0f5f26
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRMZ8K4O-1W-DC23
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
b.php
www.facebook.com/fr/ Frame BA45
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZayYWgAAAFNKrwN9&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZayYWgAAAFNKrwN9&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
date
Sat, 20 Jan 2024 20:06:52 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
public
x-fb-debug
Ow4cL8fHBMrH4nsEcI85Gj+nNwURUM4OT4j3rQNWwj+UCALZshWWFXf4Tjf5QGQNPtVUDGUsdkVU1EFNSXz3Ow==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires
Sat, 20 Jan 2024 20:06:52 PST

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705810012.115932,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZayYWgAAAFNKrwN9&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1769
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336f65ac-985d-4200-b1cc-76e4b0e64f16&gdpr=0&gdpr_consent=
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336f65ac-985d-4200-b1cc-76e4b0e64f16&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:07:15 GMT
Expires
Sun, 21 Jan 2024 04:07:14 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1237 600843f master iad iad-pixel-x8 config_version:"2538"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:336f65ac-985d-4200-b1cc-76e4b0e64f16&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 9B54 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:06:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W962JWGPEK95V4JM00SG
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kH-fybSnT-KSyacE_9ySfw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=154822
accept-ranges
bytes
content-length
5622
expires
Mon, 22 Jan 2024 23:07:14 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 57F5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=58d11282-6a19-4723-9e65-ea966d9c9d2c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&ttd_puid=58d11282-6a19-4723-9e65-ea966d9c9d2c%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&ttd_puid=58d11282-6a19-4723-9e65-ea966d9c9d2c%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1f1bf9d3-f050-4037-9b0d-b046229e71fe&ttd_puid=58d11282-6a19-4723-9e65-ea966d9c9d2c%2C%2C
date
Sun, 21 Jan 2024 04:06:52 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 57F5
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=&ct=y
49 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.220.44.78 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-44-78.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.30.84
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.9.233
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 57F5
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Sun, 21 Jan 2024 04:06:35 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:35 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 57F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTA3RjlGQzktQjRBNy00RkUyLTkyQzktQTcwNEZGREM5MjdG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 57F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-Ph7BaOBChhhEKMd6mLUU&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-Ph7BaOBChhhEKMd6mLUU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB-Ph7BaOBChhhEKMd6mLUU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 57F5 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.124.209.251 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.209.124.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 20 Jan 2024 04:06:52 GMT
907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 57F5 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/907F9FC9-B4A7-4FE2-92C9-A704FFDC927F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.42.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-175.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 57F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&gdpr_consent=
42 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1f1bf9d3-f050-4037-9b0d-b046229e71fe&gdpr=0&gdpr_consent=
date
Sun, 21 Jan 2024 04:06:52 GMT
server
Kestrel
content-length
355
v3
id5-sync.com/gm/ 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
fba6ca7967aeb19e295f35214bf80d373be5715023dfa62b9128a5d1684d96f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Sun, 21 Jan 2024 04:06:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		433 KB
112 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=194304998117211&correlator=2219470594538733&hxva=1&scor=2735836240815026&eid=31079925%2C31080258%2C31080564%2C31080520%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C320x50%2C300x90%7C315x90%2C1x1&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705810012202&lmt=1705810012&adxs=436%2C1112%2C808%2C0%2C176%2C176%2C1112%2C0&adys=28%2C407%2C13371%2C14207%2C7814%2C2418%2C381%2C14928&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C0%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&psz=1600x134%7C312x250%7C300x670%7C1600x720%7C1248x0%7C912x16%7C312x0%7C1600x14946&msz=728x133%7C312x250%7C300x250%7C1600x0%7C1248x0%7C912x0%7C312x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C312%2C0&ga_vid=609855105.1705810012&ga_sid=1705810012&ga_hid=1714673641&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRiuwszR0jFIAFICCGo.&dlt=1705810008054&idt=2013&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D80c350f2-b812-11ee-a8b1-0a0b5642f92d%26vw%3D40%26grm%3D40%26pub%3D40%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D80c350f3-b812-11ee-a8b1-0a0b5642f92d%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%2C50%26vw15%3D40%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%26pub%3D40%2C50%2C60%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D80c350f4-b812-11ee-a8b1-0a0b5642f92d%7Cpos%3D1%26refreshed%3Dfalse%26id%3D80c350f5-b812-11ee-a8b1-0a0b5642f92d%26vw%3D40%26grm%3D40%26pub%3D40%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D80c350f6-b812-11ee-a8b1-0a0b5642f92d%7Cpos%3D1%26refreshed%3Dfalse%26id%3D80c350f7-b812-11ee-a8b1-0a0b5642f92d%26vw%3D40%26grm%3D40%26pub%3D40%7Cpos%3D1%26refreshed%3Dfalse%26id%3D80c350f8-b812-11ee-a8b1-0a0b5642f92d%26vw%3D40%26grm%3D40%26pub%3D40%7Cpos%3D1%26id%3D80c350f9-b812-11ee-a8b1-0a0b5642f92d&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D48db39809cdae2a0564044c5fccc5f44%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D48db39809cdae2a0564044c5fccc5f44-00000000000000000000000000000000-1705810009004-393249%26amznbid%3D0%26amznp%3D0%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1506123_PG%252CIAS_3012922_PG%252CIAS_3012923_PG%252CIAS_3011758_PG%252CIAS_3012916_PG%252CIAS_1509656_PG%252CIAS_1507080_PG%252CIAS_1507473_PG%252CIAS_3011728_PG%252CIAS_3011685_PG%252CIAS_1508967_PG%252CIAS_1506436_PG%252CIAS_3011701_PG%252CIAS_3011723_PG%252CIAS_3011773_PG%252CIAS_3006644_PG%252CIAS_1510566_PG%252CIAS_3013271_PG%252CIAS_1509978_PG%252CIAS_1507654_PG%252CIAS_3011679_PG%252CIAS_3011697_PG%252CIAS_3011699_PG&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C3057183248%2C2320616304%2C3544675803&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
bd2d61a87757e3ba66b2864402f25e2971283df96e5a675fe73c1f9b33d75328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113852
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-1,6436335771,5969529023,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-1,138459058570,138457828826,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA37 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:52 GMT
expires
Mon, 20 Jan 2025 04:06:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 Jan 2024 04:06:52 GMT
cm
trc.taboola.com/sg/adobe/1/ Frame BA45 		43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms
281
date
Sun, 21 Jan 2024 04:06:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
279969
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bne12520-BNE
pragma
no-cache
server
nginx
x-timer
S1705810013.583067,VS0,VE281
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
0
sync.1rx.io/usersync/adobe/ Frame BA45 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
interact
edge.adobedc.net/ee/v1/ 		731 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=4541eead-934a-44e0-9927-4ef8e7a8ea3f
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.56.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-56-170.data.adobedc.net
Software
jag /
Resource Hash
16850aaf8357d741a310c06651a10b56cd42f6ebb5a692dd369e9550dcc4eeda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sun, 21 Jan 2024 04:06:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
AUS3;8
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
4541eead-934a-44e0-9927-4ef8e7a8ea3f
LiveRampId
au.audience.newscgp.com/ 		94 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=48db39809cdae2a0564044c5fccc5f44&bust=16905034818750.019150480735628417&errors-in-body=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-34.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
6b5d117a0046bb80abe3be9520b39af81ddb705a7b969def2ade3ed47e34771f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
via
1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
94
x-amz-cf-id
EmEf7QiATNV_b1asUZm4LfKkdmpguZ2KFwsm0zX5XWmaN7hhSebCig==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012312191621000/ Frame EB36 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
server
sffe
etag
"b4f73150f1481343"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame EB36 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame EB36 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 01:57:20 GMT
age
7773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Jan 2025 01:57:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame EB36 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame EB36 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
css
fonts.googleapis.com/ Frame EB36 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 03:07:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 04:06:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EB36 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 04:36:32 GMT
x-content-type-options
nosniff
server
cafe
age
84620
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:36:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EB36 		344 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 04:36:32 GMT
x-content-type-options
nosniff
server
cafe
age
84620
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:36:32 GMT
l
www.google.com/ads/measurement/ Frame EB36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRnuAYrV8geC6ZbHysugmBSbJM-1O2jIR1S8PDV1FXRGwot2eEkb6NDvw_oGjoOYh1Pyg00sknodUF1anJ7JNYqI8aJA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/3887534423097591379/ Frame EB36 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3887534423097591379/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
1299db112e92420aab3755328e93d83e295a26e828796d31138a3c61ebedce3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 20:21:16 GMT
date
Tue, 16 Jan 2024 20:21:16 GMT
x-content-type-options
nosniff
age
373536
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26898
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 01:37:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/5748106918699349001/ Frame EB36 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5748106918699349001/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
2c5242516baf3260886d2d6708cd72fa1ea11c81f7d0ff540b8c574dccdd609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 19 Jan 2025 20:36:05 GMT
date
Sat, 20 Jan 2024 20:36:05 GMT
x-content-type-options
nosniff
age
27047
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 11:32:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame EB36 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ede8596649cc4007739d7accc5f2dcc82aa6add56aa19067ecb468c0af35381

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 Jan 2024 04:06:53 GMT
container.html
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 744E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:53 GMT
expires
Mon, 20 Jan 2025 04:06:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EF1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:53 GMT
expires
Mon, 20 Jan 2025 04:06:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012312191621000/ Frame 3BEF 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56099
x-xss-protection
0
server
sffe
etag
"b4f73150f1481343"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 3BEF 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"1615cf8c9658662f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 3BEF 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jan 2024 01:57:20 GMT
age
7773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29030
x-xss-protection
0
server
sffe
etag
"4993b3249a87fa76"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 20 Jan 2025 01:57:20 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 3BEF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1930
x-xss-protection
0
server
sffe
etag
"09131eec19261354"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 3BEF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 18 Jan 2024 07:26:52 GMT
age
247201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"b1091b2fa725aeb2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Jan 2025 07:26:52 GMT
css
fonts.googleapis.com/ Frame 3BEF 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,700|Roboto+Condensed:400,700&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
ESF /
Resource Hash
323f9a0be855e90d1a7cdeed1bfbe57ad610004aaded5a12c52490ce5833f753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 03:56:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 04:06:53 GMT
css
fonts.googleapis.com/ Frame 3BEF 		9 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700|Roboto+Condensed:400,700&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
ESF /
Resource Hash
6092d5910c38d32ddfc1f0c55a265c3984f414b00e609d21ee795af6737fd044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 03:56:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 04:06:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3BEF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 04:36:32 GMT
x-content-type-options
nosniff
server
cafe
age
84621
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:36:32 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3BEF 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 04:36:32 GMT
x-content-type-options
nosniff
server
cafe
age
84621
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:36:32 GMT
container.html
5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A19 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:53 GMT
expires
Mon, 20 Jan 2025 04:06:53 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
13983700146983495901
s0.2mdn.net/simgad/ Frame 3BEF 		293 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13983700146983495901
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f6.1e100.net
Software
sffe /
Resource Hash
04e12b2ff5f6b37f95aedf0b5b92eaaf28b5a9e754639cb28ad5927ac9b9c905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 00:38:31 GMT
date
Tue, 16 Jan 2024 00:38:31 GMT
x-content-type-options
nosniff
age
444502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299822
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 06:43:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
1492399369578801995
s0.2mdn.net/simgad/ Frame 3BEF 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1492399369578801995
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f6.1e100.net
Software
sffe /
Resource Hash
77cf78c63c31e57691eebb0cecaf9253c9902b93ff70f0ce2269a43e336de164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 00:37:55 GMT
date
Tue, 16 Jan 2024 00:37:55 GMT
x-content-type-options
nosniff
age
444538
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100431
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 06:16:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 2EEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT0vCwhHXslQ-eLmk53TTjDqJF53o751MWTfVFqVuwjg-0NWLnC6aROueL8ZFGA98NZQFa2f2LfwbsUQYrno0aTJC8cRdMZPQob7GHAmebrnTDWNjDAEJJWS7BuhZc6eqZYo3WFUoPIreJEsq4HYFEVgWdUI_0Ac5XlPum2rPfJ9--J-7q8rq3W2HnTajITIz4Q4_ENnp58SBVD0UO_OHTkskBIZSYC0KPVi0x0nUij8kTjgNysT7mp9V_kID60CYmlsWZopAoQORaqnPWOSuC4M77EIej30LjyMlUcoqjMeNOX0uxjCLGQsTMDRqcS153jtjsooaRWTEXxFCLZZaL22BUGXsiMODWbqWmckcKVdC-AdB9&sai=AMfl-YTyts0tEdtM5aIg7gQQnexT71BAAVk2CmO1byGvXqwI-lqMFaW2WK5RsWXxDsW3nfbz-bZWCh9oI5ncEEYe8EteAso8JPCVtMU33xVMvqV6O0-0BELYApuVNgnxBkg&sig=Cg0ArKJSzI-CocCF8ygNEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 2EEF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
34505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 18:31:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2EEF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
34505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 18:31:48 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2EEF 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 04:06:53 GMT
3946720002423118633
tpc.googlesyndication.com/simgad/ Frame 2EEF 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3946720002423118633
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
a259908a9faeec7493d765c0a1defb3cb254920fa50b04e6b21b9e37c43abb79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Fri, 17 Jan 2025 08:51:28 GMT
date
Thu, 18 Jan 2024 08:51:28 GMT
x-content-type-options
nosniff
age
242125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47221
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:32:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
l
www.google.com/ads/measurement/ Frame 2EEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCiGyf1_KLmuEy1b3Zw1XLQY6iXd_n5sSKpOhMtb19rVII921GbGyvPFJPq8nOps5aNnE-KwCayLHM5Wh4o-rWGVcAmw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js?cb=31080520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
truncated
/ Frame 3BEF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ad0980510ea24087eb7fd50d0fdb30a0ec29eafa3f2b46d80e82264f5694fae

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2EEF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4d1ce66cdf820154e5a2d83629eb60c74bbbd50692fbb5568dc34bde274c031

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
13726
check.analytics.rlcdn.com/check/ 		25 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-10.syd1.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-amzn-trace-id
Root=1-65ac985d-1caff02f763104de3c1a5447
x-amzn-requestid
e49d7515-7dfd-443a-868c-b3b06909a06d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
R3y-pENBjoEEdUQ=
content-length
25
x-amz-cf-id
3hPewA389fZcUMYPHPkyFv6eRAL02QpxK3nR1yA3aRAZBiBoMF_KoA==
pixel
googleads.g.doubleclick.net/xbbe/ Frame D786 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIMDELCB_MIEGLrhq_8BMAE&v=APEucNV-ajjF48AyBtxUkfWdmgz9kpdbyuCCwaHQIGxGxjsPBG9Iw6eX6pHbjwgN1aP-SSKZO67wKH7Be9j9kSTofgO-0HJr7w
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1851044/76751983/ Frame 744E 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1851044/76751983/skeleton.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.50.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
e4b6f8f64f8ad4554ab9f2ac75848a32bb1986ee7bb5bfdd2a347c5ab0e4d33a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 744E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 05:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Jan 2024 05:55:17 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 744E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
27199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:33:34 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 744E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 20:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
27199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 20:33:34 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 744E 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 12:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
574231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Jan 2025 12:36:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 744E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
34505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 18:31:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6C77 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
43072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 16:09:01 GMT
etag
48472445140208031
expires
Sun, 21 Jan 2024 16:09:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 744E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
34505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 18:31:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 744E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhqFiEGMNcfqZNw_i2OddGRxd6fcGZf66gQG4vp-G2I7ggcyzQetQbjOS9FWeIBDEskx15S4Hzim_G4RaifQ04S5MqCySDN1DdZ6ugSkTnVmllNq0
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 744E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRFFdUcJ5-n6XizubYGGbCXbb48c4M8zE-Ti0Nq9HiB8mwTML3K1DHklInbHw0sQh-8GnFffrwbTZb_WqEtgi9Ynk3EUA
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 744E 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 04:06:53 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 3EF1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
34505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 18:31:48 GMT
css
fonts.googleapis.com/ Frame 3EF1 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 03:22:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 04:06:53 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 3EF1 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 15:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 15:10:36 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 3EF1 		378 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
sffe /
Resource Hash
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 15:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134582
x-xss-protection
0
last-modified
Thu, 18 Jan 2024 02:36:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 15:10:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3EF1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 18:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
34505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 03 Feb 2024 18:31:48 GMT
l
www.google.com/ads/measurement/ Frame 3EF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWgyA_0mfW9_Mx6usWkwHi8AaGQLHJpv9nFZoupBul6bBdO2En0hxrNlmAgFBn05aWardKNt5_qoGp8frVgcUWodL3YQ
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6A19 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 03:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
173281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Jan 2025 03:58:52 GMT
5163138063415621664
tpc.googlesyndication.com/simgad/ Frame 6A19 		400 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5163138063415621664?/
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
42b687910fa4938a9e168d3042e982de45c4f939795e415df2768dfbe84e17b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Sun, 19 Jan 2025 12:12:29 GMT
date
Sat, 20 Jan 2024 12:12:29 GMT
x-content-type-options
nosniff
age
57264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
409212
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 04:08:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6A19 		206 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jan 2024 04:06:53 GMT
truncated
/ Frame 744E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c58e5011e1291d8f1320a3f76d46705de90fabd440c912d68211a17dff18d61b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6C77
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_cver=1&google_push=AXcoOmSlo6rRuVXrv6cj8__4sPb9etZsaeOkF1O8bHEV7dI7Uk6E4N7...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7aa4721fab1a20c2&is_secure=true&networkId=14000&version=1&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_cver=1&google_push=AXcoOmSlo6rR...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALQlfJkbzydQMB8DN5AAAAAAA&expiration=1705896414&google_cver=1&is_secure=true&google_gid=CAESEIpcbgYMowSJliyT27est...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALQlfJkbzydQMB8DN5AAAAAAA&expiration=1705896414&google_cver=1&is_secure=true&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_push=AXcoOmSlo6rRuVXrv6cj8__4sPb9etZsaeOkF1O8bHEV7dI7Uk6E4N7wQgL4ncc52TSdsYHKnTqIO03agwO4w3N_AfuQuWvUWnA2WeLBeJdcupIb4xI7UEX07tJe2fAnpcw2Fg5letvCKLoGpIlotxs5tw
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALQlfJkbzydQMB8DN5AAAAAAA&expiration=1705896414&google_cver=1&is_secure=true&google_gid=CAESEIpcbgYMowSJliyT27estLM&google_push=AXcoOmSlo6rRuVXrv6cj8__4sPb9etZsaeOkF1O8bHEV7dI7Uk6E4N7wQgL4ncc52TSdsYHKnTqIO03agwO4w3N_AfuQuWvUWnA2WeLBeJdcupIb4xI7UEX07tJe2fAnpcw2Fg5letvCKLoGpIlotxs5tw
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
usersync.aspx
dis.criteo.com/dis/ Frame 6C77 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRuRfZtlBKmJYc2mNtyxP1yz485GoXD15hNuSPdC6HA-4MsT0V8qZ6WuPIMC3mT4sAdLRLhsAbEZTYptJSvCHvD_WPeK1CymFnn2c__w2325sYsTczEjnBPx7E--on9LFAcYh1R_ZRHo5a4JLXmXfg&google_gid=CAESEGxIxZyDvGtPUpL7VSHJrKM&google_cver=1
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
354213
expires
Sun, 21 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6C77
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDOtM31IxN5dlgZ8FISkisQ&google_cver=1&google_push=AXcoOmR5Ij3J2DzkmwzUPxPFjTMIQ7-Zlh47520Lqu-znxJUn8waeLC43quWYXkgG_hYmPrttRW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=AXcoOmR5Ij3J2DzkmwzUPxPFjTMIQ7-Zlh47520Lqu-znxJUn8waeLC43quWYXkgG_hYmPrttRWuO9mP_VYhtpfWBSxo5ZpmlhBcp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=AXcoOmR5Ij3J2DzkmwzUPxPFjTMIQ7-Zlh47520Lqu-znxJUn8waeLC43quWYXkgG_hYmPrttRWuO9mP_VYhtpfWBSxo5ZpmlhBcpWnNCoKu_sUy5Syb0R88aaaxP6kSGZwN5-ZPS1_YdTwBC5Le5SSU6fs
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJNWjhLNE8tMVctREMyMw==&google_push=AXcoOmR5Ij3J2DzkmwzUPxPFjTMIQ7-Zlh47520Lqu-znxJUn8waeLC43quWYXkgG_hYmPrttRWuO9mP_VYhtpfWBSxo5ZpmlhBcpWnNCoKu_sUy5Syb0R88aaaxP6kSGZwN5-ZPS1_YdTwBC5Le5SSU6fs
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6C77
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAOClFkTZ4_KAKfHQfEnzEk&google_cver=1&google_push=AXcoOmSDmlEm2TMNFFc3FcsYUIkZvke0V_e4MR9beO0b7DaAN680ra4szfltbwuf4S6SKdf2Tn2CAXI4h4rB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSDmlEm2TMNFFc3FcsYUIkZvke0V_e4MR9beO0b7DaAN680ra4szfltbwuf4S6SKdf2Tn2CAXI4h4rB4wiBkO5vYPzTKdoo7noOU8sH_iLyCgEZ4Zul...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSDmlEm2TMNFFc3FcsYUIkZvke0V_e4MR9beO0b7DaAN680ra4szfltbwuf4S6SKdf2Tn2CAXI4h4rB4wiBkO5vYPzTKdoo7noOU8sH_iLyCgEZ4Zul8pqQn010QltXf77JDueJ0YEUnLtYoH2eDoM
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSDmlEm2TMNFFc3FcsYUIkZvke0V_e4MR9beO0b7DaAN680ra4szfltbwuf4S6SKdf2Tn2CAXI4h4rB4wiBkO5vYPzTKdoo7noOU8sH_iLyCgEZ4Zul8pqQn010QltXf77JDueJ0YEUnLtYoH2eDoM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 6C77
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHhcYiB-kvVHfAgaUQ6ciRU&google_cver=1&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EM...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EMY...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1Mzg0MDIwMzQyMjMyNTIzNzIy&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1Mzg0MDIwMzQyMjMyNTIzNzIy&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EMY7UpyBYijhaxGi_S691sf3wFjsr46XWjKLsQMP67YUe7bjYYFJN5Cvjg
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjY1Mzg0MDIwMzQyMjMyNTIzNzIy&google_push=AXcoOmRL70rV7A0xE-ehJPWGPLGrNTb49VRryjj88gHVh9sTbjRw7Wsc8zI6sGNuOZnXs7BL1_8TJqb4djIT_n-tG2cndqf3EMY7UpyBYijhaxGi_S691sf3wFjsr46XWjKLsQMP67YUe7bjYYFJN5Cvjg
date
Sun, 21 Jan 2024 04:06:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 6C77
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDSMuk7z5lMg5Hia-UHOyt8&google_cver=1&google_push=AXcoOmRn2NFnZNIvdAQwNeE22SkpEg8UQ6-MP6b_jDXyARzjdU78ct4K5flmov7-0WMzl8YdpKzyD...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRn2NFnZNIvdAQwNeE22SkpEg8UQ6-MP6b_jDXyARzjdU78ct4K5flmov7-0WMzl8YdpKzyDWLuRgwjEO7F4mUjyDC-hbq_8kEglT1vVyhpTI09u9mVMME3opQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRn2NFnZNIvdAQwNeE22SkpEg8UQ6-MP6b_jDXyARzjdU78ct4K5flmov7-0WMzl8YdpKzyDWLuRgwjEO7F4mUjyDC-hbq_8kEglT1vVyhpTI09u9mVMME3opQOfh-736NLf5g8J9upiuENOBbfRos&google_hm=VkhTSUhxZHVGMUYxOHJrc1pJSFg=
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRn2NFnZNIvdAQwNeE22SkpEg8UQ6-MP6b_jDXyARzjdU78ct4K5flmov7-0WMzl8YdpKzyDWLuRgwjEO7F4mUjyDC-hbq_8kEglT1vVyhpTI09u9mVMME3opQOfh-736NLf5g8J9upiuENOBbfRos&google_hm=VkhTSUhxZHVGMUYxOHJrc1pJSFg=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
295
Expires
Thu, 01 Dec 1994 16:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame 6C77
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAXdaKHhdaZIcxzcTOE5-aI?ext-param=AXcoOmSoEHzKilKkfnN6xz_-VQpIpXbBY_rdxpmqxz4yaPPmKY-HTNyQNJT9wJ9b0R965mj9-X3D7zC4pXGevXEn38GSeKlu6izG2x3YnXvkuKA6HayEjFAIJyT1...
  • https://an.yandex.ru/mapuid/google/CAESEAXdaKHhdaZIcxzcTOE5-aI?redir-setuniq=1&ext-param=AXcoOmSoEHzKilKkfnN6xz_-VQpIpXbBY_rdxpmqxz4yaPPmKY-HTNyQNJT9wJ9b0R965mj9-X3D7zC4pXGevXEn38GSeKlu6izG2x3YnXvk...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAXdaKHhdaZIcxzcTOE5-aI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 05 Jan 2025 04:06:55 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6C77 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IncvmsHCY7aNQMzbLKqzKeZM6GfPQDQ2tev4diwKIxBYNaWOdZ0ZqRpz113HJEViu0XVFHHEI
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame BFFC 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
574231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 12:36:22 GMT
expires
Mon, 13 Jan 2025 12:36:22 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6A19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoqzFNOYJSCWGO840slSwc2fROY7-E15fFO458Jzbs4mXNefpfaAwX---mETPixbtdBaq-1rf-ZARzgstVKerBSvl3VmrgIbkiOW7D-8yxHaHoS59chqhqi6kfEpU1eiuYtLHhhu5ijO4Zc0767orWfJqcP4tuL5kSj9RKtkabWEr7t1ngQX1KPrpg9oHEWCZo51VtTtsuf6NW695CZEAuaeTphNbn9E4TpGP02Drb7jC1z5Sasc7wJqBRG6o_x9uIZnqshATCp4mmUTtqAlaWiZHSAk63wY8pFm9h9ewPvLAElFZqH8FXhDxVDm7K0gczvZwf7SfgH-_Vvvpnb1BRlxU&sai=AMfl-YSjWXEa3HMCgC4Tm_LxIudFwMTIe-eR9mf2Ld9CKZQeJrrdmh1VhiAKoZX2-w31h2MGbhd43kroYbSnVy0Pdp6kYFUbgEQq1OAmE3R546qoX7eF-zv6yzS0eGNmQFs&sig=Cg0ArKJSzI59AtGtZGf5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
output-onlinepngtools.png
s3.ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/ts2020/assets/images/sport-indies/indies-taboola-sponsored/image/ Frame 6A19 		433 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.ap-southeast-2.amazonaws.com/resources.newsplus.com.au/resources/cs/ts2020/assets/images/sport-indies/indies-taboola-sponsored/image/output-onlinepngtools.png
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.171 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Last-Modified
Thu, 14 Sep 2023 06:40:38 GMT
Server
AmazonS3
x-amz-request-id
AH6DA7DNM96MS0HX
ETag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
433
x-amz-id-2
E++nQY8AYEiMQsvjiAKopnMuB9yb8eYhYB/6FGnOUGFtxNyu9rIh6r5RxsOcj27y6MfIBVFOwC8=
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ Frame 6A19 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
F5BEA6B61E0080FB
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=211934
accept-ranges
bytes
content-length
16112
x-amz-id-2
XSzOWki59WzVq9WjYTh0wYct8vx6ZMGU+2dlGz4mFcCzrG616FshF/qMUy1ATUnp5n4952JjBwA=
expires
Tue, 23 Jan 2024 14:59:07 GMT
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ Frame 6A19 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.80.232.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-80-232-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
4D1GJEGT1GCV0Y5Q
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=259815
accept-ranges
bytes
content-length
11472
x-amz-id-2
wh9KebbyRj+d142y6tc21p5N8dWqVI/mnkEOS3Nwey+jIgd6KJX2pmQ6oREneLwnX6WcrkmhkgQ=
expires
Wed, 24 Jan 2024 04:17:08 GMT
rum
dsum-sec.casalemedia.com/ Frame D786
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIMDELCB_MIEGLrhq_8BMAE&v=APEucNV-ajjF48AyBtxUkfWdmgz9kpdbyuCCwaHQIGxGxjsPBG9Iw6eX6pHbjwgN1aP-SSKZO67wKH7Be9j9kSTofgO-0HJr7w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6c4dMwcq9aRBkFGMhaCGSqkTATtpKCC7uP0jJUR3fz4Q3YQm12LxVUDCe%2B8Yo7kJW0RmhNYT4gF6MyMSR0EA0s6SS94QLwgbwg%2FFKslVVZPdltloeZh9VGMu2OUOpcm14kQBTAQNtsD7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafe86bfd5c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D786
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayYWtae0Cl5WRAnQkG97wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIMDELCB_MIEGLrhq_8BMAE&v=APEucNV-ajjF48AyBtxUkfWdmgz9kpdbyuCCwaHQIGxGxjsPBG9Iw6eX6pHbjwgN1aP-SSKZO67wKH7Be9j9kSTofgO-0HJr7w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpE6HTFKrA2oniNJAn507pM%2Brs6x3cJzcJAu7T7Vv6Gtr%2FceajEi%2BkN9m4%2FtZuwBGV%2B1bSVX2MeJw1qpgw5yhdaHqBZFR%2BuLx0BSYDSfSWIpDlYv2GZso93RltexyzG%2FokiDf7eU%2BDo8HA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafe97ceb5c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYJiec9_OAvngiGK85d3r8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D786
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJNN77Gjb6VvOfTo6tKm7fQ&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNN77Gjb6VvOfTo6tKm7fQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIMDELCB_MIEGLrhq_8BMAE&v=APEucNV-ajjF48AyBtxUkfWdmgz9kpdbyuCCwaHQIGxGxjsPBG9Iw6eX6pHbjwgN1aP-SSKZO67wKH7Be9j9kSTofgO-0HJr7w
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
an-x-request-uuid
04cc7636-18ec-46cd-afa8-c199d48400f7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJNN77Gjb6VvOfTo6tKm7fQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D786
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjE0MjU0NDkxMzM3ODA5Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjE0MjU0NDkxMzM3ODA5Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIMDELCB_MIEGLrhq_8BMAE&v=APEucNV-ajjF48AyBtxUkfWdmgz9kpdbyuCCwaHQIGxGxjsPBG9Iw6eX6pHbjwgN1aP-SSKZO67wKH7Be9j9kSTofgO-0HJr7w
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
an-x-request-uuid
4ebc2503-726c-44d8-a12b-18bf026f023a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQzMjE0MjU0NDkxMzM3ODA5Mg%3D%3D
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame BFFC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 07:26:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
247203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 07:26:50 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3BEF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EB36 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:49:30 GMT
x-content-type-options
nosniff
age
281843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 21:49:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EB36 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:47:50 GMT
x-content-type-options
nosniff
age
281943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 21:47:50 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 3BEF 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,700|Roboto+Condensed:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 12:26:19 GMT
x-content-type-options
nosniff
age
142834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 12:26:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BEF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,700|Roboto+Condensed:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:47:50 GMT
x-content-type-options
nosniff
age
281943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 21:47:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2EEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGX8X_BTbPoOUTEbW5Mad5wojTMyu0zysp2rEMmr3Cv38S7ZOY1_KkiXgntxtsyjDzav2SUReREWCLXTarnkew1VFWNwC-VBtFumeEFldOTv9IyTKe92SkBpO6ul3-7NXrUSYzYUBLrhCHq3A6g9O8FA_QHBQ09ay-mmKj_Di5TtbDutN2sPyyhtNe3lcEw50xbF2ggw0PZJjTkQq6oSzeQidiMSSg4cYrQoy4y7rw1V1tG4GwfCpOFDYP6CAqm-PN0_KGWRe3jp5jIx0Fr49mdGZTyH72a9kgqq-hjdvTDPw7PgjFBLP2tcXMVnws7_0RRBCmaWY7nP4aZ5bKxmZwE3pnhMo88Mf-9aYgvlV1A5YWHI1itMo&sai=AMfl-YRa_pX6tSqtd1PneXgkj1JebqsNqgz4tndOc8MwaGSqk_MRa2LQHGtmtgamsPiVNmBt02cdy-UtCAgyiICzJ2hPzpgByzdP7ERS3RsLqoBL-P0l6zirTEdb1cG7TSQ&sig=Cg0ArKJSzJYMeo7w67z4EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:06:54 GMT
jload
pixel.adsafeprotected.com/ Frame 3836 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138457828826&pubOrder=3004275014&cb=926463935&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f8-b812-11ee-a8b1-0a0b5642f92d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.50.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
de44e8986e5ebd77e11ff08871ff5f06a75302fcdcc2c544a30c71c9f3bfd8fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6A19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7lRdpg5KufZecl0TMK91QQLAqQmd3puImuBV0asTaKGBCy6sLeAL3cbPX88sdQj_2HSoTNcA-CjQPRIv16RKE4n4RaGNGw380q11JyDK8a231L-aRWOHIliySTyM4RU5dAzfRIVTt0G9I0ZQvzP6-7yVP7uBIjPBeIG7YXbMmzpAFGDWNYqlSlhwI9o8MqXRws7FjdK741UA2fKfIT6zRli7tjD3lFmmJSfFAhPKoTJILog4JsDbaI7iLfSNVj4XrDBj_MxtWgYIYfNNfrIBaseW0yPv2e0-N8IGwsdY9BZ9-TX3_Fhu_7ty-SGmtg6qUKlYe8S1Qn-IwBSfmaKypTY-qiA&sai=AMfl-YRmDmq1BW03znvWIkH1V8MOPRseRf7iRO3Quvj_t9nEFgn5v_mn5ZxRo-Xi6jcOi7E-7VazI4wzzRn9iZZSY6-nL5yXoxiqz6QOnKxGSb61c3LkB2_R-RjNiOAuTug&sig=Cg0ArKJSzF_HN0AliFQJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 Jan 2024 04:06:54 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3BEF 		42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cadcl6Pid7SGfLcBo7nmVMzrDVVQKaeHopRGIBVy4KkBFqSf0-MiMzJo-LriwqD1luuXTIV0OQVxhr1uBPQBL7nQsqdprmFasDR9KNDlDKo3Q2r8fafnGdWbXv6yiWWIuGUK31iRzZkBXnjv-asRjx-74xWscn-PlnenVnAej9c34cRXU&dbm_d=AKAmf-AwPa9KogaTdXAPxIW_gadbdNpHqcCmwztcG_2laxR521zz1HD056klkOqEEJ_XfnFodcUuKcmbfWyLe0SVjd5Gu9JYCrxYs6xqop0YLuhxPFvlbgEBTXD7m3C1BGwGiyCkjTP8LSyKbSFQuPmJ1UGdiezhFmxcsoJHWvyj8uSBIM-bjlD9qK47usgUDwCeZpglH7bhwpk_KkwNKVi3RaU_YWLOHajGm3QIPRTry-9pSRGOtEqtIXPEXHaJWzUTH0TnG-3HJSMJdJgGF5N9yxbCZ-EtXFq4Pv1oTbKlPPAyL0yaOvmgWJmu0-h4fhrlws7ybpbxCWg93Hfl3wHzAUgzh359txYG0CMEH6I2-sRJqT3leUJm1ZglDx5spmZanKRivRPST3aUSTQHDb9swKYydpa_xt2Ddh1ig62joFHlvrjZ6rWqnAeePeJkUkiAeHQ1cJlwF-jgZ4nEgtYHxV1qP9sfbYDxXG5vAsL0mGAQYTIYnjxmSRoqQBkKO-3sQOhI-ldW35aVCtqUD8blVBybOglXF8-rszaxPYZOr20nV-zebZP5UXU3KVO57bOBZN0mzjag3llQc8XLsBM_tH_llCFmyrWtMTzS56DY2dXu17r90lZntYJ23C77ABBl6mMgtTaRv0EmEV3uzQ1YaCZPyIQcGENNWCVvlnvBAorI070mJnq1TyLRneo2Kp-TzkdLpHFhRGl5qmZKT9jG5iwm7EF1t_a2NJ6Q436MbNXqD_xUOY5oyxz8KZhEOshtn7BN_NY8Rnkt1v2Bm3RgodJsMwh6vpMQW_NrVbKkCmSALfwkbhmlaMfllktgd3RwDQ4hRxTe27g9ZjCgzGg8HsrWiojM53X9US50WTDoV1ofAWJVPsHFWhGSZSn6kKfDwsyecy7ALk-DwJEiorl4FpWVBvNYnEbw4ds9YpknmhdBnCKWLETqe3lfOEEKT2WxUMhuubImYTsig5xuH0Nfea6jwCNaPD1dzhMDpmpYXS8hX3HISUx8TY87ujf1HwjSWG5KHboaxXT-UrKIaiTpYfGc_jkIFdeS7tr3IZ11wXNcqFKrp7zAFr3qmOvHMscctkNMQ_vfETayqgxOqrVXG7crWVCJwXKqlPRMsPXBjU2Kp6A0DrE03ci3mVJVj5Dof5fGndz7Kt4PnBltdTYIKfdMlBiA9iwDsPdaM_u_sI9_nguDnELJIxM3U2aXZDJ4BhD1rOfuosMq3lpThl6RXyceRfhZQv-9dFnBRPdjq2bd7ZMOyoxEEnUyXcTz2stOD3wHPoAS_jJBmQ7kTE_WbNaSRo55n_QEKbimeHlHSb0afH4kszJ55_EqzFg1DQwO9u2mpq7Ut4-AgztXvF81jyHmrI9c_76y7isxrhHf2f6hCk-EQo8Kxr9mZKC7SZAbWv_fswnfkfYqooRqnVS0Jcb8TtWDj0TBvH_PlehnebRfr41TSefNnQ1Pv8ratRjs1gs_tgqlHq7AAZahspSMKEI7bOuQRq1BVNsEfs3izBlMEnb-bEzmGfxP8BDvDP0ZlGfsJ2zOWn9xcW6fGwgJpjLMn40OrResboCk1xdRlXBqEd91Aa0mLxGmuRfBFI-ZUB3sAYMKYubBOjrC89k0mCapgIas6vOSYeL8hVlqFRysU1uay8trS3Q1rpy8JGokwkesGfli1Zah6gYkUIxzRXoahZeeIncALHOtvBS09Z2IDk2s6IwtO9ynKCtiTO5qq4_x91_Z2jd2yuitF-kw58CupzyvcMVVvtadSwPQIX_Q-qO-8sa07aSlikc-hnPvYhs944kmulpIb4sgltd8xkoyMizpZVQ0PQbqtA9OyO2CJRm6SmmL_rIMDcdQ4tZonQQiNWXKIU78lCBEZwcnyCxt-tkQdGamswCCOCne2C63KT-Q4UsvFoccyOhRqryqK3ucLj_RKUxff8VPTrO_YxPTfl-dkTRk2jhRsIWi7pFe-MNC8Wbuvo3wIAWFvZzrYIIXCpw4ROsiMMJkGTGkGAno5QEuIWLb20ksqoX8KBvcrz99e5mOtCbVFSOotJlJeTQVmq0pJ0TPOv1meHt68BMvL-bW3LhIwfpjrHRCAW2UoBgzvs-QmgMDatluTfuBJPjbfa7aC8lkPNg3AbM7EGBDCYoz5kys6EXS10l4DjaDMsSHteIiDQ5T20Nictu1JeuFAtoidqwiXn9ZVeEFtfipX_hDgHNOGdcQ_EQTzyJlwBpJAIgHL_mR8wU_ZeLuQjtyj4iBz6Z0eO0DpG9ntMlUYP8Hr3BkSKXFmkFzLshbxQnAMRZ_KuDVUsy5DpyYi_ArEUCck6GsZLj0V_YwRdk6MMVayrfJj70HGkOVbTXTBDQZDMPMVZxGGKr6vNDQz2MAUIpgL9n7X1zBtvVH3QM0xQuk47ynUjN7AxRMbYnYh6Nswrjpg_6ofHWHpVK4XbnkwhWV8ZACSVPjgxsWnoyGn3ZRAF9e1otXW_1YX1wTnx2hMGqWJLNCib3rFsCTFi2lcZWH5I_aRz-lrvKaQRGSEPq0zHJLrzKTrK8u2jcjOg8zpriOEvSd4ccb73X6s4tbgnuNfXI7QMSWu9HysmZevf5E8dWQc3Ztmoe1RCYI97uWBapYcZ4Aa9P9Q0cj8mfEK52s315-A4DGkmjUf0a-xt8jK9UV_UZTp2d9WQxBtlg7qFQbq-_Xl0mLZUcCr7t4YcdGI9ER7fP-CcAdJs64fiv29rYiVEEGGjpP_8MNwWoeDiqPEk_XaXlTR8BVen0UtstjCFST--36SxqK5g0JhducQKuwFPzhoG4exdqt2D-9CAaPsHfJyRax90u-OoHvhNKO3cbMWp43Q8A73LwSKJPJ7AooukB_uBcVny1RV1DYBB4EZcR4rvOwVSk4hD4JIZl-HrMbLQhHsvmfIDpRFULQOJLZw0vvVChfizwd-WUotZuPLsBGUQzDv5J5cIYKkb1xUjQM9vk78LAvXmkeELDzBTv6IAorUXOlEJX32QlhcFbHV2jHvYQIJ27QLsmtN37NzdusneJ0EEcIZtcCAWe6D_u4EYR_hJAwrgt9QhN3eApymPk2K1vxLS8CmENDsQofbwKi6yz3hblUGiWA6TfMdN8We2YBTcwQD44zeIkdb60pIZq0VhAsOduAJWWvwk-LTjorSSez375kfrdmt3UOWZIRjesLwG2P7Rm9dVSM0ejIYEEZPHpzBH5KSPuONw5W_uAjjCwC4ihdhFv-xn2mQWjQYmutNj_xkp6QvwUiuVWz5txNyEkGUyWH9NgxY_k-Dt7BlIhxmh7k-tsBV-1-n60ZH9jvNR55yvtmasL4P-sgafuIwG3BNrC0N1e-uDWt-yZP1Um-tyPuKbY37g2EYZBxa-WHAAHb-YwQQNDJKbChFKXmtc4tFwQVsmSkPIBIwS_oaDf46cNr8JbFDMyJDbNz2n9JPjD-e3DWyYWzVcoMZmoJkMQXQwTUCLIJfR7FsDvNbcD3AFO111gLfL_wesqS4oKtiEiDyaI-EtrgBDNwT-qq69QDup7rGQR3LRBrss20Ah5-3kYu6tZLfdxHmfH5EdcijyjM0JzjomSXeoImUu7GNZXvHlvurnWDxgpv5kdJFiFWWYiNR7QEQ4Npea4e_mww7HQFLpu2IGaHQh4pLqP8DkDToQBlpH73vRh3ZC9991Kggak3-cmcGg13aclQTf71HR4uZ_Vw5PVOdBXVfC8qp7DsJ-u9pd69GG1WVf4jJIrv4MYbRpXzFQprimDci2kccIeo-AAGG3_B0wBtYIC-yPhtgjaJ7n2fuZhqCutyxi7tU4odsGnLL_LS4opMZHR_QqoVmO909v2ra_WsdzTl738ycnm0XiPDidIOqj_25sLyw4LRQwcs_nuKjcb3hrQSXNj3Wat5yCy8x9mhnDQ3N_rh2foUaCsqsGSys8cmoleI-H-vd4W059E1wS4NA9z9BVQVIxkjgk7D3PHM_x7STUWyqMHdpMWJ1e37&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&dc_exteid=31466640745120926194292295356393866&dc_pubid=4&cbvp=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EB36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMTIJXJisZYGjFbecmsMPxpC0CL_xtq11u_C_1cER3tkeEAEgi4iDKGClgICAkAGgAbiOweADyAEJqQIFvweVviKmPuACAKgDAcgDCqoEpAJP0LQ6IbfW9_DEt7wfpHdmDgaQUDZygpdYJj6iFBGpmgN-0MDA-jAhdwAxrT9JheWeQwKA5uiPNAmeedkZr0lmvBnJmREE3x3FkqdadyIB07i6KrNfxLbC-2EwV-hP5T9VV1H-_PXOiBpY-cXUInnexBOMc2kkZrLOrW2HhucAeX3hlHtXY2zxNgVaqqrZQu20XYy2q_PUs0-X6kJu8SRKAr7OzQvRsaDclGWE-nPwZAO2in_fFNknbIMKFId-FGLPI2ku6hSbKsUFn6wHpc4NGX-grqrTuhdPlRAocVrZ8wk5MuPMywJhSm65i_uC-ov4OcbucuDgunV304SXQ-qJ3K7QKxK7bY9BX4M7UlbzgXD6bhEEOtKc-pGfPv9clkO8snIdwAT8rMWpmQTgBAGIBYG6jbBHkgUECAQYAZIFBAgFGASgBi6AB7Dxvh-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCNmR3SCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLST2b7N7YMDmglDaHR0cHM6Ly9nby5tb3JuaW5nc3Rhci5jb20vYXUtbHAtaW52ZXN0b3ItMzMtdW5kZXJ2YWx1ZWQtYXN4LXN0b2Nrc4AKA8gLAaIMCCoGCgSsurEC2gwRCgsQgLy6gdaIybyHARICAQPiDRMIterZvs3tgwMVN45mAh1GCA0BuBPkA9gTDYgUCNAVAZgWAYAXAbIXHgocCAASFHB1Yi00ODU1ODI4NjAxOTAxNTkyGNfPEg&sigh=_lTpnGlJ9Vg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&template_id=484&cbvp=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
main.19.8.473.js
static.adsafeprotected.com/ Frame 744E 		214 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1851044/76751983/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:05:25 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
730889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
qiUUpX6pq2rHj46GdcMMNSMQUbt6Tv2s-WiVC8O_60-_pW03yxLtzw==
truncated
/ Frame 6A19 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f8d8c03f2c24eb216b6a05d32b1a0abb838f314400fc0cec21c1dddee49ff14

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame F744 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=0x0|1&pubId=5367917944&chanId=171638111&placementId=6436335771&pubCreative=138459058570&pubOrder=3274688055&cb=965833614&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f7-b812-11ee-a8b1-0a0b5642f92d
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.50.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
c80f1606fb70e6c616aa84834000013474d75cc6abed9a6c24664ec9c3c31909

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3BEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUJe6XJisZYSjFbecmsMPxpC0COuX8_dz_s-qyusRr-qivcABEAEgi4iDKGClgICAkAGgAce75MAoyAEGqQIFvweVviKmPqgDAaoEnwJP0EtNMau6JMjzmqqaWglRo2fuqv0EtfBK7oSe8IXmmDTjfaKRvVBj7-LgAkFGmmr2FQ5J0zIjVYxjLB5TfcekrNWMAEk1WytNu008d8KtVsxH5tIi_Wm6wcrd4hGqoIluOB3-p3RX9V53XZVI4KiK7WYR5WIJRqCGATpn2mjKDokJBlFSr9C728BZv7dPmEfbMq03a_U0W18_y79J76EqSeXpWgbWFPkN59U0BVp2vMm6gxROBvQ0_9v7qn5KoWvJdsmm5JnYGZjEUp3pNeZ6-M9DeiL1WXaX6eNkh35g2l6QLrHPyrwrFMj8ttKGqrbddBVaQvf3x_ZqaURJz42fISA2iOGqHprA3fp3UZftKzdfPIBiOTmwFijzJk410sAE08uX640E4AQDiAXOvrqDRJIFBggDEAIYAZIFBggbEAIYAZIFCwgiEAIYAUibtrgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfH87SgA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEN7MBxj73br8AdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYtJPZvs3tgwOaCXpodHRwczovL3d3dy5sb2Fucy5jb20uYXUvbGFuZGluZy1wYWdlcy9uZXcvc21zZi1ob21lLWxvYW4_dXRtX3NvdXJjZT1kZmEmdXRtX21lZGl1bT1jcG0mdXRtX2NhbXBhaWduPWxjYV9obF9yZWFsLWdvb2RfcHJvc4AKA8gLAaIMCCoGCgSsurEC2gwRCgsQsN3MhYeS7_nWARICAQPiDRMIuerZvs3tgwMVN45mAh1GCA0BsBP9u4wWyBOI8v7gA9ATANgTDYgUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi00ODU1ODI4NjAxOTAxNTkyGNfPEg&sigh=xEvguY83ib4&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&template_id=509&vt=10&cbvp=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
main.19.8.473.js
static.adsafeprotected.com/ Frame 3836 		214 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138457828826&pubOrder=3004275014&cb=926463935&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f8-b812-11ee-a8b1-0a0b5642f92d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:05:25 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
730889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ELNbdBfbL4uCn3ar14AnjHyE27tyoObYNCiuMCkgXsaQZt1GnUmbvQ==
index.html
s0.2mdn.net/sadbundle/13563337967118153751/ Frame 0550 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13563337967118153751/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f6.1e100.net
Software
sffe /
Resource Hash
9cd9ec27aaa0a3f68ce9e133be641e1eee63f01903006f776cf4042f79d48f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26533
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
7862
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 20:44:40 GMT
expires
Sun, 19 Jan 2025 20:44:40 GMT
last-modified
Thu, 23 Nov 2023 14:42:40 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 744E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstZqFmkLQdH1oPu_TDXZSprLobNq0GxNvpNNPkTvyiO6PnfVcpKoWBtU39dnvFrNXZeA6iS4Xc617itjE_ST9RJQJVp8-Rr6_NWeRyb7G0seJvco3OhSDXJSAqt4k36kPXTFhx9_VGc8-qRDaSh8-WAl1Rf4Du72oV3tA2ty_qCE5dZ90W3bmOtchXuzPsxVJGTR9RFEyyAoq-wYUjvE4VUQ2Gk4NPFAj9ThLxAx-zfPb5t4-bykln6SVI7sXryGSXsOYGM0pnnTnHnOkmalthPFN6R3ovAjc3E3j3W0xcHxZMmCUsjNgTvaj7nlQEViE-JraH5C7l-DlGdpGAwqin5UrnDAprUEe1nPiBVahdGL-4CcZvCOaYppFHAQZVsLrOBO2-27vCgZEQIJ77d_NULQ-HI6Pbjh33wM9UPPfnkggAGYUoC5XyEX87BIqHgKp2uI4q9xv0gnDSVbGBtWyc4K7HO1X33SK-8BZz4r_6ph1ewp-wq7Cq-Z6Pvp2gmOC9GaeFQtYvC09p6yCv5wmR83esjRcPjNlrXmVa0wi2i-EHnmc9GLNJ0j-iAgA4arYiEdDDXGnaSF64M0HqsHTG0slfq2mCuIeNwp1MEo7X4nnM4BVWEzmleepPia8GUEUMUTD2n9VxKONnPqzKXKpdGs6qPq02b_80EZhRr8XXkCZ93RhlbELwbcmeLN2HYLOR1rAZZ9r16hAq3_H3mgLmCgdJSQ2E5jxtwjM2G8XCjIQMcAD4BUGReYN9rvixG5dv6mH-OP6GroiwahMnfsxgSbVGIlywcudlGQHrGXYSW49GXxoFHUWRxK_X7qP6no9roPX6NeRTA37Q8PzMcAPDYDFptuprNYTK-tv3-IvLKKdvy9wGAB_nsZCxQPpm40dxx8LGZ_gfwu6p_P3DnZZAKP85GbTqIuqu05KnTRCSgk1cir_wRvXBbDNWCqEjyBoqw1NpsS-PY8x7NTvnGHNBQ_ZV1ZPvCVfq_MIucmotM9h2ZxeMtExadBR7G-OLyL-p3Msoot0w4ViH2nwO-HNRXqBL718wtvI2lOlEEDivDsAPf0Go9IdkYQgZy_gbJooXbfSDnNbhv2ue7qtLLdkxkDNc9RNKbjStkGWnuhp46fEP74xqcYaxffiR3Gnh7fmw_F6i3FtDeFkFVaq5Br6kJju7T_7IMdVAewdYw8rzA61N2AOwKjMOyeloar_P-tU4wBO6OomClDZn5epQidozEsbWyVNZ0DEzdKsh2a0z3X5qiEvl_lU_GonjAFnM8N4THyZgdnkqJK0kZHjGj_guJMZjxZcDhf-S8_LXHWUQ2k0zjjsupxhCtAS_po3kXOI3xD8ho8oorvkIEgAEhKkEngy1LY3Pkl6UsjJnqnbgb7pUiJ5MjCaw-4pXnuRq0UyI5TJdo2Ef2lLDVcZHFaBAwkjeMZSvbGckaHD_k07URXSBcqV38im5gEEsrHb3XUUg5dBkVMeTDuqHs8lSmtyIgKacFbwXUHHzHFyQnDJhO&sai=AMfl-YQU_AEOj-Sp01xQIpE7WOi7-MVmau7-tZ4yk4DVUx7SnY9lXut9v1icK9cYSGknkg0W27mlGMpi3xuiVh1RUZEStyTfpbCrkWN8_p5vsNOHNZzywt5BJriUmukrXm6iM_ReYtOm5rIlL-m1AcQAt5jHe4_3RuU6g6un1ramzzEbmU1has1DrgQoQfn2tlRjNnxRxVKa-K5WIM5iGi1yW4Qao_ELCkQjKbAjheT8MKx5FTESUAc3SH5cdo-z0VXysDhhfGrTd3OgNbgvjuA8KFSuAXN34kSlGJAsLMfIglKgA0eTROUNbYrrROkwlH3Cfrt9LndRy8dYhbpkRNvQqj2xRB3I96SV5bAVv-0GHh-19mz8vX0vbRgFaaOfOBvzuaHugfyy7FlHeSWRA4BNcQ3Vo4dIn_cvQ2LwixhEDkcPP2eWy04IfCw&sig=Cg0ArKJSzOwmuGPWIcgZEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sYW5kcm92ZXIuY29tLmF1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=545&cbvp=1&cstd=542&cisv=r20240118.46051&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0550 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13563337967118153751/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13563337967118153751/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 21 Jan 2024 04:06:53 GMT
csi
csi.gstatic.com/ Frame 3EF1 		0
157 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrmz8mfc&c=7622123239986&slotId=3811061619993&qqid=CIPB3L7N7YMDFTeOZgIdRggNAQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3EF1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 09:42:36 GMT
x-content-type-options
nosniff
age
411857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 09:42:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3EF1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 21:47:50 GMT
x-content-type-options
nosniff
age
281943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 21:47:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EF1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cov-lXJisZYOjFbecmsMPxpC0CNSl9uV0_rTd0ZUSkrOAwMQqEAEgi4iDKGClgICAkAGgAYviiqAByAEFqAMByAObBKoErQJP0MkNtqNU-V6tgFMzwGqlhj3V2jKtzgMgI-I8eXRSMMrw0AuQ8Maed9uoobOv3Zt4VA8ygFKxZYPw4e4qyCYbpI1YTyWrkbsTk9Dwmz-6SDF6l0T5gLBEfhk3psN7EbtZjxtYsW64yRemK68gv9I3E2FG8oTqZsVfbLDnVVW_LJXvqYaTHbFb1n8brBTQEvW5HySFcA0IzrqWSLZBxrmr7BGsz13RafQRzwfympkngQ4BxCrhKrHrRd6Izp7Y3t2VLGelE99r-w4FAnEqmUsIstnJWGPb4jbGSPn0hFZt5o9Bo1E_oSEuMq-NYIaah48K1oY5lz3_1mmmRdsZx93WJfxFqSjzPqPMlkjiXwNt-wEu4zlqdj4kU2Peb1_9_NKvTOH4CrjA6sFpoljNwATvhePewgTgBAOIBcfFnt1NkAYBoAZ5gAfdnfXfAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLST2b7N7YMDgAoDyAsB4AsBgAwBogwIKgYKBKy6sQKqDQJBVeINEwi36tm-ze2DAxU3jmYCHUYIDQGwE-aAmRbQEwDYEw2IFAHYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1705810013856&ai=Cov-lXJisZYOjFbecmsMPxpC0CNSl9uV0_rTd0ZUSkrOAwMQqEAEgi4iDKGClgICAkAGgAYviiqAByAEFqAMByAObBKoErQJP0MkNtqNU-V6tgFMzwGqlhj3V2jKtzgMgI-I8eXRSMMrw0AuQ8Maed9uoobOv3Zt4VA8ygFKxZYPw4e4qyCYbpI1YTyWrkbsTk9Dwmz-6SDF6l0T5gLBEfhk3psN7EbtZjxtYsW64yRemK68gv9I3E2FG8oTqZsVfbLDnVVW_LJXvqYaTHbFb1n8brBTQEvW5HySFcA0IzrqWSLZBxrmr7BGsz13RafQRzwfympkngQ4BxCrhKrHrRd6Izp7Y3t2VLGelE99r-w4FAnEqmUsIstnJWGPb4jbGSPn0hFZt5o9Bo1E_oSEuMq-NYIaah48K1oY5lz3_1mmmRdsZx93WJfxFqSjzPqPMlkjiXwNt-wEu4zlqdj4kU2Peb1_9_NKvTOH4CrjA6sFpoljNwATvhePewgTgBAOIBcfFnt1NkAYBoAZ5gAfdnfXfAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLST2b7N7YMDgAoDyAsB4AsBgAwBogwIKgYKBKy6sQKqDQJBVeINEwi36tm-ze2DAxU3jmYCHUYIDQGwE-aAmRbQEwDYEw2IFAHYFAHQFQH4FgGAFwE
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3EF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrmz8mg1&c=7622123239986&slotId=3811061619993&qqid=CIPB3L7N7YMDFTeOZgIdRggNAQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1a8&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 3EF1 		26 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BCtr0EvPzKeb1uvkPyRZsKiKvj-eBcQpllehNj_NgSMEmRciauYJMyiefuaOAovW8EjydVrUOf2JRPc1ba8EGFv86VVg&cry=1&dbm_d=AKAmf-Cv6fM1jwc6OC3e-9Au-gUSu0k99MfIwN13g9dWQQwWv20o3S2ZF5XFsFaPIWTzcgCRZIAcdwpUedCdFAOiIr_bZkLgRMqOJP-J9xx5Xr7izhMJ-2Mx_yvUfMF7nSi2r_A8zzbKjCR_ftkV6mEKspSqvmbvBFe373ywXjxaE5xfipHeRR0WYDmxF0zQClPjuKZ8_sEwLWXwy8N6n0jrkmJ1gBSjTM_kWWp1suM1leYG7A-lSyFhET_qJyB_RdLCSLeQUzEk6GwzuaHBSMShoHdSx-lCkMeJr4bPuG8tFQ_k2gH6AdanoHsC_lhxuhiRuLZTDSI0-9CIudf3y8RKCQX2io7LI-0pW0xBIcdi6Jmbb1Op_nMYZYVtC7OuPaoAZbo49vAdOrkypVM6WfhQhlGQexB9WksyNqf2oBB45GV12DDjwTmWkVAjoRnQvQnuSYOp2VG0whHdMsSUNc1JVD9qj-24IsTXI0npDNf_YZXKmA_1SEsrUbamjMtzOTSF9knixY_-AnMXkh9YWYfK9KlmNqVpa-2sArTOQgl_hh5VStgWCKERzly9aklzbOvWbTH6eKwDuwDqS4MufMixOasELrCzpmTuRsgERGNwEzvpMjn-yKyZcyshPuWGwx0Cg37CFYtfAUMDBMIvu7drUzT69IAEvQvceoTpsYTYW34gdPFHf3wkZByFj2pyk6NRfxwRk3tFpT2MLEFF8wZyqfHdBLpD254tzYFoXb8PU92dLWgFA7YA6WN_oTD3YQeIc_vOmdmYM1mhpdaMLgTa_Bl5WR9tx7kdJkJsfsihgjmmcfDO_FNLEupuegUKLEn2s5TWYfLbocURPOZ4rUeaOfMpXGpGczWdJL1iAYpRYh4TuGbxiMvKMPROzq94qR9Yans5zewAk0Uq4mljgQ7gYAu-UaQcnqEWVX7B_3FznQIlOO_NkllY0QmZ6VvBfoncoX0W9AtFVvXTQHuDofKz8tWHN738dWv2datd950fxV_3txK0ct0eIM-qnawH5FC1cZINtDpLDDQ1CbsTu7CMKb1ULihY9snI6MIl4cSlk7R2B8sMBSQNAcXM5xIz4lAW_tsS6cLLlqi1p082rP-0KGo3fq8axFSp2huT8yOZebfREE5CK-M4t5sW3iguYg5SfxNyV4BMjTyxoxw8Xz6nHppgn7V9BnmfgiI2RZO79VD4mE53hxIcEVfHcWUR0mfOmMH8PQiMC5UXDM5l9y60jL8UqPZbSpPA9WoTj2JTxXi2uewYmkYsSUr-VKAoxwXy8AOL4cQEZ1WrxDkfEek1OlQ-KfkcaWZ95-Piu2Vlr3Yarjo9R4QwBBDly7vPeFFRuwsFAIOR9FuWSxV_EVioohwbNxKn46p4FthkzctyuhdIHbfmMlWvlYzjcvGd3EFrHvNIN2EhnOJyDJPrPOA8vBweAxF372Kcj2zdMiti7AliZtKvk9ZMmDXz9HT74q5RDgZNQNTGmWiIovMJsibGtuuF8taxe0gvvENd4bZAKuBw_FESJeG1j-eh3OaTC5hyvE0FBEQo7tvu6_pItnLpSkl94xp2Sr-VAIZqScXX49CfRWqKOMSKo2tvO9vC_ntNA_biNEOL-Dgewo0bNIB2slEFLxRAFIZidp6jQHespN2jD9D3uq1SfrQdEguGi0yO-rU-8BP0c1sxydWUv3BXseGEeY1Uhg7QD6UGVByFgDVDLEljwLdSVZ3N1OduhhSYfbeqCqWVyQGGTECtkYb04EDCf4FF6pFUkXj0RVd3UDU1iHKCfgf4t3fLolv_2UdVJe6XeH_5HelIBff7eoV0U_T_RUp7buBIkAjSx95AYMSoTYwXyg-fOvM1Razg7QMBDKq74zJht_HuRatNWyoBBEr0xwyOZ-ZzVjJ3XFQTDN_Gpyq6IGnSWNnnp0y-GdbO8z3erE8n5Pt-RDv4YrL0J-mB9JqR10aE3mgxX9zEE5PbC09t5O3DRGA386HDby0y86IWym3AOuRvkdgE2v2FBE0ExwNYTRR5_nZBv0B84cW5zkUbtrOcnK0_MGsgY8VuxaysEGMyIawQVkGCzcPVD-aCvv58VXwW2YptcW6bgicvGNQNJKECoEbFWgSsCtn-lyd3UtlrpzPdF-42feEDOBEhFe9VuY_axU9kvkM_HsuAhDqFidn23QyVyTG270eWVlVIIRazBpnsFlU_6vDTsmGsjqXBUacYOK3FP1agd77TR3_iuP73VGousmFeMfiMsvcovQnMR55zXY25MMy3zylmblU0SaM226FgB9aGcnM4eGCMraFhik85uA9oW4sY1IUdvrIiTF-SyrnjJPXrAEHIBpokta7SJXhHanZXpUGsI-l2ZWUe2hZmkXaasHsfYZT-EzaeYErjFy_cx8P7gf7xuGC2o4Tklz4daK8Hp8ziE9xhvWbIK1J1l5lOXeVWxMTSpCCDrm7bLWJ9UWYU8C_RRe9ftgne5-g8cDBKmk8VsWL8h3KVrFbYZ-UC7zzyU0vid9JQVmk7-Ozx2aDGxEtn8fvItTzBdC1lpKO-tghmB9KdX3rdVD69FV3LJEmLXyVyXm0b8sHgNydBDuWq5gEAyAqfRp_RfbJHSoe2BqfcD29SgpqgulNyZQoOKd0EnsRgUc_tni97I7zgFVSSrTckGm_9bkY5SClC2ebfpbKrGO2OzvBVIOgomaZvwaptk5lEv6wDisy-rL6iCrCZmkevTJ0COB4Oc3TqDvCITly_tYWtRiyQqZOlBMvIzaiooy1EhjbLnMjMZptGyjw-GQVHjsdaHSvBsKSJCXTsJs-aNbiodMwU6vR8sOuxpDSNMEyBiqskMI4TluPgIBN90EEOeQcu0snX212RpfNXt2bML3ZRcml6fubvVd29rzA7MAk2STN0ZgA-jiHbTwrB3F0brbdWFSEGqXLC5balUmaKavWcnTajoXc1d4GwE2M38HrXEg1JSlPvRKdkHG3euX81eX-4EtTZUR91ppyOA8Eqyo6uotM1auiuPHpulfKbhQVoZnWc0zD90NQ7rrS0fzz5wCnZatbDHpnqOIoQ3EjxFplDqBl33RcNHgv0R2Vy82o3aXl27AkYfGVD6GbSt0GGzSUvYX-kn_KpBlSFQTSsx7Io0oy5pYdnuo1-MI3EY6APiFQpR-A1Uxq50tFul8P23IfvblxE_k0QPVfwTpCNRMOSdXrMIahkFgzeprCHc7fy-5MTUYtiM9pKAdEHy0KGCq9MXb2t5besGTtK0fhevoonzM_ACvxc5KJvPMbXnP0-NDR3RMzd9c2LrCSkJAM_Dqog_JaRxQy64ep9mV_-uyqTMfUDcKh7b95TOH1PXiN8OXYO3jpP17bpzzhmX6SbQr1PQxS1bAgvQoU5-lDdNjZL1zRSUAChRKLnT60H7F6GS4zXcsoqSR6FOzut844ejy15k0ntmXIFjZ8WFii4kY4IsoCyMAiJVaf17FJkMcz01VAGewhCEpk9pChWuaGPvCJia-DztZXBmDFkGmdIP0iD1b08oDbAa0m0ah2MYOV_diOUuzBvnsx0h0EED2AsT4ykVHs2njLcFHUs_tltYFwPJg_C9JJQTRP6NdNdkBxOnxQP4wW2gNoUItlA2AgHhOIAAn8pLRu24cDLVw-hDkkOc_HGkKVc6gf9GZp9YujULFK6mPtRZzJEw6na-jbX2Y5tSytQvWc_vg4Yrxppr9tgGpDOVCErfkupVx4VJTDJjt3kYKVhV-3VoaeVn4lekyClhuHrb8OqcY0gnB5n1gJzxBim78-RNqHomBAcjhalmUGH&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
f141529a6db704f9b8dc476646c827fd35c79de0330716a60659c9263e7d78bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17155
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.473.js
static.adsafeprotected.com/ Frame F744 		214 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=0x0|1&pubId=5367917944&chanId=171638111&placementId=6436335771&pubCreative=138459058570&pubOrder=3274688055&cb=965833614&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f7-b812-11ee-a8b1-0a0b5642f92d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:05:25 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
730889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
zqZ7kjbyuuvjlI2P--uqVAb6T0PBeGOA9N1HHGkvAVoKP_98iekP4g==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1261 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
43072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 16:09:01 GMT
etag
48472445140208031
expires
Sun, 21 Jan 2024 16:09:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3EF1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2de717bdbf2300b7b619ec1abc06cd778a9211121f8c8e2a43cd0c720cc7b0e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1261 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJO-S_Wjjqa7F_EWPbYD0gs&google_cver=1&google_push=AXcoOmSZ7h4IaVgZE7aAnvvfOZniRra7pDnBtba0YyWkOgyqtV2dStXCX9WQjEmydK-E-a4pmJrJrSfn-y8SkhEh_mi0UVPR3uw
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 1261 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEEYEzXbovZ6iCk3u9p4to94&google_cver=1&google_push=AXcoOmSZSCl1h0VB0L7xldw9JSIG8gOHjOO2_wr28A317ffSG4-xoFb_G1NfDGVqx4LbZFYuSj-k-0obRbQ3FnbYPFRlwDl7vls
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
asr
aid.send.microad.jp/g/ Frame 1261 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEG55YnCSrIhxdVNUCDye7fo&google_cver=1&google_push=AXcoOmSLT9TLwUwWiNs6xY0xBV6fZa4BAw0VybHyatYPzkQuiB7a9jrJDDmctabjQ29jwyPZgmWk7np60rNcFlMtD1bUCGNgehs
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:55 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 1261
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdJZY3KqIsOgt-9I54w2AM&google_cver=1&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNwaI...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIdJZY3KqIsOgt-9I54w2AM&google_cver=1&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0R...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NDU5OTk4NjE1OTI1OTg5MQ&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NDU5OTk4NjE1OTI1OTg5MQ&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNwaIY2IPGFySSwTjzB3ZVHw
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg0NDU5OTk4NjE1OTI1OTg5MQ&google_push=AXcoOmSWxRZJ3LYMyVKHlKBrTc18R79EvarsfX3WslKt58SXnI-7sTVPDa_cVu4v5BzhLTR7d0RJNwaIY2IPGFySSwTjzB3ZVHw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1261
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kH-fybSnT-KSyacE_9ySfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kH-fybSnT-KSyacE_9ySfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTFbUDUY2WWtGejAdH2eJUMRDLZYMdu_9ZIS2Tpq5YDiX-XHW_Zd5hcyD1wdu6J167F3WlEIHgZabM2ll-oST9E6zjn0Qk
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kH-fybSnT-KSyacE_9ySfw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTFbUDUY2WWtGejAdH2eJUMRDLZYMdu_9ZIS2Tpq5YDiX-XHW_Zd5hcyD1wdu6J167F3WlEIHgZabM2ll-oST9E6zjn0Qk
date
Sun, 21 Jan 2024 04:06:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 1261 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEJ3aP8Fz_j9Qsbncz1pHVVs&google_cver=1&google_push=AXcoOmTMcoplstWIeAA1s5TYhRNiIc3N3RXRLBrHihQYPANUy8lv-QFBSm3YtYPdLkNEkP_bgub0dnzq5BuRIY1GnShQmg__HGQ
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
sspsync
cksync.yahoo.co.jp/ Frame 1261 		35 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEBY9qI4xAe6iZDEWG9Dtpgk&google_cver=1&google_push=AXcoOmSJSp5sNNQ_iOgkNdVHBE3fQHHr7AgzGh9w92U-X0oNBPcqm_T8u4cSA3yPzAbugpEaRp58E5bU6FTHDNpzDwSX9Kpgdkg
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.28.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
server
nghttpx
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame 1261 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JC_75EWJGMILCekw3GTfBM48a2_bBWY3LtF1pbD6xiw2w9pe9_CeGBqA3tlwevvYJ0gedQ_w
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFFC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BR33GXJisZYKjFbecmsMPxpC0CAAAAAA4AeAEAg&bg=!-_il-LfNAAa8BdJLnAU7ADQBe5WfOGhD-xriF6piBuAkHskLcFFqYsjEZM7wniH1yPcmNMp95CZx1gXmoRlxNtMOPlvAAgAAAZZSAAAAAmgBBwoANuxmlf5HqNzabRIqxPmxO_Xrv4Y7tcobV0FwoFNqIKllK4HRu1lj5IfbMGe3euWQVU2qCFYBUZkDGk3MRjUFEHgh8JHesRh9L2WS6dxJMRK1YRFUamTLb-CiD5wb1Esr1HRfC-K0f43a7ZxX-TvuipTBXgaKeTWG05YchdswWw0sZlmUIpP91epU_DjwI8ZbxAo69ih2Bvd7ulUM6z7CmjiRpJvuGfUzbdQBYg_1ATBXxA2bKuzb4Z_ofpzI5MlqH3XZCxYbjQLiE9SyzIAdcz9wLxs0ISkecV-43uSvfiS7EvSLZL4UBk9Q567pOs-bP3eyyznBq1RYfGnhOLD-8ulkiUu2hG1GqoCRDHgQtWfvnjgUFfUpBTU5cBTUtSMd2uvi6hQWkwhwDZNXuKH866rJ-J1cVTfW4ybdXELvw7hz7hBetkAkOowoTHxyPjzVJK6xSU74_dgiHMsX3DLWrO_V-GBKFnt87yQ7lKDQ39RaWOihlwzs1IFyWQXJGMfzf7tWm8P6SqAPxUKCpMr4rI5gINBC5qMPMlKOcqygS9CXnaTJmR6WA0p5r3MRY52C4fTzR5mBRAeohonkNjKfqE2XyzK1Oo9KXzfeFMXfSV6xsmY_rgURRQYnyv-2aFdaTbSCda0HtZm9EohYLdBdGkkOzi24qgSiZrU6zPEOO6NNKuZmzSaSeByw5DvbRcmNQMKBN9EWvJ89_f28wGQzwgwW-3DrL7AJRl5SqZnLe3KhFQGqT32xASgCb51q2P5oWpo1wLq6YHJC8491AHJ39G-kjFHT0YDXkigqtADHsTOQVa0OLsJYpFqIaYZBwyG0YyNyVnEGL72Q7flke8zOcGczMHO-KfM1FnCBTxPQEPPmy_9S3-nsM9lHKV5N1wjcRAAzfjtOYw4z-vqgJoW45xxE53thjHU4LszJICGwwXrq3AB-3mkR-1ICLbXTRpy3VEEwNqkx_X5JCWIllF7BnYhY_TEqf9D4VQ4xv-MYoDa1Gzu47HFWQkJCjAjzjL12kCATd8Cp7VOvQ_xdIHRhshDgleuC_wRPzOAX8z1fJ-IPkx_9rqbRNvfoFB9dmungJD7wntC4lLLQzXnEikTN0IZYX_xoftnk_asZuUmxXTsRhlLP
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Sun, 21 Jan 2024 04:06:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
BG_300x600.jpg
s0.2mdn.net/sadbundle/13563337967118153751/ Frame 0550 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13563337967118153751/BG_300x600.jpg
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f6.1e100.net
Software
sffe /
Resource Hash
a5174fe4188937e5417a74146825945a39579534efb17da6ce918371752635bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13563337967118153751/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 14 Jan 2025 00:39:04 GMT
date
Mon, 15 Jan 2024 00:39:04 GMT
x-content-type-options
nosniff
age
530870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70134
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 14:42:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame 744E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstZqFmkLQdH1oPu_TDXZSprLobNq0GxNvpNNPkTvyiO6PnfVcpKoWBtU39dnvFrNXZeA6iS4Xc617itjE_ST9RJQJVp8-Rr6_NWeRyb7G0seJvco3OhSDXJSAqt4k36kPXTFhx9_VGc8-qRDaSh8-WAl1Rf4Du72oV3tA2ty_qCE5dZ90W3bmOtchXuzPsxVJGTR9RFEyyAoq-wYUjvE4VUQ2Gk4NPFAj9ThLxAx-zfPb5t4-bykln6SVI7sXryGSXsOYGM0pnnTnHnOkmalthPFN6R3ovAjc3E3j3W0xcHxZMmCUsjNgTvaj7nlQEViE-JraH5C7l-DlGdpGAwqin5UrnDAprUEe1nPiBVahdGL-4CcZvCOaYppFHAQZVsLrOBO2-27vCgZEQIJ77d_NULQ-HI6Pbjh33wM9UPPfnkggAGYUoC5XyEX87BIqHgKp2uI4q9xv0gnDSVbGBtWyc4K7HO1X33SK-8BZz4r_6ph1ewp-wq7Cq-Z6Pvp2gmOC9GaeFQtYvC09p6yCv5wmR83esjRcPjNlrXmVa0wi2i-EHnmc9GLNJ0j-iAgA4arYiEdDDXGnaSF64M0HqsHTG0slfq2mCuIeNwp1MEo7X4nnM4BVWEzmleepPia8GUEUMUTD2n9VxKONnPqzKXKpdGs6qPq02b_80EZhRr8XXkCZ93RhlbELwbcmeLN2HYLOR1rAZZ9r16hAq3_H3mgLmCgdJSQ2E5jxtwjM2G8XCjIQMcAD4BUGReYN9rvixG5dv6mH-OP6GroiwahMnfsxgSbVGIlywcudlGQHrGXYSW49GXxoFHUWRxK_X7qP6no9roPX6NeRTA37Q8PzMcAPDYDFptuprNYTK-tv3-IvLKKdvy9wGAB_nsZCxQPpm40dxx8LGZ_gfwu6p_P3DnZZAKP85GbTqIuqu05KnTRCSgk1cir_wRvXBbDNWCqEjyBoqw1NpsS-PY8x7NTvnGHNBQ_ZV1ZPvCVfq_MIucmotM9h2ZxeMtExadBR7G-OLyL-p3Msoot0w4ViH2nwO-HNRXqBL718wtvI2lOlEEDivDsAPf0Go9IdkYQgZy_gbJooXbfSDnNbhv2ue7qtLLdkxkDNc9RNKbjStkGWnuhp46fEP74xqcYaxffiR3Gnh7fmw_F6i3FtDeFkFVaq5Br6kJju7T_7IMdVAewdYw8rzA61N2AOwKjMOyeloar_P-tU4wBO6OomClDZn5epQidozEsbWyVNZ0DEzdKsh2a0z3X5qiEvl_lU_GonjAFnM8N4THyZgdnkqJK0kZHjGj_guJMZjxZcDhf-S8_LXHWUQ2k0zjjsupxhCtAS_po3kXOI3xD8ho8oorvkIEgAEhKkEngy1LY3Pkl6UsjJnqnbgb7pUiJ5MjCaw-4pXnuRq0UyI5TJdo2Ef2lLDVcZHFaBAwkjeMZSvbGckaHD_k07URXSBcqV38im5gEEsrHb3XUUg5dBkVMeTDuqHs8lSmtyIgKacFbwXUHHzHFyQnDJhO&sai=AMfl-YQU_AEOj-Sp01xQIpE7WOi7-MVmau7-tZ4yk4DVUx7SnY9lXut9v1icK9cYSGknkg0W27mlGMpi3xuiVh1RUZEStyTfpbCrkWN8_p5vsNOHNZzywt5BJriUmukrXm6iM_ReYtOm5rIlL-m1AcQAt5jHe4_3RuU6g6un1ramzzEbmU1has1DrgQoQfn2tlRjNnxRxVKa-K5WIM5iGi1yW4Qao_ELCkQjKbAjheT8MKx5FTESUAc3SH5cdo-z0VXysDhhfGrTd3OgNbgvjuA8KFSuAXN34kSlGJAsLMfIglKgA0eTROUNbYrrROkwlH3Cfrt9LndRy8dYhbpkRNvQqj2xRB3I96SV5bAVv-0GHh-19mz8vX0vbRgFaaOfOBvzuaHugfyy7FlHeSWRA4BNcQ3Vo4dIn_cvQ2LwixhEDkcPP2eWy04IfCw&sig=Cg0ArKJSzOwmuGPWIcgZEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sYW5kcm92ZXIuY29tLmF1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=720&vt=11&dtpt=175&dett=3&cstd=542&cisv=r20240118.46051&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=48db39809cdae2a0564044c5fccc5f44-1705810007
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4YFAXJisZYOjFbecmsMPxpC0CNSl9uV0_rTd0ZUSkrOAwMQqEAEgi4iDKGClgICAkAGgAYviiqAByAEFqAMBqgSqAk_QyQ22o1T5Xq2AUzPAaqWGPdXaMq3OAyAj4jx5dFIwyvDQC5Dwxp5326ihs6_dm3hUDzKAUrFlg_Dh7irIJhukjVhPJauRuxOT0PCbP7pIMXqXRPmAsER-GTemw3sRu1mPG1ixbrjJF6YrryC_0jcTYUbyhOpmxV9ssOdVVb8sle-phpMdsVvWfxusFNAS9bkfJIVwDQjOupZItkHGuavsEazPXdFp9BHPB_KamSeBDgHEKuEqsetF3ojOntje3ZUsZ6UT32v7DgUCcSqZSwiy2clYY9viNsZI-fSEVm3mj0GjUT-hIS4yr404hwByHJiRFMIc2fZ1jdTLDWx1C8z3HwJ641Azi8W_UA-o-CoowITMF3L0ruom0SqYcdHkKxCw6FsbV2_lW57ABO-F497CBOAEA4gFx8We3U2SBQYIAxACGAGSBQYIGxACGAGSBQsIIhADGANIrOr5AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGeYAH3Z313wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDhhh4YkdHngQLSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLST2b7N7YMDgAoDyAsBogwIKgYKBKy6sQLaDBEKCxCAyoSuiM-A7pcBEgIBA-INEwi36tm-ze2DAxU3jmYCHUYIDQGwE-aAmRbIE7GTiuQD0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTQ4NTU4Mjg2MDE5MDE1OTIY188S&sigh=zHkLor-NKh8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&vt=10&cbvp=2&vis=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 04:06:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3EF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4YFAXJisZYOjFbecmsMPxpC0CNSl9uV0_rTd0ZUSkrOAwMQqEAEgi4iDKGClgICAkAGgAYviiqAByAEFqAMBqgSqAk_QyQ22o1T5Xq2AUzPAaqWGPdXaMq3OAyAj4jx5dFIwyvDQC5Dwxp5326ihs6_dm3hUDzKAUrFlg_Dh7irIJhukjVhPJauRuxOT0PCbP7pIMXqXRPmAsER-GTemw3sRu1mPG1ixbrjJF6YrryC_0jcTYUbyhOpmxV9ssOdVVb8sle-phpMdsVvWfxusFNAS9bkfJIVwDQjOupZItkHGuavsEazPXdFp9BHPB_KamSeBDgHEKuEqsetF3ojOntje3ZUsZ6UT32v7DgUCcSqZSwiy2clYY9viNsZI-fSEVm3mj0GjUT-hIS4yr404hwByHJiRFMIc2fZ1jdTLDWx1C8z3HwJ641Azi8W_UA-o-CoowITMF3L0ruom0SqYcdHkKxCw6FsbV2_lW57ABO-F497CBOAEA4gFx8We3U2SBQYIAxACGAGSBQYIGxACGAGSBQsIIhADGANIrOr5AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGeYAH3Z313wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChDhhh4YkdHngQLSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WLST2b7N7YMDgAoDyAsBogwIKgYKBKy6sQLaDBEKCxCAyoSuiM-A7pcBEgIBA-INEwi36tm-ze2DAxU3jmYCHUYIDQGwE-aAmRbIE7GTiuQD0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTQ4NTU4Mjg2MDE5MDE1OTIY188S&sigh=zHkLor-NKh8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&vt=10&cbvp=2&vis=1
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
skeleton.js
static.adsafeprotected.com/ Frame 744E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1851044/76751983/skeleton.js?adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=e&adsafe_...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 02:11:42 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
11325313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
yJohKAj1-QjqfTg00PZjbQDz2Dv-z1m7vjDs6kwE99II3D2MEo46mw==

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
nginx
x-server-name
app08.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame E868 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
27369611
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
NN41tBDzwUjpSVj070Bzf-Y3yCVIjPAor-18qIE_Zv0mpV8UUyZMkw==
usync.html
eus.rubiconproject.com/ Frame 53A9 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 04:06:54 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A295 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1085
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
848cafeca97aa955-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
Sun, 21 Jan 2024 08:06:54 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DCA2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154820
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
Mon, 22 Jan 2024 23:07:14 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 53A6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
81616
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 Jan 2024 04:06:54 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 18 Jan 2024 05:26:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
279, 37551
X-Served-By
cache-lga13626-LGA, cache-bfi-kbfi7400061-BFI
X-Timer
S1705810014.254040,VS0,VE0
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5432142544913378092
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=5432142544913378092
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
fba84343-b7aa-4aff-ab4e-0b607e1a09f9

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
an-x-request-uuid
63f582c0-c2da-4869-893f-57162657792b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=5432142544913378092
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 57F5 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTvMH,pingTime:-3,time:447,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:380%7D,%7Bpiv:91,vs:i,t:446%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:447,o:0,n:446,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1%5D,as:%5B85~300.600%5D%7D%7D,%7Bsl:i,t:446,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:91,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~75%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n1%7C1o1,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:381%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTvMI,pingTime:-6,time:448,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:448,o:0,n:446,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1%5D,as:%5B85~300.600%5D%7D%7D,%7Bsl:i,t:446,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:91,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~75%5D,as:%5B2~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n1%7C1o1,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:381%7D&tpiLookup=ao:www.heraldsun.com.au*&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
lookuplist
au.audience.newscgp.com/ 		108 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=48db39809cdae2a0564044c5fccc5f44&&bust=17058100142130.18120103784067987&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-34.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
c25869eb3a3a25112591dabf8a3d5bb6c62dc4f40350c364c3840396f017938e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
zbiPUtlTh_7eQmqUTseUj7M8gGzt4QHhLVzGWu0GmEktRotU07Bp9g==
usync.js
eus.rubiconproject.com/ Frame 53A9 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8c7e53b982d18cb4565c9b9d0b668373d6e32cc0feca44ef402476f77845bf3f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2024 16:27:36 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44432
Connection
keep-alive
Content-Length
10965
Expires
Sun, 21 Jan 2024 16:27:26 GMT
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTvN6,pingTime:-2,time:472,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:212,bdZ:512,beA:696,beZ:699,mfA:1055,cmA:1056,inA:1056,inZ:1060,prA:1060,prZ:1072,si:1077,poA:1079,poZ:1095,cmZ:1095,mfZ:1095,loA:1144,loZ:1147,ltA:1168,ltZ:1168,mdA:700,mdZ:1037%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:380%7D,%7Bpiv:91,vs:i,t:446%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:472,o:0,n:446,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1%5D,as:%5B85~300.600%5D%7D%7D,%7Bsl:i,t:446,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:91,obst:0,th:0,reas:,bkn:%7Bpiv:%5B26~75%5D,as:%5B26~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n1%7C1o1,idMap:1k*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:381,sinceFw:90,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 1DD8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d6459c4f8f1b88ea841131c280b31a8377fefbbf7661889d5daba621f62057

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
848cafecf8225c07-SYD
content-encoding
br
content-type
text/html
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIH2WwMOQ%2BMIlxhO%2BWpwCJuD9XV2dDMifjrrc%2FYr3ByuTlTUhSGda1u90HUsBqPr0Wk7SvYrJstmL2DFQjkUwnKg6lzphdOmFCvEN4J2cKZbDYkgZdGH6lWTeTpSZgA6UyT2s8lA9kmiNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame DCA2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70461372&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
9f886fab30f2afe60f71e72254849f6afb57e3df7f16e9158ef6e91c84211333

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 Jan 2024 04:05:11 GMT
content-length
1737
content-type
text/html; charset=UTF-8
sca.17.6.2.js
static.adsafeprotected.com/ Frame CA27 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
27369611
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
VovXiPhDIScgyI7MRMMpm6T-AiUy8U9Mrow0-0NpelblFUh0qSeQsA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138457828826&pubOrder=3004275014&cb=926463935&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f8-b812-11ee-a8b1-0a0b5642f92d&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:a0a4a82e-eebf-5c21-803e-067d7a6f724d,c:1VTvO1,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-564c979bd5-qs6cf,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:463,mot:0,app:0,maw:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:475,oid:82b201de-b812-11ee-b96b-9e445a029cc1,v:19.8.473,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.50.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
nginx
x-server-name
app11.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTvOg,pingTime:0,time:489,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:489,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~100%5D,as:%5B25~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTvOB,pingTime:-2,time:511,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:155,beZ:156,mfA:618,cmA:618,inA:618,inZ:620,prA:620,prZ:625,si:629,poA:630,poZ:640,cmZ:640,mfZ:640,loA:648,loZ:651,ltA:665,ltZ:665,mdA:157,mdZ:583%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:511,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B47~100%5D,as:%5B47~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:475,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_6,google_ads_iframe_/5129/ndm.hwt/home_6__container__,ad-block-300x90-1%5D,sinceFw:35,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 3EF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrmz8mgf&c=7622123239986&slotId=3811061619993&qqid=CIPB3L7N7YMDFTeOZgIdRggNAQ&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servedby.flashtalking.com/imp/7/226765;8025193;208;xml;DV360;DV360FY24CCPSPCustomIntentAUDSKVID9x16ECGenFillOMPPhotoshopCCExperimentCross/ Frame 3EF1 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/7/226765;8025193;208;xml;DV360;DV360FY24CCPSPCustomIntentAUDSKVID9x16ECGenFillOMPPhotoshopCCExperimentCross/?gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&bundle_id=&site_url=https://www.heraldsun.com.au/&pub_id=1&sup_platform=1&pbMethods=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=[CACHEBUSTER]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.239.49 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-239-49.deploy.static.akamaitechnologies.com
Software
prod-xre-app6.syd11 /
Resource Hash
d64827e485b593def6f2952b8307d2581d2a440d527b8ce8b9d59411c8676808
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
1731
Pragma
no-cache
Last-Modified
Tue, 19 Dec 2023 06:42:17 GMT
Server
prod-xre-app6.syd11
ETag
"a5096301d92f23b6cdcd4c9124963dfa"
Vary
Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Expires
Sun, 21 Jan 2024 04:06:54 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame DCE3 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
URL: https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-42.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 f4d47f321a3f6573a0cccf0776ae3ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
27369611
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
RkonSZdRqYiuBsgJnzsMvbUjpFzAjqA0jeRmMfwKBYO1q9J_oRIPaA==
mon
pixel.adsafeprotected.com/ Frame F744 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=0x0|1&pubId=5367917944&chanId=171638111&placementId=6436335771&pubCreative=138459058570&pubOrder=3274688055&cb=965833614&custom=homepage&custom3=168400391&adsafe_par&impId=80c350f7-b812-11ee-a8b1-0a0b5642f92d&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=ce&adsafe_url=https%3A%2F%2F5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:5f0b4e12-a922-5eda-a035-eec69193d32b,c:1VTvPd,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-564c979bd5-jvnj2,rg:au,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:479,mot:0,app:0,maw:0,fm:u1Y0YHV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q1%7C1r%7C1s,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.tn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:488,oid:82c3dc24-b812-11ee-9b47-8aaa0d07afbf,v:19.8.473,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.50.87 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-50-87.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
server
nginx
x-server-name
app03.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 53A6 		0
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
an-x-request-uuid
a7d0cce2-def8-4009-b5e9-8ece20dd3fd2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1DD8 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.42.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-175.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 1DD8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5432142544913378092
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5432142544913378092
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hXzb3QArA4Z01iZtxvcIQtUeSOcEHdYZPxoFjKjsh%2B%2BRWVT%2FEbpwPTRoiWkV81GXbganJ35LquhA0iqIBXIPlhgAUIBbL7%2BLdSotiLhxuFA6BqRiRtCFXMG29t%2F4%2BcNKoqtKjBbTnaz%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafee99715c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
an-x-request-uuid
118a02b7-02a7-47ab-b3da-8e115de95844
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5432142544913378092
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1DD8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gmiCxI1l1sGZbNqT0jvOn9BlhcKZbNCQgGhOZKr8
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gmiCxI1l1sGZbNqT0jvOn9BlhcKZbNCQgGhOZKr8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPaMl24mxUxw4g3MgLgsXMbd%2BqmhJcryuZIgwp5%2FzY9pVusK7bG1kuREffSib5JfxxwJfoLSFWwelzsRsbb7JkrFAJ5fWDNcPVxOaBk0xpjWsZ0y6dUX4B3QeXliQqGfY%2BJgFnl5QdvS4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848caff2bd1e5c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=gmiCxI1l1sGZbNqT0jvOn9BlhcKZbNCQgGhOZKr8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 1DD8 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.249 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jan 2024 04:06:54 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1705810014592051-45
Expires
Sun, 21 Jan 2024 04:06:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 1DD8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixp5FsgBUsNLlU0cTOLBBkLLcKA
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixp5FsgBUsNLlU0cTOLBBkLLcKA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp9tsnzNfX9PsNf2bR9xSpsMKH73dd5h5t20oJ%2FjUQUBZdIok8y%2BJ9U9I0eT3bSx1c2D%2F1Ve4vmXZ%2BgUWzBYzhfiDfhb2mq7BUVEATsabnjG%2FlOa6dbhF%2FNCJRz0XzKtshTI5F6QocTGFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848caff4df185c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=ixp5FsgBUsNLlU0cTOLBBkLLcKA
Date
Sun, 21 Jan 2024 04:06:55 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1DD8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.255.42.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-42-175.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 1DD8
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0d7fc1fc-3226-4bd9-a999-90a207b6c7ea&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0d7fc1fc-3226-4bd9-a999-90a207b6c7ea&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AKdGdMPe%2FYDCpP9Llc6WaBuANgiB68YhIA1r0oejr9s390YsUN4Aw3j0EcA4PsCatvTckH7llnlXFKbTjd2QOGh%2B8MIjuNz%2BGa64Fb%2Fhd8zSI8UpJNp8SulFh6o3q19Fkt9XUdkZQiO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848caff31dac5c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=0d7fc1fc-3226-4bd9-a999-90a207b6c7ea&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Sun, 21 Jan 2024 04:06:55 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1DD8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAXdi07LWTEAABRrlV6AgQ&expiration=1707019614
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAXdi07LWTEAABRrlV6AgQ&expiration=1707019614
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DCHi3%2FB4%2BLg0JMUk0eK%2BU8%2BUo0MFk9nGVE876FFBxJKzu%2FBjUp4xb%2BRfbRIoDx8Ew7vxE79IDH1bu6BpT8l1%2BhyMl3M%2Fw0BK6eW9SbBoHC54QtCPTRv3gOwVghmxoI9Phk80UzjnwwkrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
848cafeee9bd5c07-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAXdi07LWTEAABRrlV6AgQ&expiration=1707019614
Date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1DD8 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZayYWtae0Cl5WRAnQkG97wAA%265025
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
39339
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
848cafee3ad7a955-SYD
content-length
43
expires
Mon, 22 Jan 2024 04:06:54 GMT
dt
dt.adsafeprotected.com/ Frame F744 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5f0b4e12-a922-5eda-a035-eec69193d32b&tv=%7Bc:1VTvPE,pingTime:-3,time:515,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:912,h:126,t:488%7D,%7Bpiv:0,vs:o,r:l,t:514%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:515,n:514,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:488,wc:0.0.1600.1200,ac:NaN.NaN.912.126,am:i,cc:NaN.NaN.912.126,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~912.126%5D%7D%7D,%7Bsl:o,t:514,wc:0.0.1600.1200,ac:NaN.NaN.912.126,am:i,cc:NaN.NaN.912.126,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~912.126%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:u1Y0YHV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q1%7C1r%7C1s,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.tn,siq:489%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame F744 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5f0b4e12-a922-5eda-a035-eec69193d32b&tv=%7Bc:1VTvPF,pingTime:-6,time:516,type:i,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:516,n:514,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:488,wc:0.0.1600.1200,ac:NaN.NaN.912.126,am:i,cc:NaN.NaN.912.126,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~912.126%5D%7D%7D,%7Bsl:o,t:514,wc:0.0.1600.1200,ac:NaN.NaN.912.126,am:i,cc:NaN.NaN.912.126,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~912.126%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:u1Y0YHV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q1%7C1r%7C1s,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.tn,siq:489%7D&tpiLookup=ao:www.heraldsun.com.au*&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
match
c1.adform.net/serving/cookie/ Frame 4988 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 40F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5432142544913378092&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5432142544913378092&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e4f4458d-4752-4bd5-9271-a32cd3adc0db
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5432142544913378092&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 9BF5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0335911a-7a5a-4369-953f-66e45f8e417d&gdpr=0&gdpr_consent=&gdp...
  • https://x.bidswitch.net/sync?dsp_id=445&user_id=6eaa2baa-55e5-37ab-9353-f258d4bc27da&ssp=pubmatic&bsw_param=0335911a-7a5a-4369-953f-66e45f8e417d
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=445&user_id=6eaa2baa-55e5-37ab-9353-f258d4bc27da&ssp=pubmatic&bsw_param=0335911a-7a5a-4369-953f-66e45f8e417d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:06:55 GMT
Server
nginx

Redirect headers

Connection
close
Content-Length
356
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Jan 2024 04:06:55 GMT
Location
https://x.bidswitch.net/sync?dsp_id=445&user_id=6eaa2baa-55e5-37ab-9353-f258d4bc27da&ssp=pubmatic&bsw_param=0335911a-7a5a-4369-953f-66e45f8e417d
Vary
Accept, Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame E3C5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 21 Jan 2024 04:06:55 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F141
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1368ac9i7eel
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1368ac9i7eel
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 21 Jan 2024 04:06:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=1368ac9i7eel
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 3D9A 		85 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 21 Jan 2024 04:06:54 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12529-BNE
x-timer
S1705810014.414619,VS0,VE220
Pug
image2.pubmatic.com/AdServer/ Frame 6D9C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bafe19d50c9459580f5f6da5f83e476
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bafe19d50c9459580f5f6da5f83e476
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU4bafe19d50c9459580f5f6da5f83e476
pragma
no-cache
server
nginx
458249.gif
idsync.rlcdn.com/ Frame DCA2
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDkwN0Y5RkM5LUI0QTctNEZFMi05MkM5LUE3MDRGRkRDOTI3RhAAGg0I3rCyrQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b9f87dae44ac2f813c20e0da38f156f69996fe85f9cf5679b164fbb0dc33cbb5791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiOWY4N2RhZTQ0YWMyZjgxM2MyMGUwZGEzOGYxNTZmNjk5OTZmZTg1ZjljZjU2NzliMTY0ZmJiMGRjMzNjYmI1NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiOWY4N2RhZTQ0YWMyZjgxM2MyMGUwZGEzOGYxNTZmNjk5OTZmZTg1ZjljZjU2NzliMTY0ZmJiMGRjMzNjYmI1NzkxNDI2YjU0MTdkY2UyMRAAGgwI3rCyrQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=5874f849-da4e-409e-992c-e51fff756727
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=5874f849-da4e-409e-992c-e51fff756727
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 21 Jan 2024 04:06:55 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=5874f849-da4e-409e-992c-e51fff756727
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame DCA2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8736539291829164602&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8736539291829164602&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8736539291829164602&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame DCA2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M8ZuYmVE2uUrZjbZBlJL5Mmbebjc.pg-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M8ZuYmVE2uUrZjbZBlJL5Mmbebjc.pg-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-M8ZuYmVE2uUrZjbZBlJL5Mmbebjc.pg-~A&gdpr=0
date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame DCA2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&pi=pubmatic&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT, Sun, 21 Jan 2024 04:06:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame DCA2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7400542808841046203
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7400542808841046203
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7400542808841046203
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
csi
csi.gstatic.com/ Frame 3EF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrmz8mt5&c=7622123239986&slotId=3811061619993&qqid=CIPB3L7N7YMDFTeOZgIdRggNAQ&fb=outstream-lima&vmfc=6&vhc=0&icp=FTPrivacy&icdi=16x16&ccc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 3EF1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 06:44:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 06:44:41 GMT
consumer-privacy-logo-16.png
secure.flashtalking.com/oba/icon/ Frame 3EF1 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo-16.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.227.63 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-227-63.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Last-Modified
Thu, 06 May 2021 18:54:24 GMT
Server
Flashtalking (AKA)
ETag
W/"ea9218504eec09a337676178d9020356"
X-FT-Origin
us
X-Varnish
556791436 559328696
Content-Type
image/png
Cache-Control
max-age=981
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7281
Expires
Sun, 21 Jan 2024 04:23:15 GMT
dt
dt.adsafeprotected.com/ Frame F744 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5f0b4e12-a922-5eda-a035-eec69193d32b&tv=%7Bc:1VTvQ9,pingTime:-2,time:546,type:a,im:%7Bsf:1,pom:1,prf:%7BbeA:97,beZ:98,mfA:576,cmA:576,inA:576,inZ:577,prA:577,prZ:583,si:585,poA:586,poZ:593,cmZ:593,mfZ:593,loA:612,loZ:614,ecZ:642,ltA:643,ltZ:643,mdA:99,mdZ:541,idA:593,idZ:611%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:912.126,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:912,h:126,t:488%7D,%7Bpiv:0,vs:o,r:l,t:514%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:546,n:514,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:488,wc:0.0.1600.1200,ac:NaN.NaN.912.126,am:i,cc:NaN.NaN.912.126,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~1,0~0%5D,as:%5B34~912.126%5D%7D%7D,%7Bsl:o,t:514,wc:0.0.1600.1200,ac:NaN.NaN.912.126,am:i,cc:NaN.NaN.912.126,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~912.126%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:u1Y0YHV+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n*.10507%7C1n1%7C1o1%7C1o2%7C1p%7C1q1%7C1r%7C1s,idMap:1n*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.tn,siq:489,sis:545,sinceFw:57,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
FY24Q1_CC_Photography_Photoshop_au_en_ECGenFill_VID_9x16_GenFill_OMP_1920_1080_25000_3000.mp4
cdn.flashtalking.com/190521/ Frame 3EF1 		37 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/190521/FY24Q1_CC_Photography_Photoshop_au_en_ECGenFill_VID_9x16_GenFill_OMP_1920_1080_25000_3000.mp4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.227.63 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-227-63.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 21 Jan 2024 04:06:54 GMT
Last-Modified
Tue, 19 Dec 2023 06:42:34 GMT
Server
Flashtalking (AKA)
ETag
"61ac37ec9e53e4e89890d4e623447d52"
X-FT-Origin
us
X-Varnish
113280128
Content-Type
video/mp4
Content-Range
bytes 0-46602634/46602635
Cache-Control
max-age=29
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46602635
Expires
Sun, 21 Jan 2024 04:07:23 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 3FF3 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f33.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
48024
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Jan 2024 14:46:30 GMT
expires
Sun, 19 Jan 2025 14:46:30 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
pagead2.googlesyndication.com/bg/ Frame 3FF3 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
sffe /
Resource Hash
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
373768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19859
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 20:17:26 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTvRo,time:683,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:683,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B219~100%5D,as:%5B219~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTvRQ,time:766,type:e,im:%7Bimprf:%7Bttecl:1159,ecd:260,tsecr:33%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:766,o:0,n:446,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1%5D,as:%5B85~300.600%5D%7D%7D,%7Bsl:i,t:446,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:91,obst:0,th:0,reas:,bkn:%7Bpiv:%5B321~75%5D,as:%5B321~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o.10507%7C1o1,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:381,sis:674%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame EB36 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0uP9wmatT72tNUL-eumOQ3ZUS5ZC_PtGwjvdNWnmPN7g9ML-UP1GfWbAtgT9-lM3-bYTCzpGNvohwEsXjy2_UYBg9BPnKObqTdokmoE9wrSonDkQ0AntF9_G9goFMWt8sH4mGFBXDIisTf3EhDYr9i3Xe&sai=AMfl-YTHc5jN1rHOgudbLiEBqMx2bJDM-MIN6uBHvesyNOUvd4XhBaXdH62ujbA0tq0B_Q5Er0aGfxazGVqf1izt1fwdV3OuMmoqFE0XfVNRpjpxTx8K5OgBF5AA63qG&sig=Cg0ArKJSzBp9hybbDmcoEAE&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&id=ampim&o=315,28&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1016&mtos=0,0,0,1016,1016&tos=0,0,0,1016,0&tfs=673&tls=1689&g=100&h=100&tt=1690&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FF3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BEJQSXpisZb7VDezEssUPkJ6AqAoAAAAAOAHgBAI&bg=!bW6lbiHNAAZVxkGXdcY7ADQBe5WfOCmWsMB7sJ94JwApXEA6C9wZqhfTlYR_35j3RLkLFKY9SAWbjzQITL0gNWRurmVLAgAAAJBSAAAABGgBBwoAbYMU6NqGpWHNRbHJRJywgyYJHGnHUmmSnCNHqqbgklO3Tay8T8IXHPGeAwKxo6Q4r-3wytVRhnmM1kMk3-1Qsjp47ss8D40OwRbR4eWJI2coCrBPPcvTLasc_k3dgYq07ouY_c91MdPzqwbmOjmZAxWT_alcIHDVzywWEi20csUeYdjEIzo9jZmilUX1bUwZM7d8HyXeNbH5vWmAJOIA7LiHPpOlQockqB4J2McIjg89HDNh4X__JytbPV9c0LhLkYe2K3oqDdAOH9hXiWLHVILjVy5qsHKHX0TvKG3CwIL2mqALISOoti8vH4wQux4dCmCxWhHFw0n12fUXYMNNsJj8Cgn_6uZNysLwjuCNDkxp-llUyXPqkpW2sQ6uJdYDSvO4l-YJPS3xVJ4YHfTxGvct0G5Kt-pmyCkV0f1vtP6R7IP25VDEzi1jESREK2wQofcpIUYkqs8hxB5UPzbkYI7NWVja76JgrDWvtcnvHg4VNkxhTYhZhLFWthiKBhxMYCs4RKgSrb-bpXIwp2L3n_M-UbyKEUOOLmfsjyemiXsvfC7gDcCR2oud_rFDkV6c_srRVJBZDlH-y1vdktrjz77hKzyxRAqzldrjNsFk7xrsXwpLTc9-YqfRFz5G8TlYh9wrR1frWGwCOhXYXZ9S0Dp2lQyf0XkN25hr14c49sIqkVoIT9vvmA5DnyHNBaMlqI-jPhakyihocehn-Olg7m8RIniePbbBFY9MSNf_b5Cu110huXxMn1yZhLer-JJXcMzHJ2N_oIL9EWVvHIsV_ktmb4Hx6JhJGHYxckDTnLydtzYGLvIZHfXeYYxu4XDKrQt_kl0UOfUc7O9rSfpJy9wtIT4-zbBe93_FEZ9nFNWkX9bT_Kbtvmtd_GCr7hkTblC8jXgeVbSh-7NBOZ0R6QMUMJeyuiqs4L3HsO0wQniBgRtxti9QF0YQmrYUYMhKre3OAuC3CM6NB_pc3kqTwlTcZU8m5-wFcsv6uQoOGoZzY4heqmlRs9bRWWq5lyVVXurIQh32S-zvE5xF3-iz8dZL9b8lEWW1hlPjkEb1i4-UT0oCurhs9-QDdjBAydtTYo_-jdbiRorUSCsel2g02OJqDmwREv2f4Is2shwA6_ul3gk6ioVwUpRVrb7CP02jzN3bJ-JGUrc8OksPRVTPupPnzSG11a-7p3-k-ALZg71k5ZgyBKg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTvV1,pingTime:-10,time:963,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705810014723%7C%7C0b145b75c720d2a23a056675e55a62d4%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C3ac0740d18256b4528c179821bb35c16%7C%7Ca15821d940b6d928ad4aac7268d35f04%7C%7Cf5c610b8c0a07952b292c60a7f076628%7C%7C83a4e1935fb577684b8e85c13791c2c1%7C%7Cc3f60da4fdbe4f92e334fba62ec2dd3d%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EEF 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-pBClS_K9veq4zsR_RMVbcupMkvbSjPI9-T8Pne01lgv7-30CmEmp97PMPIrL8Ohhit8mELMb3xp-v0Vy-j5_6sEXF2SNImaeLGyT31IApPm_0CL6O9VS3dgQ-Bjjkpn5f-OS2x0POyhYcNHkawI4hLRD&sig=Cg0ArKJSzCEweSmi6WiyEAE&id=lidar2&mcvt=1034&p=541,1118,631,1418&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2320616304&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705810013191&rpt=462&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 744E 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnv5gDl9KdhOXqKqL6k6CNzqquxX2XNmzhpbDzlti9s0nfFGXvl0cV9X95xxpCG-M05xomZy6yY8pXl-QxMPo2vsTIsJ-u79Mv4jMn_AWhJTSN4cSXLCBdzhnGtp1ORrvNvot_NzitpJdogPf41RPkk4KH&sai=AMfl-YTPMaOoiqwG9nW08fykX47i7nsXVpxTQx1rvunKjbUK07eDr5ZwXJFvV2jchvT6-xusuiLdEeMpdG907gjeZas-6nwXym9C4_fsdhyVeo7gkNuWcX1ds7fDJhwh&sig=Cg0ArKJSzE06k55uuztiEAE&cid=CAQSPAAvHhf_VOvyF-qUcb6jHutYe7wm-6QUy9c3zoU7rWoECRW31eEbZrDpreMU44ww3G0oG3YVRCOZEuoqixgB&id=lidar2&mcvt=1036&p=657,1118,1257,1418&mtos=0,1036,1036,1036,1036&tos=0,1036,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0.91&if=1&vu=1&app=0&itpl=20&adk=1263259910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705810013064&rpt=628&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 57F5 		982 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54568076&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8786017630a53438f92d7c5de7d7af0db67135d420dbb875e073ee3b854eff05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 Jan 2024 04:06:54 GMT
content-length
982
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 86BB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixp5FsgBUsNLlU0cTOLBBkLLcKA&gdpr=0&gdpr_consent=
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixp5FsgBUsNLlU0cTOLBBkLLcKA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Jan 2024 04:06:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixp5FsgBUsNLlU0cTOLBBkLLcKA&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 4DC6
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=514b8e45987845539092ebfcaf572fcc
42 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=514b8e45987845539092ebfcaf572fcc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=514b8e45987845539092ebfcaf572fcc
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame F21A 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersync.aspx
dis.criteo.com/dis/ Frame 74C5 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 04:06:55 GMT
expires
Sun, 21 Jan 2024 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
259122
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 1CB8
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bUbF8T4SBsW2amyUX5isZQ
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bUbF8T4SBsW2amyUX5isZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:55 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=bUbF8T4SBsW2amyUX5isZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 5B5D 		0
0
ecm3
s.amazon-adsystem.com/ Frame 0860 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:06:55 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JT6RZDCT2BK0F77GDP9G
csi
csi.gstatic.com/ Frame 3EF1 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrmz8mva&c=7622123239986&slotId=3811061619993&qqid=CIPB3L7N7YMDFTeOZgIdRggNAQ&fb=outstream-lima&gpm_i=6&gpm_c=6&gpm_a=6&smb=Infinity&br=25000&mt=video%2Fmp4&vs=1920x1080&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&hcn=0&met.4=arp_a_e.1pa~atrd.1pd~vil.1ub&ua_e=1&umsem=0&ape=1&ple=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTw38,pingTime:-10,time:1411,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705810014723%7C%7C0b145b75c720d2a23a056675e55a62d4%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C3ac0740d18256b4528c179821bb35c16%7C%7Ca15821d940b6d928ad4aac7268d35f04%7C%7Cf5c610b8c0a07952b292c60a7f076628%7C%7C83a4e1935fb577684b8e85c13791c2c1%7C%7Cc3f60da4fdbe4f92e334fba62ec2dd3d%7C%7C1663701684,sca:%7Bspg:5c4365c2-c527-e52b-b13f-596cc327a82f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTw4p,pingTime:1,time:1545,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:380%7D,%7Bpiv:91,vs:i,t:446%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1545,o:0,n:446,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1%5D,as:%5B85~300.600%5D%7D%7D,%7Bsl:i,t:446,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:91,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1099~75%5D,as:%5B1099~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:890,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o.10507%7C1o1,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:381,sis:674%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTw4u,pingTime:1,time:1495,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1495,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1031~100%5D,as:%5B1031~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTw4u,pingTime:1,time:1495,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1495,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1031~100%5D,as:%5B1031~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTw4u,pingTime:1,time:1495,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1495,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTw4v,pingTime:1,time:1496,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1496,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 53A6 		0
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
an-x-request-uuid
9146fef7-a9a0-4c22-a683-14c89e3448b2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.160; 66.203.112.160; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame F744 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=5f0b4e12-a922-5eda-a035-eec69193d32b&tv=%7Bc:1VTw5S,pingTime:-10,time:1521,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705810014723%7C%7C0b145b75c720d2a23a056675e55a62d4%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C3ac0740d18256b4528c179821bb35c16%7C%7Ca15821d940b6d928ad4aac7268d35f04%7C%7Cf5c610b8c0a07952b292c60a7f076628%7C%7C83a4e1935fb577684b8e85c13791c2c1%7C%7Cc3f60da4fdbe4f92e334fba62ec2dd3d%7C%7C1663701684,sca:%7Bspg:5c4365c2-c527-e52b-b13f-596cc327a82f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:55 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame DCA2 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 57F5 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame DCA2 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60209213&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
838b8fdd247a12582aaa380e0a8abfa864bd888a01b348ef02b3a3c390193f51

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 Jan 2024 04:06:57 GMT
content-length
1739
content-type
text/html; charset=UTF-8
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame EEE3 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
50.223.150.220.in-addr.arpa
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:06:58 GMT
Pragma
no-cache
Server
nginx
expires
-1
pxd
dps.jp.cinarra.com/ Frame 8666 		0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.158.16 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-158-16.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 21 Jan 2024 04:06:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3189
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=851cdc80-b812-11ee-b2c2-6fd221ab7f7d
42 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=851cdc80-b812-11ee-b2c2-6fd221ab7f7d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 21 Jan 2024 04:06:57 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=851cdc80-b812-11ee-b2c2-6fd221ab7f7d
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
aws-apsoutheast1a-delivery-1
i.match
s.tribalfusion.com/z/ Frame CF0B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
848cb00458085723-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
848cb0033ec65723-SYD
content-type
text/html
date
Sun, 21 Jan 2024 04:06:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
10343
141
match.deepintent.com/usersync/ Frame 28CE 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 21 Jan 2024 04:06:57 GMT
server
b
cookiesync
core.iprom.net/ Frame 703F 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 Jan 2024 04:06:58 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-8cf2d81d8bd8@version_1.582
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 7E4E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 21 Jan 2024 04:06:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 21 Jan 2024 04:06:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 4FF0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FxkkSW971Rrp6N5&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FxkkSW971Rrp6N5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 21 Jan 2024 04:06:56 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:FxkkSW971Rrp6N5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-08b25091c44f984d9@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 9EC0
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1973209971654081089
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1973209971654081089
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 21 Jan 2024 04:06:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1973209971654081089
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame DCA2
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4a8f76d6523c1fb1&is_secure=true&networkId=17100&version=1&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALOivzFb8yQgM9x_jeAAAAAAA&expiration=1705896417&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALOivzFb8yQgM9x_jeAAAAAAA&expiration=1705896417&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
207.65.33.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 Jan 2024 04:06:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALOivzFb8yQgM9x_jeAAAAAAA&expiration=1705896417&nuid=907F9FC9-B4A7-4FE2-92C9-A704FFDC927F&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dt
dt.adsafeprotected.com/ Frame 744E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1851044&asId=5c4365c2-c527-e52b-b13f-596cc327a82f&tv=%7Bc:1VTx6Z,pingTime:5,time:5549,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:380%7D,%7Bpiv:91,vs:i,t:446%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5549,o:0,n:446,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:380,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B85~1%5D,as:%5B85~300.600%5D%7D%7D,%7Bsl:i,t:446,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:91,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5103~75%5D,as:%5B5103~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:194,fm:u1Y0YG4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k*.1851044-76751983%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o.10507%7C1o1,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:381,sis:674%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:59 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTx70,pingTime:5,time:5495,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5495,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5031~100%5D,as:%5B5031~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:196,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:59 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=a0a4a82e-eebf-5c21-803e-067d7a6f724d&tv=%7Bc:1VTx71,pingTime:5,time:5496,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:474%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5496,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:474,wc:0.0.1600.1200,ac:1118.541.300.90,am:i,cc:1118.541.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5032~100%5D,as:%5B5032~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:196,fm:u1Y0YGX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d1%7C1e1%7C1f%7C1g%7C1h11%7C1h12%7C1h131%7C1h132%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1l1%7C1m%7C1n.10507%7C1n1%7C1o*.10507%7C1o1%7C1p%7C1q1%7C1r%7C1s,idMap:1o*,rmeas:1,rend:1,renddet:IMG.qs,siq:475,sis:521%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.47.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-47-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:06:59 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame DCA2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 04:06:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dc_oe=ChMIgsHcvs3tgwMVN45mAh1GCA0BEAEYACCFg5ti;dc_eps=AHas8cAXGiH1zAxNQJsNQ2o1Js4arFfSqhD0nWeNLUMObZYyRxwjAnNriZDbgSoV40YnHfPSNqI7QxhsGg;met=1;&timestamp=1705810024108;eid1=871060;ecn1=1;etm1=0;eid...
ade.googlesyndication.com/ddm/activity/ Frame 744E 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgsHcvs3tgwMVN45mAh1GCA0BEAEYACCFg5ti;dc_eps=AHas8cAXGiH1zAxNQJsNQ2o1Js4arFfSqhD0nWeNLUMObZYyRxwjAnNriZDbgSoV40YnHfPSNqI7QxhsGg;met=1;&timestamp=1705810024108;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f34.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jan 2024 04:07:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=bSdfjDc-Vaie5hUR&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=15322&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=1905&t=BNM6cDC8u2E0DwP5uPRbD2WY2hU3&V=143&tz=-480&_acct=anon&sn=2&sv=Dz2puKBlw1-nDANuM5B6cyeRCpHtOU&sr=external&sd=1&im=067b0ff2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.197.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-197-85.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 Jan 2024 04:07:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.api.news
URL
https://content.api.news/v3/images/bin/c9f382f5b2c659d29d2eb804acc1d628?width=150
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/3ef65392
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/LdI8sb37WoFxVgiVqrQ1aH_KVpk/iOEiDNSrrb/ZV46Lw/KyxvJ/QtNEkI
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/_sec/cp_challenge/sec-4-1.css
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/_sec/cp_challenge/sec-cpt-4-1.js
Domain
dt.scanscout.com
URL
https://dt.scanscout.com/ssframework/uid?UIAA=08641750116573051724609479775623132067&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZayYWgAAAFNKrwN9&img=1
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| admiral object| googletag function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| jpf object| _vms object| nb object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| app object| indieApps function| setImmediate function| clearImmediate object| ADB function| GeaLoader function| 4dm1r11545242527 object| vidora_ns object| auth object| optimizely object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| wut object| abtest number| num string| val number| itr number| maxval object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| uetq object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| httpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc object| m object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent function| rdt number| interval object| nca_ipsos object| dm object| ipsos_ready object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| webpackChunk object| pbjsChunk object| _pbjsGlobals object| apsUnits function| DIL object| adobe function| Visitor object| mconfig object| SUBSCRIPTIONS object| SWG function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| googleImaVansAdapter object| _aps boolean| apstagLOADED object| apscustom function| UET function| UET_init function| UET_push object| ueto_97187ddff3 object| atsdetectionmodule object| atsenvelopemodule object| ats object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ID5 object| __id5_instances object| KAMPYLE_EMBED undefined| _ number| startTime number| duration function| omrhp object| npt object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| isAlloyConfigured boolean| DotMetricsInitScript string| account_suffix function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor object| lastException boolean| explicitPageView object| nr object| metrics object| brandmetrics function| __assign boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| __spreadArray object| _brandmetrics object| DotMetricsSettings object| $jscomp object| DotmetricsJSON object| DotMetricsObj object| diagPixSentCodes object| __iasAdRefreshConfig function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| ggeac string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready function| clarity object| clarityuetq object| Criteo string| redditId object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels undefined| oneTagObj function| ebDecode object| bsResponseObj object| categoryData number| google_unique_id object| gaGlobal object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __IntegralASExec

221 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChIKBQgKEIMXCgkI_____wcQjRc
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 48db39809cdae2a0564044c5fccc5f44
.heraldsun.com.au/ Name: nk
Value: 48db39809cdae2a0564044c5fccc5f44
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1705810007
www.heraldsun.com.au/ Name: lux_uid
Value: 170581000835212121
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A7fa07b90-b812-11ee-9d76-2b4f0dd74cd8.jlrACU6Et9mZnZMFswCtllLdHIBRzAi8xCQvF6rNesw
.heraldsun.com.au/ Name: bm_sv
Value: 7F6B6EFD80B5193E7C673AA8DE6A7563~YAAQXkDbF6GuFSKNAQAA8hkzKhbtmMBXe6tZzg+9emqbHci3OozEASgvWc6F/Z+WYEZkzO7K4FGhox5Sekd4ZwiaUwDjP3z+IdbiNxzwAEVNZp4jOsTw7M0n8F8wdsUUBfeASoJBwxOCGHeQMkf8oB39yuBtw7KkCxc4OGCoxj/nEfnXkx6VxTeV7wPDmCyZl1DhNTMvJwWTr/f8iLuirPsUHbMbmUG75tBYurSaqUhgmu2IaWc9hI982V+KNTjOsLyaC0WP~1
.heraldsun.com.au/ Name: utag_main
Value: v_id:018d2a331b4900208b1c16eb4f6603074001d06c00b08$_sn:1$_se:1$_ss:1$_st:1705811808905$ses_id:1705810008905%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.7398773534918541
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 7c86beb6-2a6a-40c9-a890-fb5aac1d7f64.1705810009.1.1705810009.1705810009.ff76a0e8-0406-4949-a970-0be694385726
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
www.heraldsun.com.au/ Name: AWSALB
Value: ZnfDPJ3+sXq8lcpfboSdUb5n/GtKJEP0+o6/9X8+fGT/IB9nYVPvji2RgDf843gyBhpxEM9MhnTbqeOz9UPQNV3Gfw/rEw3dRrcTUoMLipeNZN4p5ggdvwbYaBOd
.heraldsun.com.au/ Name: ak_bmsc
Value: 1D31E15833772958FE088AB87990D5B2~000000000000000000000000000000~YAAQXkDbF7CuFSKNAQAA7hszKha4x2R+cq1n/cw9R8fzSEXerOY0Y1vdcxsUiZl4B8M6XtlLSKM7X7YveMCwiXQIVafN3n6YuqMtDdBdIbKIbsFH4b4sUgZZB+R9TnvbnEVBgd5mi9LRATnT4kuym8OnmoONoKj3ALV4zMpEVpZBdHO0Mg9KeMyHf2t7yXoqnx9ifT2MwizBA9mIWUtmGwN2BSoA+MVvxndZRhAuX55zsjoIxpWO5dd8PbARQLWTIgiXZP/cMS93e7laPE1ux4InQdMrh2XQeMmuKQz3Nk8kMZhsd7sjyLaXruW435DhpeHn+iS8serc7FcnHi8n7k88Ff6bGqXiRfqVtmsCS7/WR7DH/DeP6dbV0LfDvHkzNE4JIpDzqE8AyM9sGYtk/plaYr/3hnwsKiiofpY26Tp1yq1Qb2ii2RWEx6zl4krNAQM9Sclv+RdnfrFfwLHOJH1IJyNQqiHtbJnX8cqvixkjsqD1OxpP+eP2FpyAfFpaNRhVpIY=
www.heraldsun.com.au/ Name: AWSALBCORS
Value: ZnfDPJ3+sXq8lcpfboSdUb5n/GtKJEP0+o6/9X8+fGT/IB9nYVPvji2RgDf843gyBhpxEM9MhnTbqeOz9UPQNV3Gfw/rEw3dRrcTUoMLipeNZN4p5ggdvwbYaBOd
.doubleclick.net/ Name: APC
Value: AfxxVi7Ma462lprPfq9KibeK-aS_Ja9odjghmozpml649FaRN7Hn6w
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1705810009278.446930319
.heraldsun.com.au/ Name: _uetsid
Value: 802436d0b81211eebab27131b6a358de
.heraldsun.com.au/ Name: _uetvid
Value: 80243430b81211ee9a5e1b28a519c375
.heraldsun.com.au/ Name: _cb
Value: bSdfjDc-Vaie5hUR
.heraldsun.com.au/ Name: _chartbeat2
Value: .1705810009415.1705810009415.1.Dz2puKBlw1-nDANuM5B6cyeRCpHtOU.1
.heraldsun.com.au/ Name: _cb_svref
Value: external
.bing.com/ Name: MUID
Value: 16B3DFA579AC6A322CD7CBA8789E6B33
.bat.bing.com/ Name: MR
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUm-ihv-660Bpm2rXY4KBUvBf6w6nxuFA_FB2H1BIZhS4_wIetGCnhTnHR4VRB4
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1705810009534r0.5301672679142537
.heraldsun.com.au/ Name: _ncid
Value: 1d1a65e241ef2207397eae7fce15ac84
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=c6a18724-1814-4849-8b37-1e7679effcac&Created=01/21/2024 04:06:49&UserMode=0&guid=ee2a826c-2951-4ef2-9265-8908597558fa&ver=1
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: 9auqnynFhnkUqa/ITaWk38B/+t6bbasdJ/e1vW6odMKZdm8iK2vavofMnMGu9bt1ZlXMYyjQ80JBIBXTdPHKkOSjRIkEpQhcWqzRD5q6ZlSFGB7huE4Q9VLuG2OG
.heraldsun.com.au/ Name: nol_fpid
Value: llvtxb8bdjvolmi2gwpicvksrhzy71705810009|1705810009912|1705810009912|1705810009912
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: NSW
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
.newscgp.com/ Name: sp
Value: f2ea7158-ca50-4b97-a744-4afcc4e728fe
.heraldsun.com.au/ Name: _awl
Value: 3.1705810009.5-e4256d64d7ae9aca856fd8babf461c33-6763652d617369612d6561737431-0
.demdex.net/ Name: demdex
Value: 08641750116573051724609479775623132067
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: s_nr30
Value: 1705810010030-New
.heraldsun.com.au/ Name: s_tslv
Value: 1705810010031
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 14946
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C8%2C8%2C1200%2C1%2C12
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_cc
Value: true
www.clarity.ms/ Name: CLID
Value: 31c1131ca30a4fc0a1f1abc1ded6063e.20240121.20250120
www.heraldsun.com.au/ Name: vidoraUserId
Value: ttl3jqm3mf17mhdet0mvgk8l3n69p3
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 08641750116573051724609479775623132067
.heraldsun.com.au/ Name: _clck
Value: 1ukkci5%7C2%7Cfil%7C0%7C1481
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1705810010219.de4db848-3f7d-41bd-a75e-fea212fecc93
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZayYWgAAAFNKrwN9
.teads.tv/ Name: tt_viewer
Value: 5d7080b0-3f8e-4ce1-bb8f-0f9154adeafd
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 08641750116573051724609479775623132067
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19744%7CMCMID%7C08620609435615307024607362925462446777%7CMCAAMLH-1706414810%7C8%7CMCAAMB-1706414810%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C1263729220%7CMCOPTOUT-1705817210s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19751%7CvVersion%7C5.1.1
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuFaA0_004c3mFaA0_
.serving-sys.com/ Name: G4
Value: 0009fM00PH_
.serving-sys.com/ Name: OT2
Value: 0001DC1u4Y
.serving-sys.com/ Name: u2
Value: ce37ea26-c651-4c13-8e41-b19fde57ba2a4Qv050
.adsrvr.org/ Name: TDID
Value: 1f1bf9d3-f050-4037-9b0d-b046229e71fe
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEw2rCyrQY4AUABSAEQ2rCyrQYYAA..
.adnxs.com/ Name: uuid2
Value: 5432142544913378092
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3AX4EmqdNpgLQtl9BPBPyiYBiTfxDzqNZN.tYEJof%2FanpqUrHiybD9bYul9pcZSn7iRxNJVClpnAaU
.heraldsun.com.au/ Name: _clsk
Value: 6atloj%7C1705810010866%7C1%7C0%7Cx.clarity.ms%2Fcollect
.imrworldwide.com/ Name: IMRID
Value: 81062611-b812-11ee-85db-838cb22a3707
.casalemedia.com/ Name: CMID
Value: ZayYWtae0Cl5WRAnQkG97wAA
.casalemedia.com/ Name: CMPS
Value: 5025
.casalemedia.com/ Name: CMPRO
Value: 5025
.turn.com/ Name: uid
Value: 8736539291829164602
.yahoo.com/ Name: A3
Value: d=AQABBFqYrGUCEGW2LlsoN47_UWrN2yRcSzcFEgEBAQHprWW2Zdww0iMA_eMAAA&S=AQAAAnpMMlhDd5pqLIPT6nU2Ku8
.eyeota.net/ Name: mako_uid
Value: 18d2a3323a1-25700000010d4dad
.eyeota.net/ Name: SERVERID
Value: 19885~DM
.rubiconproject.com/ Name: khaos
Value: LRMZ8K4O-1W-DC23
.doubleclick.net/ Name: ar_debug
Value: 1
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPVpUazVNR015TTJZdFpUUXhaQzAwT0dFekxXRXdNVEF0TVdSalpXWTNaamN5T1RSbQ
.t.co/ Name: muc_ads
Value: 852ba101-014f-4ebe-8017-0fcd1864de43
.twitter.com/ Name: personalization_id
Value: "v1_lBdyWH4Wyqud/IC4R3TzUw=="
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.83492687.1705810011
.hb.yahoo.net/ Name: visitor-id
Value: 3488116112889661000V10
.hb.yahoo.net/ Name: data-ttd
Value: 1f1bf9d3-f050-4037-9b0d-b046229e71fe~~63
.bluekai.com/ Name: bku
Value: pSL99arRgsUSmf/a
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwE9TBMxhBpDy1EWtBEzp1eDhBp/6BM98Bez8BpzNBM/p1E101eRlJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9eUeJvR=
.pinterest.com/ Name: ar_debug
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZkb1Zrem9SVFNqa0hsZThxTGZjVCtXU1ZON1VWUnJWR2ZtR09KbHJoT282NUJRRnVod2kycWd4SEcvKzVRYTlWMWVITTlORkFPdEdtK1U1YmVyTWNtY1pzanJLWUdEQmtwTUh2Y05zZkxLcz0mWS9iY1FERExVRjFhS2o3UmM0c1JOTkt2dVVvPQ=="
.id5-sync.com/ Name: 3pi
Value:
.amazon-adsystem.com/ Name: ad-id
Value: AzvjCR4S00_Ns_9oDJAUuyc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.google.com/ Name: NID
Value: 511=I4-QVluvC2ptPWPezlvZie8y6UXDv-4MTEECg66LYEYJMiDz09-7hAWG51pPIRT0hLLFJLzcv1L2j6d5RxhAcCBj1CIvpJdAvnztlqcNd7crYsrorlmbjHjdbqinURNysNgYbt0apE7vaWXUQGJBYpIJX1GQGZ3mz_eK0oHVF5o
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-1f1bf9d3-f050-4037-9b0d-b046229e71fe&KRTB&22918-1f1bf9d3-f050-4037-9b0d-b046229e71fe&KRTB&22926-1f1bf9d3-f050-4037-9b0d-b046229e71fe&KRTB&23031-1f1bf9d3-f050-4037-9b0d-b046229e71fe
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZayYWgAAAFNKrwN9&KRTB&22978-ZayYWgAAAFNKrwN9&KRTB&23194-ZayYWgAAAFNKrwN9&KRTB&23209-ZayYWgAAAFNKrwN9
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 907F9FC9-B4A7-4FE2-92C9-A704FFDC927F
.company-target.com/ Name: tuuid
Value: 9146fec3-8859-4bf3-b054-b3d62392dc7e
.company-target.com/ Name: tuuid_lu
Value: 1705810012|ix:0
.demdex.net/ Name: dextp
Value: 358-1-1705810010129|470-1-1705810010256|481-1-1705810010382|771-1-1705810010488|903-1-1705810010595|19566-1-1705810010701|23728-1-1705810010808|30432-1-1705810010918|30064-1-1705810011027|66757-1-1705810011135|134096-1-1705810011239|144230-1-1705810011348|144231-1-1705810011455|144232-1-1705810011558|144233-1-1705810011667|144234-1-1705810011775|144235-1-1705810011896|144236-1-1705810012005|144237-1-1705810012108|147592-1-1705810012241|461447-1-1705810012347
.tapad.com/ Name: TapAd_TS
Value: 1705810012295
.tapad.com/ Name: TapAd_DID
Value: 58d11282-6a19-4723-9e65-ea966d9c9d2c
.krxd.net/ Name: _kuid_
Value: QDFrgZhB
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEB-Ph7BaOBChhhEKMd6mLUU&KRTB&23025-CAESEB-Ph7BaOBChhhEKMd6mLUU&KRTB&23386-CAESEB-Ph7BaOBChhhEKMd6mLUU
.id5-sync.com/ Name: id5
Value: ad8dcfee-933d-7bc0-85c3-d496074edfb0#1705810011374#2
.simpli.fi/ Name: suid
Value: 9C050F375D134F57BA1B2323995CDD83
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYwODYyMDYwOTQzNTYxNTMwNzAyNDYwNzM2MjkyNTQ2MjQ0Njc3N1IRCKXSzNHSMRgBKgRBVVMzMAPwAaXSzNHSMQ==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: aus3
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 50d05f673ac545ca1de80dc3c714179
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.bidr.io/ Name: bito
Value: AAXdi07LWTEAABRrlV6AgQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!508
.lijit.com/ Name: ljt_reader
Value: IBsWDQZHrYvuaQK1REyTgp09
.zemanta.com/ Name: zuid
Value: VHSIHqduF1F18rksZIHX
.liadm.com/ Name: lidid
Value: 25aae4be-733c-4094-9951-8f410527da90
.openx.net/ Name: i
Value: fceca719-05c2-4f5c-9942-7012de2b96de|1705810012
.lijit.com/ Name: _ljtrtb_80
Value: LRMZ8K4O-1W-DC23
.connatix.com/ Name: cnx_userId
Value: 1db750ebdfab4e76a1d5b13ff6c8c7e4
.mathtag.com/ Name: uuid
Value: 336f65ac-985d-4200-b1cc-76e4b0e64f16
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIn4kld/8dg2GsvGr/qdDoVhU6bW/j6CFl4bP98qls9l/y0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe/CJdOGVheLg=
.heraldsun.com.au/ Name: __gads
Value: ID=d248b7105480ca65:T=1705810012:RT=1705810012:S=ALNI_MYdUO_iRtpFoY1oJ1YSnrH-hda7vw
.heraldsun.com.au/ Name: __gpi
Value: UID=00000cec2ac9e059:T=1705810012:RT=1705810012:S=ALNI_Ma6aFgHYwb4ngBME4QA5FriAaT_zw
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:336f65ac-985d-4200-b1cc-76e4b0e64f16
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKcmlnaHRtZWRpYRILCLirydaNkM08EAUSFQoGZ29vZ2xlEgsIhO-B4Y2QzTwQBRIWCgdydWJpY29uEgsIrNnQ342QzTwQBRIXCghwdWJtYXRpYxILCNCUveSNkM08EAUSGAoJYmlkc3dpdGNoEgsIzsPo342QzTwQBRIVCgZjYXNhbGUSCwjk5-jfjZDNPBAFEhQKBXRhcGFkEgsIqJz4542QzTwQBRIZCgpsaXZlaW50ZW50EgsIxquv7I2QzTwQBRgBIAEoAjILCJ6ispmkkM08EAU4AVoKbGl2ZWludGVudGAC
.linkedin.com/ Name: bcookie
Value: "v=2&0a51f972-6efb-417a-8609-d9edd1f9875f"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3138:u=1:x=1:i=1705810012:t=1705896412:v=2:sig=AQF_bBNDAUdjSR6Rh1aW1raTJIdIgFD1"
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSTVo4SzRPLTFXLURDMjMiLCJleHBpcmVzIjoiMjAyNC0wNC0yMFQwNDowNjo1MloifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0yMVQwNDowNjo1MloifQ==
.hb.yahoo.net/ Name: data-mag
Value: LRMZ8K4O-1W-DC23~~63
.semasio.net/ Name: SEUNCY
Value: B72DB12E5511233D
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 9dab1966-c0d6-4b1c-975e-5167d761154c
.prebid.a-mo.net/ Name: sd_amuid2
Value: 9dab1966-c0d6-4b1c-975e-5167d761154c
.primis.tech/ Name: csuuid
Value: 65ac985d3b6b9
.intentiq.com/ Name: intentIQ
Value: liv68Igknc
.intentiq.com/ Name: IQver
Value: 1.9
.adnxs.com/ Name: anj
Value: dTM7k!M40*fQBY/ghqdmU(3#tdcHu@#QlmS2jHdGhew9x<wC:f1c>ef7TjI7iIY#P[</bxn>ds#G^=xQ]P)wc3mWIh<RX$J$1t6[v6idfF0ny#U51B6oM?I_pJ2>T%NcC9'>K!#<@[#3*FY(l)FG-HnKMW]GHf8Cng[0ZI!R/:PsXH%!19uaTU4`e
.3lift.com/ Name: tluid
Value: 265384020342232523722
.doubleclick.net/ Name: DSID
Value: NO_DATA
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1705810013645
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVMXkweWVL
.intentiq.com/ Name: IQPData
Value: 1120628896#1705810013642#0#1705810013642
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.blismedia.com/ Name: b
Value: 65AC985DBD9F488B91DDC27CBLIS
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1707004800%3A197_245_226_201%7C1706400000%3A164%7C1705881600%3A248
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5864237D649706"
.bidswitch.net/ Name: tuuid
Value: 0335911a-7a5a-4369-953f-66e45f8e417d
.bidswitch.net/ Name: c
Value: 1705810014
.bidswitch.net/ Name: tuuid_lu
Value: 1705810014
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2gas:19e0~2gas:175w~2gas:18vk~2gas"
.adform.net/ Name: uid
Value: 7400542808841046203
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5432142544913378092&KRTB&23339-5432142544913378092
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7400542808841046203&KRTB&23263-7400542808841046203&KRTB&23481-7400542808841046203
.ads.stickyadstv.com/ Name: UID
Value: 10ee4d6e84db5a2dc737980f38d93fe
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZayYWtae0Cl5WRAnQkG97wAAE6EAAAIB
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8736539291829164602&KRTB&23150-8736539291829164602&KRTB&23527-8736539291829164602
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 1368ac9i7eel
.yahoo.co.jp/ Name: XA
Value: bf4c33hiqp62u&sd=A&t=1705810014&u=1705810014&v=1
.yahoo.co.jp/ Name: XB
Value: f1khru9iqp62u&b=3&s=nq
.rlcdn.com/ Name: pxrc
Value: CN6wsq0GEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-1368ac9i7eel
.pippio.com/ Name: did
Value: 1lBZvFMzPVeInIQ8
.pippio.com/ Name: didts
Value: 1705810014
.pippio.com/ Name: nnls
Value:
.quantserve.com/ Name: d
Value: ECsBDQH6KrjvsQA
.quantserve.com/ Name: mc
Value: 65ac985f-194ff-8d8fe-13745
.creativecdn.com/ Name: u
Value: 52k5XkOCgLYUtjTAyr4t
.creativecdn.com/ Name: g
Value: 52k5XkOCgLYUtjTAyr4t_1705810015036
.creativecdn.com/ Name: ts
Value: 1705810015
.ctnsnet.com/ Name: cid
Value: 514b8e45987845539092ebfcaf572fcc
.send.microad.jp/ Name: TR
Value: 8384423cb100e2da763f2184cc76640e2c7e40ecf5bef3da
.csync.loopme.me/ Name: viewer_token
Value: 0d7fc1fc-3226-4bd9-a999-90a207b6c7ea
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H&KRTB&19420-oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H&KRTB&22979-oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H&KRTB&23462-oaPNzq6umcu6p5WZ8q6Bmaf0lc-6pp-e86KEnv3H
.adx.opera.com/ Name: UID
Value: OPU4bafe19d50c9459580f5f6da5f83e476
.yandex.ru/ Name: yuidss
Value: 1279023711705810015
.yandex.ru/ Name: yandexuid
Value: 1279023711705810015
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-514b8e45987845539092ebfcaf572fcc&KRTB&23328-514b8e45987845539092ebfcaf572fcc&KRTB&23427-514b8e45987845539092ebfcaf572fcc&KRTB&23445-514b8e45987845539092ebfcaf572fcc
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b1a7916-c801-52c3-4b95-4d1c4ce2c106.MeXpcAJnHY9SzvJ3rNSUD9ocND1L2qdav8YOhwzWEWw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8b1a7916-c801-52c3-4b95-4d1c4ce2c106.MeXpcAJnHY9SzvJ3rNSUD9ocND1L2qdav8YOhwzWEWw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aixp5FsgBUsNLlU0cTOLBBkLLcKA.7cHJSn0tg3AzPkXx4rTzF6kZsiLHq5U5k%2FvtJUaqeeU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aixp5FsgBUsNLlU0cTOLBBkLLcKA.7cHJSn0tg3AzPkXx4rTzF6kZsiLHq5U5k%2FvtJUaqeeU
.pippio.com/ Name: pxrc
Value: CN+wsq0GEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU4bafe19d50c9459580f5f6da5f83e476&KRTB&23485-OPU4bafe19d50c9459580f5f6da5f83e476&KRTB&23524-OPU4bafe19d50c9459580f5f6da5f83e476
.linksynergy.com/ Name: rmuid
Value: 5874f849-da4e-409e-992c-e51fff756727
.linksynergy.com/ Name: icts
Value: 2024-01-21T04:06:55Z
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-ixp5FsgBUsNLlU0cTOLBBkLLcKA&KRTB&23334-ixp5FsgBUsNLlU0cTOLBBkLLcKA&KRTB&23417-ixp5FsgBUsNLlU0cTOLBBkLLcKA&KRTB&23426-ixp5FsgBUsNLlU0cTOLBBkLLcKA
.aralego.com/ Name: sspid
Value: 6eaa2baa-55e5-37ab-9353-f258d4bc27da
.adnxs.com/ Name: XANDR_PANID
Value: BgCvSKR4h_ToKuD29ieJZr_hACWy-FTlj53QtQuIWJUZzxfZkGSELwjkzhQyDDnRhQfGcVzPAZmMKc43f-AJbCCceNoOXRDwN0oFLdFekAw.
.c.appier.net/ Name: _auid
Value: bUbF8T4SBsW2amyUX5isZQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINvQVxW7yYhKIdFylJQUX6vfXH9NOFijMF2WsFBH8KDKEHwYBCDfsLKtBjABOgQ7vvenQgR7NuzV.BpzYKcUYxlZL9vN1nTRQFckuYe7pFxm8RSZlcdVNyGQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINvQVxW7yYhKIdFylJQUX6vfXH9NOFijMF2WsFBH8KDKEHwYBCDfsLKtBjABOgQ7vvenQgR7NuzV.BpzYKcUYxlZL9vN1nTRQFckuYe7pFxm8RSZlcdVNyGQ
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&KRTB&23047-t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&KRTB&23234-t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o&KRTB&23361-t2qR1XImws_zTopUxo58RNG57-QCKNO4_AfouCbMU2o
.rlcdn.com/ Name: rlas3
Value: 8H/kpd28OtK10pJ57qH9s8fFtBZyJO7A9kMWPtcp5HY=
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-bUbF8T4SBsW2amyUX5isZQ&KRTB&23557-bUbF8T4SBsW2amyUX5isZQ
.pubmatic.com/ Name: SPugT
Value: 1705810015
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: SyncRTB3
Value: 1707004800%3A5_7_220_22_254_54_176_3_8_214_71_266_179_238_56_247_96_233_107_165_231_13_264_209_234_46_21%7C1706659200%3A63%7C1707091200%3A35%7C1706400000%3A2_223_15
.dotomi.com/ Name: DotomiTest
Value: 4a8f76d6523c1fb1
.adgrx.com/ Name: ADGRX_UID
Value: 851cdc80-b812-11ee-b2c2-6fd221ab7f7d
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAALOivzFb8yQgM9x_jeAAAAAAA&KRTB&22713-AAALOivzFb8yQgM9x_jeAAAAAAA&KRTB&22715-AAALOivzFb8yQgM9x_jeAAAAAAA&KRTB&23519-AAALOivzFb8yQgM9x_jeAAAAAAA
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.w55c.net/ Name: wfivefivec
Value: FxkkSW971Rrp6N5
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-851cdc80-b812-11ee-b2c2-6fd221ab7f7d&KRTB&23275-851cdc80-b812-11ee-b2c2-6fd221ab7f7d
.w55c.net/ Name: matchpubmatic
Value: 5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0NzQzNTGwMDSwsBTiM9R1T_RLc_bJcTP0DogAAOZR6g0lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0NzQzNTGwMDSwsBTiM9R1T_RLc_bJcTP0DogAAOZR6g0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBqYWhgYGhhYGwKAP4S64sQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:FxkkSW971Rrp6N5&KRTB&23421-uid:FxkkSW971Rrp6N5
.tribalfusion.com/ Name: ANON_ID
Value: a3nt6ZaM0ing9PBmSTEpS6QJe35Zaq3lqETA9xgCPHnHJdbX4lbi2bUf04FDWykYlwZbPhZc2186awATiePTwt7bw8OSZcotZc
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1973209971654081089
.pubmatic.com/ Name: PugT
Value: 1705810016

9 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=619178697346.0709?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZayYWgAAAFNKrwN9&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEBY9qI4xAe6iZDEWG9Dtpgk&google_cver=1&google_push=AXcoOmSJSp5sNNQ_iOgkNdVHBE3fQHHr7AgzGh9w92U-X0oNBPcqm_T8u4cSA3yPzAbugpEaRp58E5bU6FTHDNpzDwSX9Kpgdkg
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5ae0bf07d291e83163d4cde8a00f1146.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
a.teads.tv
a.tribalfusion.com
a20352597942.cdn.optimizely.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
aid.send.microad.jp
alb.reddit.com
an.yandex.ru
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
bat.bing.com
beacon.krxd.net
bedsberry.com
bid.g.doubleclick.net
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.adform.net
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
capi.connatix.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.speedcurve.com
cdn1.adoberesources.net
cdn3.optimizely.com
ce.lijit.com
check.analytics.rlcdn.com
cksync.yahoo.co.jp
client.api.news
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.ctnsnet.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
connect.facebook.net
content.api.news
core.iprom.net
creativecdn.com
csi.gstatic.com
csync.loopme.me
ct.pinterest.com
d.turn.com
d2n6ofw4o746cn.cloudfront.net
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
eb2.3lift.com
edge.adobedc.net
esf1xmuqqofcnsuxgqgy6lu3bv8l81705810009.nuid.imrworldwide.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
ipac.ctnsnet.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
live.primis.tech
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
metrics.heraldsun.com.au
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
players.brightcove.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.company-target.com
s.pinimg.com
s.tribalfusion.com
s0.2mdn.net
s3.ap-southeast-2.amazonaws.com
script.crazyegg.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
statsapi.foxsports.com.au
subscriptions.heraldsun.com.au
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync1.intentiq.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.redditstatic.com
x.bidswitch.net
x.clarity.ms
y.one.impact-ad.jp
cm-supply-web.gammaplatform.com
content.api.news
dt.scanscout.com
login.newscorpaustralia.com
sync.search.spotxchange.com
103.229.10.171
103.43.90.117
104.18.24.173
104.18.36.155
104.18.38.76
104.19.148.8
104.22.52.86
104.244.42.5
104.244.42.67
104.26.12.18
104.80.232.152
104.80.232.194
104.80.232.246
104.80.234.7
107.178.254.65
119.9.108.191
13.107.21.200
13.107.246.31
13.107.42.14
13.224.178.105
13.224.181.11
13.224.181.6
13.227.74.96
13.250.207.233
13.35.147.10
13.35.147.22
13.35.147.40
13.35.147.41
131.153.206.100
139.162.40.113
141.95.98.64
141.95.98.65
142.250.204.4
142.250.66.226
142.250.67.2
142.250.71.67
142.250.71.70
142.250.76.110
142.251.221.70
142.251.221.74
151.101.1.140
151.101.1.229
151.101.128.84
151.101.129.140
151.101.129.175
151.101.130.217
151.101.193.108
151.101.194.49
151.101.28.157
151.101.28.84
151.101.65.44
157.240.8.23
157.240.8.35
172.217.24.33
172.217.24.34
172.217.24.35
172.217.24.38
172.217.24.40
172.217.24.42
172.217.24.46
172.64.146.152
172.64.151.101
18.138.170.160
18.138.18.111
18.139.46.221
18.143.106.89
18.153.252.252
18.244.214.42
18.67.107.130
18.67.108.56
18.67.111.88
18.67.114.43
18.67.92.138
18.67.93.100
18.67.93.129
18.67.93.23
18.67.93.30
18.67.93.44
18.67.93.59
182.161.73.129
182.161.73.145
182.161.73.146
182.22.28.252
185.184.8.90
185.84.60.23
192.96.203.13
195.5.165.20
198.8.71.131
20.114.190.119
20.50.2.28
202.233.84.1
207.65.33.76
207.65.33.82
209.191.163.209
220.150.223.50
23.198.51.98
23.198.59.89
23.198.63.128
23.214.35.161
23.214.44.119
23.46.34.73
23.48.96.232
23.48.96.249
23.48.97.11
23.52.227.63
23.52.235.84
23.52.239.49
23.52.245.131
23.52.246.153
23.52.255.186
3.233.89.241
3.24.81.246
34.102.253.54
34.111.113.62
34.111.140.246
34.124.209.251
34.149.26.226
34.160.169.226
34.197.62.181
34.96.105.8
34.96.71.22
34.98.67.3
35.186.193.173
35.213.109.249
35.213.12.39
35.214.250.92
35.244.154.8
35.244.159.8
35.71.131.137
35.78.136.80
44.209.190.13
44.213.227.236
50.116.239.135
51.75.88.178
51.75.89.127
51.75.89.188
51.75.92.187
51.75.92.37
51.75.93.54
51.75.93.98
51.75.95.112
51.75.95.135
51.79.154.29
52.1.47.4
52.220.44.78
52.223.2.229
52.37.23.212
52.46.143.56
52.62.123.0
52.63.50.87
52.72.60.253
52.77.143.203
52.84.251.19
52.84.251.34
52.95.132.171
54.153.211.209
54.199.158.16
54.234.197.85
54.255.42.175
54.66.223.253
57.129.22.38
57.129.23.120
63.140.56.170
63.140.56.177
64.233.170.156
64.74.236.223
67.199.150.81
67.199.150.87
67.220.226.233
69.173.158.64
69.173.158.65
74.118.186.107
74.121.140.211
8.18.47.7
8.43.72.97
82.145.213.8
89.207.22.76
93.158.134.90
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
01b5bedbf089e7be9e47f79a2d73c4270aed84ec81aebe720608ca8ab6d3b13f
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0241f963e2e777bc6e05666a1784ff08c1078953124bdd9da249128708546f73
02a8a793472ec4c530efc75a259ac3ccafad18a1f56e68932ea3d8a2daac8481
02d6459c4f8f1b88ea841131c280b31a8377fefbbf7661889d5daba621f62057
03827037016737f57d86b93d6de8aeebd412ea68ceaebe1c5e5d588708edc2fa
03add71f89b98b42896817f9e17c06b20069ba5d8b6d7c0c3591aba8f1720fdb
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
04e12b2ff5f6b37f95aedf0b5b92eaaf28b5a9e754639cb28ad5927ac9b9c905
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09fe0b6d97e865973cd45575e59938eea863d06492ee6a0bf3df30774f73ca21
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0e87324ef196741f0048501fcda4f505b67464e010724be71f2eb917c0a3561a
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e
10752e39650ae0e10a7917d4e282603a23d5fe7861461a76188b2e7b231c2cde
1299db112e92420aab3755328e93d83e295a26e828796d31138a3c61ebedce3e
12a3170ec516303dd7108508ec6c5b44d8fc14f906a72e03fa65771199e37b5d
135c38980e286aa356cd151198e12d0f3c577531dc068bae2ba82d2945ac60f5
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
14faadd4e6b9c2390dc409933d0c70bdc4c7f85b48a26efa7d2e766df5a2341f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16850aaf8357d741a310c06651a10b56cd42f6ebb5a692dd369e9550dcc4eeda
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19581e27de7ced00ff1ce50b2047e7a567c76b1cbaebabe5ef03f7c3017bb5b7
1ab4134369398656a18ff7a84a790b2bbbe88282c75af9e05b4884fba83a296c
1c21be9db4a5aa36ef2488085f60682b852099e863f6b9d87647f17761cf9e3a
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ede8596649cc4007739d7accc5f2dcc82aa6add56aa19067ecb468c0af35381
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fb2f44ceae6aa37d8e069e42cb2f90c3a59523e0f0f184a6f281ec82433d6f9
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2153668c8343c17f860ac3b1cd600c6d54fb38ec1fe13f324c7fb84442a7b6f5
21762b7c0a9bc4f20de49bfe3aad971f27e672a5b2baab7a0772a16624cff864
220107cacc48efc3973db9f68bf3a63b15c435ddde7c970ac462fafd0a95999e
241d7a90b4c0b91ecf1f43e0ebc018e0b66b3ca25705c3fe7567b29d6c9605cb
24ef5c31b2152ec20322b593ce5693800799ca384bee7e40c924efd152f1ed36
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a7850e7a2b6bc3b0361297af6390fd73b1ec3a8a99cd84fc253efb067baa0b
28dd4b91a4b594a6b2a86fca3ffc3c0eddd2870ca779fb57846a371baeaaddf7
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b5b5c5a477fbef8dbdb68a01bd234d5dda7c05e221cedd93c198a362ff81758
2b782f0dd5cb96af854693f2d9a3224ed923fc019267daf87390c9ba5f1de548
2c22a9522b2a5b68a8ece54d4874ab1da85b34946cd98868705ed010cdb6e751
2c5242516baf3260886d2d6708cd72fa1ea11c81f7d0ff540b8c574dccdd609e
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323f9a0be855e90d1a7cdeed1bfbe57ad610004aaded5a12c52490ce5833f753
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a70c6fbc9b25df449f6df29f657dff5d55f9950f881654a076067295a1ce657
3b3077783c51c8729efd59143c4a9fdb4810e0651c4ccc802f0019a4aa3a2ba7
3b991be47fdc8d44c88f6d66ff7d68e181a6babd7f54b1c91df56aa83aeaf4b4
3c4f6c57ef3cab86ee4e4aa0b06703cea74a5d89e581fd540afbb570074015f2
3cbb17ce946796035eb3a1d9bf9f23b21b343f0e2e6b4445802c06388bba2e3b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
3f3c9d57240af0f93997b919f5df9a17f292d2e6359d28f308a3e596f7a4024a
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
3fa367d34569889ac9e1e8bb31eca0070e5fc83593e767664a7df5932209ba6e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411dbf5864c1ea1973cf5ee4714b4defe820600412aab5bc856fc983a791954f
422fff1f81eab2ceda5bbb8fdc6aea7eef436c8d1dd5bd35c6269013e6267ebc
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42b687910fa4938a9e168d3042e982de45c4f939795e415df2768dfbe84e17b5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42d00df74ef93cbd88bfabf059b8cc053c8dcb163cb8a7c5fa3cf618b845d905
432383a9d063e565fc52bd6edf809a2c539f7cf559994245861a1eaedba07a27
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c87b8ee3132d1162b7e1fe4c26cff5759a4ce660c38736815fd9e815879982
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
485154e0a8595248b8dcc3a7728bc5c1a4f112c6cc2a9b02843d064befe380ba
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494555c97306dbd917df86a5a1058c4518f843fa9be103030f8ae0e290c18f4b
4994c796a8d085e4429765c4d2849544cbd1bf6273c9697eef7925d84237c221
49ff252019c0ddf3cf64097a96858aa6569fb34ff308f367fc41f3e0d638a444
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0e900d88a4d79acc98c18901c221ff93418f92cfb8e3b10f5030b5d026071a
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
4d1d5973860243283b36d6b45058ea45945dc29c172b51f7e766208d14671779
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4f1408a5c32b4970c7c6b5ea2fcf8ac77de2916a2b8813d1c285d4840a90337f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51540eb57b2c3e809c1a6f8609bb3fea3df63ef7b56787365d051e505ecf9b30
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5295b849d0a9aca0c8ae21a716dabd0a99819f437b3ce2eee366b96835d2d595
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75
55e798d8ba9ed6521bd609d225579352015d66291d8401bc22a01d7b9b594732
55f0911548582dcbfec33ee6af63ba747bfe48fa13d39c163cd41920350814c8
5be95e759a87e17f8d8b0ec6852338e9c29fa924ccd13be21873aa3533a34f7b
5c4f333e017c9640455e5799950b8fbebded3b1f815debdb6f78a6bc9a599faf
5ccc09fdf107c1a69faa7d4b0dd9e409f9f3a91b44c2f6a04cf0144d7ecdfd24
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5ea6d83b67f5ea70dcbac2680dba6849b176e06ae130dcb82973fcf665d6d0df
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ee8d9eb05858b071e65eca79b3be556ff54005b47639e472a79b07494b7998b
5f2aaeffffa6cdaba55276ee74c7b0d5028c79d369fb95cd978049f343a3972d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
6092d5910c38d32ddfc1f0c55a265c3984f414b00e609d21ee795af6737fd044
610365a5f12795cdd4bba06c96bea7f8186f9765d719f7bb33abe7cc7961efd7
6206831bd518b14e63a0736b35825ed49d4f2302baf1b1629de6075247524e3e
62100636b84f08dea9a48ad2460825dbe7e35d61f0d993a081fb8edf64647633
64cb89442a1c7beb6fd0c6860addccb36400ff4d9e71bb9edcb9de9bab3be45a
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50
68090a50dff31ecaf3fe5037b0dc74ad158f2480a7908f9b610fb0bd06ec3794
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
68d941ef76ef9789616c88d4cb4cf57ae2edf0d11a1c97e5d5c6042d4413891e
68feb347199af0bba16467c33e95d94e76d6340d8572910030a12d34e46fabbb
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b44b560be04ddba3af44f712f0d53bf57af2a26c2cf38d89168030df3c8e433
6b5d117a0046bb80abe3be9520b39af81ddb705a7b969def2ade3ed47e34771f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fbad25b80edaa437b24ca5bd5e74e7e0467dcabefd5d7c94768d3be78bb5519
6fc12551a010cc55eb5348e610e9d952c3cd4e881dddc96b66ee051282cd9a03
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2
72045c6b93aeb78e8fe8ac11d57b8a921c22ec2bcc9b0e0e3965a436e56e0d22
77cf78c63c31e57691eebb0cecaf9253c9902b93ff70f0ce2269a43e336de164
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7a1a2e8a6f2056c27ec7da88d70dfacd8ac07bad116afc1b3ae0478b397077e4
7ad0980510ea24087eb7fd50d0fdb30a0ec29eafa3f2b46d80e82264f5694fae
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bef2aad25dc3c6c0e66457d3d28a69010aced90a4c8ccf41b384f1225cf1d82
7c63d5e9356b64e1027b5bd8a5cf9db370e4626df8e46255000c53c69884f510
7ca892cbae8c423fa2517275674a017e8d6ceb3ab1cb55b0c483aedfc77f2212
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7d480c568161ab0f058ba6393348d1a1ab938c29970cf43571b5f89c4a69fe84
7f8d8c03f2c24eb216b6a05d32b1a0abb838f314400fc0cec21c1dddee49ff14
7f8e5d99a87f6ae2d4f2bf02852f46a56eb8c240591e337a8894b8723689abe0
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
829988b63aa7ef15d7a2ffd3d8390bbc76abd7553d2a6e24a7b6e3f70a2aec55
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e40ea50c00d933436ccd0702494eda05640f2e619a9c82bbe75ddff44a7c20
830268e715c355e3289a5c458c4925cb38aa132579d828b024bc61c24be54d40
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838b8fdd247a12582aaa380e0a8abfa864bd888a01b348ef02b3a3c390193f51
84ac63fe5a7f0767aa1559d03737fa4ee0d6701144529d1506b09ff245ea9a60
85066d08f8ada283de39ac720f9c5020cc0210183e4a747e400f3dc96cbd817e
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
8786017630a53438f92d7c5de7d7af0db67135d420dbb875e073ee3b854eff05
88368ae9b2482d286c5ed652a8b6c94f220d5a4a00cb502e19cd6bda85d39da1
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8a8c35898b3c720a9de12c22e1bc7858d4b3227c5d568806829d621ca2e2a61e
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8ab16e3fea8a6ea7f5a151da3acfd6826ea94ee31a2d894d1de64eeedbc73a94
8ac7a7e3cca7249de345b8285948fc3c75c4feb3d4e3910b771bf2d66026b5b3
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8b4ed66466f4440bec6f97ecf822be57ec4350e55be30c458efb3657ce505549
8b78805de7287a5355999ae04c646ae6d3a919cf3eabe8b452c98f2ec0456dc7
8c7e53b982d18cb4565c9b9d0b668373d6e32cc0feca44ef402476f77845bf3f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e17ce34a1730596e106292a3e0ed2266e8d17e8eb40ca411d9e03926b33ccdc
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f4e10129f7f91b46bde28b59066a42b38941d9503956ef28a1ad88d0cf8c1ec
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92ef866d70f202b1ac87a6c10b182335bb859ddc4adbef532537714675d2099c
945b317583c8a1af77063aad1ba55e6b549ff7f36a6dd47f4633de30db9239c1
95ac383c4fa19e0a921e9d5f41e2ccf537d4988c70696192739a0ab87a91801a
963ee560123ed1702142171e8758bfbc010605d958b71dfb271443070cb52cb9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9910b69240abb1d5bd4992ecf3d6bd2c4d4628dc6c0d0df65c84ea4f10113576
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aec0fede341e426aa4a07e3b0d310508c48ab0f0dbe595b038cc79797cb3190
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9cd9ec27aaa0a3f68ce9e133be641e1eee63f01903006f776cf4042f79d48f90
9f886fab30f2afe60f71e72254849f6afb57e3df7f16e9158ef6e91c84211333
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b5b5eaf2306b47b262c8ec712473894dc04865adc20f325e4733d5ca4e273d
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a259908a9faeec7493d765c0a1defb3cb254920fa50b04e6b21b9e37c43abb79
a297331563fc894baf99a4d19de73dcf1c449f675e2edcd9d7707bb25affea44
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9
a4d545738370d0190c0629df2efd5a552b3fd857e728ff0340374f8067e56e21
a5174fe4188937e5417a74146825945a39579534efb17da6ce918371752635bf
a5409ed14e9dff7a05818b8dbedd143cf9dbfb9dafc9cb643c7c8b7b75ed94d7
a62417467fed981763f49bba9fa1e0af37a169476b186c0bb8ea6227e2d0ff49
a6515fbd1a531084eaed1d484d70f4f43a7d79df9f60fc260b8973f034dad45c
a8de4b62e2e04f2795d160ff49d1d65bba4f1f2b97decb4e5f3e792bcf2cc61c
a925505f3081d8806a240aa875ad4e470f2c6f4413175cd5701e18172487197e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8eb26a2413ff03d2ec1e417af71eedc6d5f2a92b0da08615672e20690302e6
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af37a3c76099650c6e1a954279b846edd976e5d75e52ab0420b37ab42c019a93
afe27501598b040ca0d26df43c834981e317ca9d82ec6445eff4bd646e7611a8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0a1f192e81bb6ad28e001ed495db8da2e4e0e43bf402ed8c4090770ea0353aa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232164dba924938a176fd39e925a924e6cff0ccbccb582f6c3ccf560d7f0fb3
b68136e0a50da6513b6f743a2e86cc31b9e554b220147f9879bcc12d1b5df357
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b828e919c2ff55a336488d2ac02c554c1b69b0b662e2e0e6cb230f0e47cd4b6d
b8ac9bc919e3c2ddf824ebcdc9b70e0dfb573d21d1d82537fa9cabb74c70770c
ba97fdb79551ec612f180093a000ae30f31ac9b2e82304a771ea5b502aa09352
bb2691182293eff7b053a4b4973de4b4338774394d025b3d2534e0d04eea388f
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bcd5ea3e52768c9daec64ac234488bbac1d24455a9bf61e9c2f4c39e9b52bb85
bd1eeab01ddc90adab4171265ea26531a6809f200f42b5d0e00912851dc8c370
bd2d61a87757e3ba66b2864402f25e2971283df96e5a675fe73c1f9b33d75328
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea851ff89c11e1666fa97026bbcb7f6a96e33df954f5c94c1229247891ca04d
bea9bf7def21dd40b781823407a9a48764c5b7650a1cd228f262436c513f10e0
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25869eb3a3a25112591dabf8a3d5bb6c62dc4f40350c364c3840396f017938e
c2a81174ddee03c5d852e13f9724bdc501e044bef98411e44145d82be280ea07
c2de717bdbf2300b7b619ec1abc06cd778a9211121f8c8e2a43cd0c720cc7b0e
c45d49e8fa7d77cdc64b71878344b69b3cf73f9048ab5ad6c43866d2cb6838f6
c4d1ce66cdf820154e5a2d83629eb60c74bbbd50692fbb5568dc34bde274c031
c5028b188ad27092142879b6756c5f24314139311815f2f57dc97c7d36a44a7c
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c58e5011e1291d8f1320a3f76d46705de90fabd440c912d68211a17dff18d61b
c5c6abefd29583b3c5d2390204dd9e1490ed973f2fd59c684176b7117f3ec117
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
c80f1606fb70e6c616aa84834000013474d75cc6abed9a6c24664ec9c3c31909
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cbd56f0baf7fb7e448947d1918f1d4845484b4ad9b593a23a3c60720db376893
ccb31b1542aaee2eb3ce785ccc2b5ab2b009461292d220cd329c2112da343826
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
cdfab6ef2581a9bc24c2d1bd2b7d6fb5d9f94d7383981b92d7a5873a9ab41c99
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d069db23f49f65064f0488f9653037d47c757af49b033d1066b92d23709d4d4f
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d5f41e8c57dc986e2921723ceb4fc17197802177d71d4d1de3564c918ee62ec0
d64827e485b593def6f2952b8307d2581d2a440d527b8ce8b9d59411c8676808
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dae930d02f38b96a08d5c3466b1da3acaa614c13e6a7e8a9d8491ddeed5c78d1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd234c39b4ed235b03089bd5e0a6a61f500e4167a9c3bfd90aa706e8d54c3ac8
ddfa452f752c05d749643b4221e6e18c92c0e8b6085b5ffa0ffe357935dbf60b
de1a1895fea0046b65904915fa63de74df18d60bf5bb2b3063ca625af55ab7b3
de44e8986e5ebd77e11ff08871ff5f06a75302fcdcc2c544a30c71c9f3bfd8fc
e10dc16e162a41647dbffffcfa1f7352f8fabe0e25682d23020f8affce021129
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e1d6fac818f24b4e5b81df28bebdd77a4453b729021b64d2c5cb08a03969fd83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b6f8f64f8ad4554ab9f2ac75848a32bb1986ee7bb5bfdd2a347c5ab0e4d33a
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6d24277cf1bb2891a7cbb2e55730e596104d6e606f68ef5b4e471c07d965ff4
e70c4605cfa84bbad7055f51b13fc721c9323cc152f47c7e4c491a3c8177590c
e7d9ca9b4b105ab445d92340939e202c7a8713fdcf46e5b248a256d5c3fbce09
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee533f9b5f4a128d01ba3c170ea728a02705953ba7f615766aacb4c412305cd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
ef5184bc3d8518210bd52dcedd01dd73c3ecbbfdeb7e6f5bab82ac73539bb449
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f03d0e9f3d358c79e511a19fa83803eefda9a1fbce11e4b101cc9d493a4ac624
f0ef50bf45765ae087cc01984ebe59f10ff50a76af8b0677dda5b436347ee9dc
f141529a6db704f9b8dc476646c827fd35c79de0330716a60659c9263e7d78bd
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f1e5f48917032af2bcd1ff0180d41c30d2c66e850596de5d92889012546bb5f9
f25dec6bd039dbd88cdfaf19f59a95ae3f6a61c7e8d3bf18c40382db87ac4c3d
f3daba9a3ddf58d8ff40ddea8804a7b699201a55a7d9a93600a16cf12209aa0a
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
f68db8e6212a36000a6b12a495a3b4ecef287cfd1652374a083e9860ce5930f9
f771914c7f10c23153264af99672d8af8275b2af56955db6b3357800d9d687b5
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f89d6d9c00fc745757672bfb13512202b3538a13137945606f3c79851951a66c
fba6ca7967aeb19e295f35214bf80d373be5715023dfa62b9128a5d1684d96f4
fcc3eaed6d5a9eea1ec8c3508bcbb6662c0cfa5c45855a5696cc83a0b1601a10
fd829029d2e658294db89024b1cdd87d2f2460abc9e5e6fa4efaed2181108ed5
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322