urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
104.83.196.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Submission: On December 16 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 144 IPs in 13 countries across 125 domains to perform 671 HTTP transactions. The main IP is 104.83.196.116, located in Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 269599.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 43 104.83.196.116 16625 (AKAMAI-AS)
1 11 104.83.196.200 16625 (AKAMAI-AS)
14 23.54.56.214 16625 (AKAMAI-AS)
1 151.101.66.217 54113 (FASTLY)
1 16 151.101.1.44 54113 (FASTLY)
1 52.95.132.94 16509 (AMAZON-02)
27 142.251.10.132 15169 (GOOGLE)
2 34.160.169.226 15169 (GOOGLE)
3 151.101.65.44 54113 (FASTLY)
1 4 13.33.88.129 16509 (AMAZON-02)
1 199.36.158.100 54113 (FASTLY)
1 172.64.132.15 13335 (CLOUDFLAR...)
6 13.226.175.15 16509 (AMAZON-02)
3 104.69.108.119 16625 (AKAMAI-AS)
4 23.54.56.153 16625 (AKAMAI-AS)
3 9 141.226.229.48 200478 (TABOOLA-AS)
1 3 172.253.118.148 15169 (GOOGLE)
1 13.33.91.15 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 18.155.68.27 16509 (AMAZON-02)
2 34.194.167.128 14618 (AMAZON-AES)
2 151.101.1.175 54113 (FASTLY)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 23.72.44.233 16625 (AKAMAI-AS)
21 52 74.125.24.154 15169 (GOOGLE)
3 13.33.79.24 16509 (AMAZON-02)
1 13.35.8.87 16509 (AMAZON-02)
2 172.67.69.247 13335 (CLOUDFLAR...)
2 13.35.8.73 16509 (AMAZON-02)
1 204.236.153.238 16509 (AMAZON-02)
4 4 124.146.215.47 2514 (INFOSPHER...)
2 2 54.93.142.150 16509 (AMAZON-02)
1 23.106.127.39 59253 (LEASEWEB-...)
9 14 69.173.158.64 26667 (RUBICONPR...)
17 103.231.98.194 62713 (AS-PUBMATIC)
14 16 35.71.131.137 16509 (AMAZON-02)
1 2 63.251.14.3 14744 (INTERNAP-...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.52 59253 (LEASEWEB-...)
1 18.210.55.209 14618 (AMAZON-AES)
2 2 182.161.73.146 55569 (CRITEO-AS...)
8 13 162.19.138.119 16276 (OVH)
8 14 104.254.151.68 29990 (ASN-APPNEX)
4 4 103.229.205.243 30419 (MEDIAMATH...)
2 3 119.9.108.191 45187 (RACKSPACE...)
4 5 107.178.244.193 15169 (GOOGLE)
3 4 185.84.60.21 198622 (ADFORM)
11 11 35.213.12.39 15169 (GOOGLE)
3 3 220.150.223.50 4686 (BEKKOAME ...)
1 1 220.150.223.52 4686 (BEKKOAME ...)
2 2 18.158.185.48 16509 (AMAZON-02)
3 6 34.98.64.218 396982 (GOOGLE-CL...)
1 2 52.223.2.229 16509 (AMAZON-02)
1 35.82.246.6 16509 (AMAZON-02)
2 2 54.81.22.167 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
28 172.253.118.155 15169 (GOOGLE)
5 172.217.194.157 15169 (GOOGLE)
3 18.208.87.237 14618 (AMAZON-AES)
1 16 34.212.196.215 16509 (AMAZON-02)
3 13.33.88.94 16509 (AMAZON-02)
2 184.87.193.91 20940 (AKAMAI-ASN1)
1 13.35.8.40 16509 (AMAZON-02)
1 52.88.43.167 16509 (AMAZON-02)
2 63.140.36.179 16509 (AMAZON-02)
1 1 54.169.64.129 16509 (AMAZON-02)
1 20.50.2.28 8075 (MICROSOFT...)
4 3.104.211.97 16509 (AMAZON-02)
1 18.155.68.87 16509 (AMAZON-02)
1 13.33.88.56 16509 (AMAZON-02)
1 8 172.217.194.102 15169 (GOOGLE)
1 104.16.86.20 13335 (CLOUDFLAR...)
4 13.33.33.13 16509 (AMAZON-02)
1 162.19.138.120 16276 (OVH)
1 162.19.138.117 16276 (OVH)
5 6 50.116.239.135 6336 (TURN-US-ASN)
2 34.102.253.54 396982 (GOOGLE-CL...)
7 23.23.162.146 14618 (AMAZON-AES)
1 182.161.73.145 55569 (CRITEO-AS...)
2 104.18.33.19 13335 (CLOUDFLAR...)
1 103.231.98.193 62713 (AS-PUBMATIC)
4 69.173.158.65 26667 (RUBICONPR...)
1 13.33.30.231 16509 (AMAZON-02)
4 23.72.44.196 16625 (AKAMAI-AS)
2 8 172.64.154.237 13335 (CLOUDFLAR...)
1 1 199.127.207.188 26120 (RHYTHMONE)
2 2 54.251.140.206 16509 (AMAZON-02)
2 10 52.46.151.131 16509 (AMAZON-02)
1 1 52.3.45.181 14618 (AMAZON-AES)
1 52.41.136.75 16509 (AMAZON-02)
4 4 23.73.13.201 16625 (AKAMAI-AS)
1 63.140.36.101 16509 (AMAZON-02)
14 14 151.101.130.49 54113 (FASTLY)
1 141.226.230.50 200478 (TABOOLA-AS)
2 25 139.5.84.243 27381 (CASALE-MEDIA)
3 157.240.235.35 32934 (FACEBOOK)
1 2 103.71.26.126 132134 (SPOTX-AS-...)
1 74.118.186.45 26120 (RHYTHMONE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 74.125.24.157 15169 (GOOGLE)
3 142.250.4.154 15169 (GOOGLE)
2 18.138.110.117 16509 (AMAZON-02)
1 13.35.8.13 16509 (AMAZON-02)
1 6 13.251.90.192 16509 (AMAZON-02)
1 18.155.68.116 16509 (AMAZON-02)
4 184.31.5.52 16625 (AKAMAI-AS)
4 74.125.68.155 15169 (GOOGLE)
81 13.33.33.22 16509 (AMAZON-02)
2 142.251.10.95 15169 (GOOGLE)
2 33 142.251.12.148 15169 (GOOGLE)
11 142.251.10.154 15169 (GOOGLE)
1 8 74.125.24.106 15169 (GOOGLE)
2 103.231.98.196 62713 (AS-PUBMATIC)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 185.183.112.148 60350 (VP)
1 1 35.214.223.115 15169 (GOOGLE)
7 142.250.4.94 15169 (GOOGLE)
1 13.33.33.73 16509 (AMAZON-02)
4 74.125.24.94 15169 (GOOGLE)
1 18.138.26.177 16509 (AMAZON-02)
1 2 23.73.13.34 16625 (AKAMAI-AS)
1 2 3.0.118.42 16509 (AMAZON-02)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
2 7 18.142.1.26 16509 (AMAZON-02)
1 1 8.43.72.97 26667 (RUBICONPR...)
3 5 13.107.42.14 8068 (MICROSOFT...)
1 54.239.33.158 16509 (AMAZON-02)
4 13.33.90.128 16509 (AMAZON-02)
1 146.75.112.157 54113 (FASTLY)
1 42.99.140.192 4637 (ASN-TELST...)
2 142.251.12.97 15169 (GOOGLE)
2 151.101.1.108 54113 (FASTLY)
1 142.250.4.156 15169 (GOOGLE)
5 6 52.74.13.196 16509 (AMAZON-02)
2 4 104.254.148.251 29990 (ASN-APPNEX)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 3.114.23.93 16509 (AMAZON-02)
3 104.18.36.94 13335 (CLOUDFLAR...)
1 1 13.115.65.60 16509 (AMAZON-02)
1 1 185.196.197.130 39572 (ADVANCEDH...)
1 1 52.68.226.122 16509 (AMAZON-02)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 1 35.186.193.173 15169 (GOOGLE)
1 202.241.208.4 4694 (IDCF IDC ...)
8 8 64.202.112.159 22075 (AS-OUTBRAIN)
1 1 150.95.47.242 7506 (INTERQ GM...)
4 4 18.182.72.188 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
2 23.52.171.107 20940 (AKAMAI-ASN1)
9 172.253.118.113 15169 (GOOGLE)
2 13.35.8.67 16509 (AMAZON-02)
2 2 103.229.10.247 16509 (AMAZON-02)
2 2 52.220.190.50 16509 (AMAZON-02)
1 54.255.63.116 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 3.73.221.153 16509 (AMAZON-02)
3 172.217.194.94 15169 (GOOGLE)
21 44.239.37.156 16509 (AMAZON-02)
4 142.251.10.121 15169 (GOOGLE)
1 192.40.36.151 27381 (CASALE-MEDIA)
1 13.52.14.45 16509 (AMAZON-02)
4 103.231.98.195 62713 (AS-PUBMATIC)
1 2 146.20.128.67 27357 (RACKSPACE)
1 2 119.81.192.134 36351 (SOFTLAYER)
2 34.149.43.113 15169 (GOOGLE)
2 2 23.106.69.73 59253 (LEASEWEB-...)
1 18.155.68.50 16509 (AMAZON-02)
8 23.72.45.156 16625 (AKAMAI-AS)
1 1 18.138.18.111 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 35.227.202.26 15169 (GOOGLE)
1 1 18.155.68.101 16509 (AMAZON-02)
1 18.140.217.106 16509 (AMAZON-02)
1 52.221.156.235 16509 (AMAZON-02)
6 23.36.253.206 16625 (AKAMAI-AS)
2 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
671 144
43    104.83.196.116 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-116.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
11    104.83.196.200 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-200.deploy.static.akamaitechnologies.com
tags.news.com.au
14    23.54.56.214 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-214.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
16    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    52.95.132.94 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
27    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
tpc.googlesyndication.com
2    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
pips.taboola.com
4    13.33.88.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-129.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
1    172.64.132.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
6    13.226.175.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-15.mxp64.r.cloudfront.net
static.adsafeprotected.com
3    104.69.108.119 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-108-119.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.54.56.153 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-153.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
9    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sg-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
3    172.253.118.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f148.1e100.net
ad.doubleclick.net
1    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    18.155.68.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-27.sin52.r.cloudfront.net
au.tags.newscgp.com
2    34.194.167.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-167-128.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.1.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.72.44.233 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-233.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
52    74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    13.35.8.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-87.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.67.69.247 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    13.35.8.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-73.sin5.r.cloudfront.net
assets.vidora.com
1    204.236.153.238 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-204-236-153-238.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
4    124.146.215.47 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    54.93.142.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-142-150.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    23.106.127.39 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
14    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
17    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
16    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    63.251.14.3 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.52 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    18.210.55.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-55-209.compute-1.amazonaws.com
e1.emxdgt.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
13    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
14    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
5    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
4    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
11    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
1    220.150.223.52 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 52.223.150.220.in-addr.arpa
sync-tapi.admatrix.jp
2    18.158.185.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-185-48.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    35.82.246.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-246-6.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
2    54.81.22.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-22-167.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
28    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
pagead2.googlesyndication.com
bid.g.doubleclick.net
ade.googlesyndication.com
5    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
googleads4.g.doubleclick.net
3    18.208.87.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-87-237.compute-1.amazonaws.com
ping.chartbeat.net
16    34.212.196.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-196-215.us-west-2.compute.amazonaws.com
dpm.demdex.net
3    13.33.88.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-94.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
2    184.87.193.91 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-91.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
1    13.35.8.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-40.sin5.r.cloudfront.net
cdn.adsafeprotected.com
1    52.88.43.167 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-43-167.us-west-2.compute.amazonaws.com
newscorpau.demdex.net
2    63.140.36.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-179.data.adobedc.net
metrics.heraldsun.com.au
1    54.169.64.129 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-64-129.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
4    3.104.211.97 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net
ncg.tags.news.com.au
1    13.33.88.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-56.sin2.r.cloudfront.net
au.audience.newscgp.com
8    172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net
news.google.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    13.33.33.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-13.sin2.r.cloudfront.net
au-script.dotmetrics.net
1    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lbs.eu-1-id5-sync.com
6    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
r.turn.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
7    23.23.162.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-162-146.compute-1.amazonaws.com
mfad.inskinad.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum.casalemedia.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
4    23.72.44.196 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
8    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
ssum-sec.casalemedia.com
1    199.127.207.188 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    54.251.140.206 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
10    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.3.45.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-45-181.compute-1.amazonaws.com
usermatch.krxd.net
1    52.41.136.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-136-75.us-west-2.compute.amazonaws.com
beacon.krxd.net
4    23.73.13.201 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    63.140.36.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-101.data.adobedc.net
edge.adobedc.net
14    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
25    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
3    157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
2    103.71.26.126 (Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    74.118.186.45 (Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com.au
3    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.com
2    18.138.110.117 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-110-117.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    13.35.8.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-13.sin5.r.cloudfront.net
bbraoaivwsnletuwm7iewqznc1zpi1671152558.nuid.imrworldwide.com
6    13.251.90.192 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.155.68.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-116.sin52.r.cloudfront.net
rm-script.dotmetrics.net
4    184.31.5.52 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
www.googletagservices.com
81    13.33.33.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-22.sin2.r.cloudfront.net
cdn.inskinad.com
2    142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net
fonts.googleapis.com
33    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
s0.2mdn.net
8228261.fls.doubleclick.net
11    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads.g.doubleclick.net
8    74.125.24.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f106.1e100.net
www.google.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
7    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
1    13.33.33.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-73.sin2.r.cloudfront.net
check.analytics.rlcdn.com
4    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
1    18.138.26.177 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-26-177.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
2    23.73.13.34 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-34.deploy.static.akamaitechnologies.com
sync.teads.tv
2    3.0.118.42 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-118-42.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
7    18.142.1.26 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    54.239.33.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    13.33.90.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-90-128.sin2.r.cloudfront.net
js.adsrvr.org
1    146.75.112.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net
snap.licdn.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
www.googleadservices.com
6    52.74.13.196 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    3.114.23.93 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-23-93.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
3    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    13.115.65.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-65-60.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    185.196.197.130 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    52.68.226.122 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-226-122.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    202.241.208.4 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
gdn.socdm.com
8    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    150.95.47.242 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io
sync.dsp.reemo-ad.jp
4    18.182.72.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-72-188.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    23.52.171.107 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-171-107.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
9    172.253.118.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f113.1e100.net
play.google.com
2    13.35.8.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-67.sin5.r.cloudfront.net
cdn.linkedin.oribi.io
2    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.220.190.50 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-50.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    54.255.63.116 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-63-116.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    3.73.221.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.google.com.au
21    44.239.37.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-37-156.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
4    142.251.10.121 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f121.1e100.net
t.inskinad.com
1    192.40.36.151 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a1627.casalemedia.com
1    13.52.14.45 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-14-45.us-west-1.compute.amazonaws.com
s.pubmine.com
4    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    146.20.128.67 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
2    119.81.192.134 (Singapore)

ASN36351 (SOFTLAYER, US)
PTR: 86.c0.5177.ip4.static.sl-reverse.com
avd.innity.com
2    34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
2    23.106.69.73 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    18.155.68.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-50.sin52.r.cloudfront.net
cdn.mfad.inskinad.com
8    23.72.45.156 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
1    18.155.68.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-101.sin52.r.cloudfront.net
aa.agkn.com
1    18.140.217.106 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-217-106.ap-southeast-1.compute.amazonaws.com
geo.moatads.com
1    52.221.156.235 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-156-235.ap-southeast-1.compute.amazonaws.com
mb.moatads.com
6    23.36.253.206 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-253-206.deploy.static.akamaitechnologies.com
inskinmedia689754970364.s.moatpixel.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
93 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 25733
cdn.inskinad.com — Cisco Umbrella Rank: 38494
t.inskinad.com — Cisco Umbrella Rank: 41355
cdn.mfad.inskinad.com — Cisco Umbrella Rank: 154324
2 MB
76 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 161
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 245595
bid.g.doubleclick.net — Cisco Umbrella Rank: 704
303 KB
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
ade.googlesyndication.com — Cisco Umbrella Rank: 269
255 KB
36 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum.casalemedia.com — Cisco Umbrella Rank: 1318
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
a1627.casalemedia.com — Cisco Umbrella Rank: 128995
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
29 KB
34 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3234
pixel.adsafeprotected.com — Cisco Umbrella Rank: 604
dt.adsafeprotected.com — Cisco Umbrella Rank: 543
344 KB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
425 KB
28 google.com
news.google.com — Cisco Umbrella Rank: 5891
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 15
66 KB
28 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 641
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
image5.pubmatic.com — Cisco Umbrella Rank: 86272
image2.pubmatic.com — Cisco Umbrella Rank: 852
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
image4.pubmatic.com — Cisco Umbrella Rank: 824
37 KB
27 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 937
trc.taboola.com — Cisco Umbrella Rank: 664
images.taboola.com — Cisco Umbrella Rank: 1571
sg-trc-events.taboola.com — Cisco Umbrella Rank: 37535
sync.taboola.com — Cisco Umbrella Rank: 929
match.taboola.com — Cisco Umbrella Rank: 3306
sync-t1.taboola.com — Cisco Umbrella Rank: 1183
pips.taboola.com — Cisco Umbrella Rank: 1498
cds.taboola.com — Cisco Umbrella Rank: 1559
212 KB
25 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
token.rubiconproject.com — Cisco Umbrella Rank: 563
eus.rubiconproject.com — Cisco Umbrella Rank: 529
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2971
42 KB
25 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 269599
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
527 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
secure.adnxs.com — Cisco Umbrella Rank: 414
40 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
js.adsrvr.org — Cisco Umbrella Rank: 1410
insight.adsrvr.org — Cisco Umbrella Rank: 596
18 KB
19 api.news
content.api.news — Cisco Umbrella Rank: 62545
257 KB
17 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
newscorpau.demdex.net — Cisco Umbrella Rank: 120801
21 KB
15 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 954
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
4 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
57 KB
15 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
51 KB
14 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 108722
93 KB
14 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 55747
mhr.talk.news.com.au — Cisco Umbrella Rank: 920245
ncg.tags.news.com.au — Cisco Umbrella Rank: 145178
236 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
6 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
226 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
5 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 389
geo.moatads.com — Cisco Umbrella Rank: 674
mb.moatads.com — Cisco Umbrella Rank: 654
px.moatads.com — Cisco Umbrella Rank: 442
112 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 522
5 KB
8 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
126 KB
6 moatpixel.com
inskinmedia689754970364.s.moatpixel.com — Cisco Umbrella Rank: 59997
2 KB
6 turn.com
d.turn.com — Cisco Umbrella Rank: 1130
ad.turn.com — Cisco Umbrella Rank: 710
r.turn.com — Cisco Umbrella Rank: 3099
3 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2296
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6831
bbraoaivwsnletuwm7iewqznc1zpi1671152558.nuid.imrworldwide.com
67 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 653
us-u.openx.net — Cisco Umbrella Rank: 411
690 B
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 129958
au.pixel.newscgp.com — Cisco Umbrella Rank: 147191
au.audience.newscgp.com — Cisco Umbrella Rank: 160123
49 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
www.linkedin.com — Cisco Umbrella Rank: 633
3 KB
5 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4022
api.rlcdn.com — Cisco Umbrella Rank: 802
idsync.rlcdn.com — Cisco Umbrella Rank: 331
1 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 50593
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5642
40 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1916
bs.serving-sys.com — Cisco Umbrella Rank: 1238
lm.serving-sys.com — Cisco Umbrella Rank: 1839
43 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 409
840 B
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 658
bidder.criteo.com — Cisco Umbrella Rank: 713
gum.criteo.com — Cisco Umbrella Rank: 394
8 KB
5 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 898
gdn.socdm.com — Cisco Umbrella Rank: 53471
5 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 446
tps.doubleverify.com — Cisco Umbrella Rank: 474
tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 19216
110 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
187 KB
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 67184
www.google.com.au — Cisco Umbrella Rank: 25340
2 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 512
stags.bluekai.com — Cisco Umbrella Rank: 504
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
2 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 931
24 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
5 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 977
805 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
702 B
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1227
601 B
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2358
1 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
2 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3292
collector.brandmetrics.com — Cisco Umbrella Rank: 3639
18 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4039
udc-neb.kampyle.com — Cisco Umbrella Rank: 2312
87 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 705
718 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
1 KB
2 innity.com
avd.innity.com — Cisco Umbrella Rank: 30494
847 B
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2756
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
1003 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 910
374 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 4312
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
104 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
852 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1225
637 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
57 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 562
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1329
beacon.krxd.net — Cisco Umbrella Rank: 559
529 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 919
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
403 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
695 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
871 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 335
742 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 901
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 842
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 761
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
697 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 2752
633 B
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 18265
6 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 17213
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
112 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 168119
3 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3197
32 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 105992
21 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
668 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4118
390 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24864
650 B
1 pubmine.com
s.pubmine.com — Cisco Umbrella Rank: 11731
286 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 564
395 B
1 t.co
t.co — Cisco Umbrella Rank: 521
376 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
181 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1494
365 B
1 reemo-ad.jp
sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 74766
403 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4752
656 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4295
531 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 26927
555 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 9628
323 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 76847
347 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
17 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 788
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 636
15 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
273 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
667 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2127
419 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
99 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7327
828 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 30025
698 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1634
466 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 769
387 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 139997
529 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 735
67 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
729 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 971
538 B
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4920
27 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 19891
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1412
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 857
12 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 198675
2 KB
1 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 851580
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 4988
7 KB
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
671 125
Domain Requested by
81 cdn.inskinad.com tags.news.com.au
cdn.inskinad.com
45 cm.g.doubleclick.net 21 redirects www.heraldsun.com.au
googleads.g.doubleclick.net
eus.rubiconproject.com
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
js.adsrvr.org
29 s0.2mdn.net www.heraldsun.com.au
s0.2mdn.net
25 dsum-sec.casalemedia.com 2 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
25 pagead2.googlesyndication.com ad.doubleclick.net
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.heraldsun.com.au
cdn.inskinad.com
s0.2mdn.net
securepubads.g.doubleclick.net
22 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
21 dt.adsafeprotected.com www.heraldsun.com.au
19 content.api.news www.heraldsun.com.au
16 tpc.googlesyndication.com www.heraldsun.com.au
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
16 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
14 sync-tm.everesttech.net 14 redirects
14 ib.adnxs.com 8 redirects tags.news.com.au
www.heraldsun.com.au
googleads.g.doubleclick.net
acdn.adnxs.com
14 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
resourcesssl.newscdn.com.au
13 id5-sync.com 8 redirects www.heraldsun.com.au
cdn.id5-sync.com
tags.news.com.au
13 match.adsrvr.org 13 redirects
12 simage2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
11 googleads.g.doubleclick.net www.heraldsun.com.au
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
www.googleadservices.com
www.googletagmanager.com
cdn.inskinad.com
11 x.bidswitch.net 11 redirects
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eus.rubiconproject.com
9 play.google.com www.gstatic.com
8 b1sync.zemanta.com 8 redirects
8 www.google.com 1 redirects www.heraldsun.com.au
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
tpc.googlesyndication.com
8 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
8 pixel.rubiconproject.com 3 redirects www.heraldsun.com.au
eus.rubiconproject.com
googleads.g.doubleclick.net
8 cdn.ampproject.org www.heraldsun.com.au
securepubads.g.doubleclick.net
7 px.moatads.com www.heraldsun.com.au
7 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
7 www.gstatic.com news.google.com
www.gstatic.com
7 mfad.inskinad.com tags.news.com.au
www.heraldsun.com.au
ssum-sec.casalemedia.com
mfad.inskinad.com
7 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
7 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
6 inskinmedia689754970364.s.moatpixel.com www.heraldsun.com.au
6 ups.analytics.yahoo.com 5 redirects www.heraldsun.com.au
6 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
tags.news.com.au
js-sec.indexww.com
www.heraldsun.com.au
6 pixel.adsafeprotected.com 1 redirects cdn.adsafeprotected.com
www.heraldsun.com.au
cdn.inskinad.com
6 token.rubiconproject.com 6 redirects
6 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 googleads4.g.doubleclick.net ad.doubleclick.net
www.heraldsun.com.au
5 pixel.tapad.com 4 redirects ads.pubmatic.com
5 sync.taboola.com 3 redirects www.heraldsun.com.au
4 t.inskinad.com cdn.inskinad.com
4 match.prod.bidr.io 4 redirects
4 ad.turn.com 4 redirects
4 secure.adnxs.com 2 redirects www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 px.ads.linkedin.com 2 redirects eus.rubiconproject.com
www.heraldsun.com.au
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagservices.com securepubads.g.doubleclick.net
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 fastlane.rubiconproject.com tags.news.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 au.pixel.newscgp.com au.tags.newscgp.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 tg.socdm.com 4 redirects
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
widget.perfectmarket.com
3 odr.mookie1.com 3 redirects
3 idsync.rlcdn.com 2 redirects www.heraldsun.com.au
3 www.google.com.au www.heraldsun.com.au
3 stags.bluekai.com 3 redirects
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
3 us-u.openx.net 1 redirects www.heraldsun.com.au
googleads.g.doubleclick.net
3 www.facebook.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 ping.chartbeat.net www.heraldsun.com.au
3 u.openx.net 2 redirects www.heraldsun.com.au
3 sync-dsp.ad-m.asia 3 redirects
3 uipglob.semasio.net 2 redirects ads.pubmatic.com
3 sync-t1.taboola.com www.heraldsun.com.au
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.heraldsun.com.au
2 ade.googlesyndication.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 pippio.com 2 redirects
2 image4.pubmatic.com www.heraldsun.com.au
2 gu.dyntrk.com 2 redirects
2 avd.innity.com 1 redirects js.adsrvr.org
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 simage4.pubmatic.com ads.pubmatic.com
2 lm.serving-sys.com secure-ds.serving-sys.com
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 2 redirects
2 cdn.linkedin.oribi.io snap.licdn.com
2 cdn.doubleverify.com s0.2mdn.net
www.heraldsun.com.au
2 rtb2-useast.e-volution.ai 2 redirects
2 js-sec.indexww.com tags.news.com.au
ssum-sec.casalemedia.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 um.simpli.fi 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 image6.pubmatic.com ads.pubmatic.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 static.criteo.net tags.news.com.au
static.criteo.net
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 metrics.heraldsun.com.au tags.news.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 sync.srv.stackadapt.com 2 redirects
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 ih.adscale.de 2 redirects
2 match.taboola.com www.heraldsun.com.au
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 mhr.talk.news.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
1 udc-neb.kampyle.com
1 tpsc-ae1.doubleverify.com cdn.doubleverify.com
1 mb.moatads.com z.moatads.com
1 geo.moatads.com z.moatads.com
1 aa.agkn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 z.moatads.com cdn.inskinad.com
1 cdn.mfad.inskinad.com www.heraldsun.com.au
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 tps.doubleverify.com cdn.doubleverify.com
1 s.pubmine.com js.adsrvr.org
1 a1627.casalemedia.com cdn.inskinad.com
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 bid.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 sync.dsp.reemo-ad.jp 1 redirects
1 gdn.socdm.com 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
1 ipac.ctnsnet.com 1 redirects
1 r.turn.com 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
1 dsp.adkernel.com 1 redirects
1 ds.uncn.jp 1 redirects
1 s.uuidksinc.net 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 api.rlcdn.com tags.news.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 bs.serving-sys.com secure-ds.serving-sys.com
1 check.analytics.rlcdn.com tags.news.com.au
1 csync.loopme.me 1 redirects
1 sync.adotmob.com 1 redirects
1 s.company-target.com 1 redirects
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 bbraoaivwsnletuwm7iewqznc1zpi1671152558.nuid.imrworldwide.com www.heraldsun.com.au
1 adservice.google.com.au securepubads.g.doubleclick.net
1 sync.1rx.io www.heraldsun.com.au
1 cds.taboola.com cdn.taboola.com
1 edge.adobedc.net cdn1.adoberesources.net
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 pips.taboola.com cdn.taboola.com
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 hbopenbid.pubmatic.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 d.turn.com 1 redirects
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.jsdelivr.net tags.news.com.au
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 t.adx.opera.com www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 sync-tapi.admatrix.jp 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 ssbsync.smartadserver.com www.heraldsun.com.au
1 jadserve.postrelease.com www.heraldsun.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 sg-trc-events.taboola.com www.heraldsun.com.au
1 images.taboola.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 cs.chocolateplatform.com Failed 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
671 213
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
bedsberry.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.postrelease.com
Amazon		 2022-11-29 -
2023-12-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
secure-ds.serving-sys.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-11 -
2023-06-11		 a year crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-12-11 -
2023-03-11		 3 months crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.inskinad.com
Amazon		 2022-08-02 -
2023-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-18 -
2023-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
t.inskinad.com
GTS CA 1D4		 2022-10-31 -
2023-01-29		 3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh
s.pubmine.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-06 -
2023-10-06		 a year crt.sh
*.innity.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-08 -
2023-12-09		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
cdn.mfad.inskinad.com
Amazon		 2022-02-25 -
2023-03-26		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh

This page contains 76 frames:

Primary Page: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Frame ID: E1638876C0B74B2F6EFC45CF4CAA23AC
Requests: 243 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=js71RrUy2.fDOcSnq7qC3CJdAULmvdud&nonce=agbyJaFEfwISkZH7s91vp5QNphHlr-eF&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 0CB489A1121DC2F7523FDEFE8E60EE9D
Requests: 3 HTTP requests in this frame

Frame: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Frame ID: 9FC8A00D1A9AFB0EEB37FA8DFE34B603
Requests: 24 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 94839C5988B6605E1439E261DDF560FC
Requests: 22 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: BDF08993450302F06A004D0925CA3B26
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: FCB6ED8B0D7ED0A72BEF25FD2D1A2A71
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 78CAB3E4C2497D58DDC9408E5B3D78B1
Requests: 3 HTTP requests in this frame

Frame: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2E88237BAE9480E0DB71D6E5EA87EF7
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 51A1E4869C996E1B28941B02DC0B5737
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
Frame ID: 527E7E855F57278B949239E596748AF7
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 2E400FCC091D8FA59F7141DB2769A0CD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: ED33E46BD47585B52714196798A1A732
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: C946ECE576C82079A7AD6714E4F0DC56
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRxn1Wj2nMT8nyb22rJrPZcGO4JCr9-9ArdiveKKoiI4tbutZV15bCcGMoejHuEK3IX_MqBtwHo8gP__p2icxEaQXareHpSCy1jOLd-_TEPHmIQiaOYmdKRsJZ3kQ19FppgjE3T2aAeqOW5Jb6jYPIJD_qmS4IjH5pPBJ5StKXJgrQ0Mk_LfZekDexwGb4AyC4CGTXUZDHh04_K-IjRznQV53pinJu4rM-2ZDW5bB9sY2HjjYBZNiUG5FdRtLD5JoUpN_H4kEQ4WI7qB2e3lYvGjo9dNUrex1Wrw_H2AVexXmBCCmZ9_8z3Ovyxb3V4eluxw&sai=AMfl-YRMC_1fEiY2qQCS33BBWUOBpxBcoWNwC1ZiI_n6pOoK4EHvDjwRHqfzVMMM50fxbejEbkjmwHRfyzYEIs39aah4ylNnvoDPFBzSqt_i8AkjNos9k7lMhZbugarGFKr09A&sig=Cg0ArKJSzCvVyG5smXGbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: ED941864AD447D7CF92B4158F7F62FD3
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022211060024000/amp4ads-v0.mjs
Frame ID: A3BC2DFE5C22A4955DB5B050CA9C19FE
Requests: 21 HTTP requests in this frame

Frame: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 469A87D9222D738D7897C83D90E4CBD8
Requests: 16 HTTP requests in this frame

Frame: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0A9BB73C9DFC6BCF7D3A639DB4BFBA5A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKekxgIQwNKMgwQY1bv-2wEwAQ&v=APEucNV6tO6UORv4ANpkSbq4Qc5C_Pv2kEB4F0DdwXKFiGpLqJrukwK2yVQJOQtGMqWsjKf4POB9TBlcbQWPHW-OqeRr3OB6IA
Frame ID: AFAA4B5FCA0888AE42BBAA739AAC2583
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPH1NRDdm5cBGNPW99UBMAE&v=APEucNWcFQPnYm03RaLmMiibk5Bkgw8MoEoO_IEQNhjnFFi0adn0qgypV_7nCz-kRv7y0QEweDO7yXCTn2jC7q2yxC7avIbUTw
Frame ID: A5D4E3945D29108BB2B08111AF727654
Requests: 5 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=4857565153&chanId=171638111&placementId=5329951885&pubCreative=138306973687&pubOrder=2678049062&cb=1851874928&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 8BF5E4E4E1E7F18D7303B2558657CB7C
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent=
Frame ID: 96CBBE84E336A4FB2340FB88C9B9472D
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID868C18B6-C4A5-4198-AA13-94B96ED44ADF
Frame ID: 5D6E2C9BE79AA0DAB4667964A03E934E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03DD69AB96F71395BCADDB5A768FFC56
Requests: 9 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 51978CA2D2D9C01620B6B22CB9727AD0
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: DF89F9AAEB38AB3F40608D4B1B7882B8
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: DCD6FE3FD2A1E034881399C0F08B7598
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 87DC3523C74CD2979D74F0AA6D736A21
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F7E104FB2BB062CDBB5DBCE879B30C43
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 7117108A5A3C013762D0B02334BF037D
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918
Frame ID: CBE26CE2779E7C7AF89DBDE21B4AA397
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782
Frame ID: 9372024B451D8488604706EF84090A29
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 94500C8DE228A6B283294675343D0611
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 138100339EB62B856A1951C5BC0D9A86
Requests: 4 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=0&gdpr=0&gdpr_consent=
Frame ID: DC94A76DF81A894A15414F6D2D319423
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 62E252F42E72432C577D88977AF78C3D
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 4893520A8E6274E0641FC28C47398CBA
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4539E4E01A115F8332AB4AA7C2601A89
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 42D90E71C209D08E0BC7D97BFB6421ED
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: C95325EB0819B5189143E2825525D502
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EBA863EC83B668CEEF7ECD80F606A1E6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF2E8A00FA51A34A8EC16BD0C5552255
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5078074EB6E4567A29942913F8A08AE9
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A8A2B3F6DAE3E9C5D56C73C46E000076
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3024365137707366032/MREC_300x250/index.html
Frame ID: 0210E7D4AD1C2F8109B18DFA591ABDD8
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Frame ID: EA2FB71F40067DE239AB475BD357BEA4
Requests: 25 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 2CA79BDAD0341190BF471528288EDC50
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: ACEC51053401CB576795F029091CEFBA
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 9FA413629A44072A92BC5B7E99C65C0D
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D70D288521F54810C9E96CC7442EA989
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjnhgIQ18aUAhj3w4DSATAB&v=APEucNW-ZodWgCjf6x45QMPuyUc0lEN0JcYqSOEXLDnEKO-yRiRwp8dRB9vARl_b8M6WpDXUQ85Uw2ZqRDB-ZezpdznsHOmv3g
Frame ID: B554CA40D38ACF2B1B473BA571899702
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUdDjzQnnpF-Q6eXOIdqkZg5QCjx3pfQ91s_zctT54vDXkLL72KORDvJhlzjYqa8GRs4ckBsbrNDRceg-wYTuw4g4Xy2Cv8wN20k7BQibg_W9rMMcdxyXEz_h8C5SdxRzWzwqXFAM1oUfS_ui95KAHc2QCY2gFhWy_VdcBm-8mkceApXE&cry=1&dbm_d=AKAmf-BjF_i1QcmOibAzM-9hDwm6_GVvA_TFujQrwTT1FAWHqMDi2i0jRod8inqWayTLmq7L1R3YnNB-NBhdvMrQyIv8sJHo4BlYnvXp1BytS8Q6rGIPRei6HTRK3g4sndhShQ6WTegFrGPzBPA9R5pQNDr-mefFQu_ByNvhYumdaDOdVcvwyvxQj5blt_ijum-7U8bCxwAUY1fi4No_q7mjRwEh3ndlKEwfMlLUsHvYICECQsbPb3_kKqdhVLFKAPK7Xd9Kuv15dWsMQjTk22OqfndezL4bPG8ikOScffz9ERW_oqd3-qbyJnZiPanCROiWzYAfQ1oxTy5PClxoUcV-mGZ9z0fYc0Kx41FgmpE0ICmtRgBr3IPjT0999Ds1UA01sDWmEDCxlFLfHIksD67MDXP35w1JK-Nr2pt4Kdq4TKgyXW-VIXLr71oL5Sw7oInStvW88Tt9YiVc0Sm93NQapna5uH_CNEVO7Kq9fVd15iAfvayq8dpjoZEGyiY7uNt2rsRwoE2AG_pJMLNJ6pNeW9JR7ZEyKRGWAt7hWPkDwZCjctO0s4RnSHgkzzZ-O-4FzFgVqS6FEJRiOHpqbXxmzADvhW7SsmCQvj0-VkL9pqDBSoNRWN0UR2M8qGWq5wjP5J95Ny5trFPNz9fs2Blx3nZfXb5UvL2-t7ilrCHYWyyHRI-92uS-le3KCPkVxVeAq88luGDKgDqsEGQbInZnd9Z7QP6rdIeoIoBp5Kc34tAjn0bNqitygX1p1Wu046ZtihmvVJT9-S8evkEZijxPWA241stZ-5etDHJa4yA3XmrULiB9nGdOSmbLbPcxK5V0cO16XnIBFe9-GbE_TFP7p5DUIJ0H2jhv61dluStHoSCCqaZP7pgQ6KnP63Jx7STAhbehr4Sv6KAFNpXuQOgpzm1VC4Rj82lrb0IS-i8y7Skny65_3a3sGTpO1FaJY188U4t5VkNoJQMPCsyXEBW-Ij4U1ql1ELoe67lgB7dgGdZLkbeJfrMZfONfyDhyVIU9NSIWncz1MUsJqZCbSiCjogm8lnYG5bFwEQVnPuS9wdxG3eIzrHMjKCl7mor4kCuP4VdDMJvp2DSeFRQqrW1PMboWDVQrVcW6Ezh5B7IX7m-809YBBYKAqmFatPPaotEtjIsfKyi2Jwzyhb7TjC1n7d5fhpuEd09XLA2UVs-1oGtjXRmiXeiXGBz6KKf9_5uNdPf_cHmU3Ol_BMtgxFO7qeb8ZwD035TnB9gkrXYaSjf-yjJAwN6jF603XYoJR3AIbwCc7YwXLU1n1NWaTdkCDSBdbsy0nSif9WLH2OSyHMQqGwjl92CiEK6b5Kr2CaOLUzdaArNcg00E9MW-PjmPUfiW3LceK_LM4xgYBBgo0j9Y4DsOM9tEZ4foAHzkxyITVfUvjySjnsmWRek4ZzQXEdpxNIcMHQLFAqnvke_aY8jPkWhHNZ-EOQOXszwv_Z5KXJMIbG3aHJM8sukI8cXvOVwXC3kaK8MBjFQcez3llFpTha3Flc1O_astiZOYTOg4mFf5LIRMdVDtqgX4xk64l6ZKuId22ZX6GVo5cxPUBqNiYfvdYSqVOemAubAWWRCEy6LEGyBoI2KMCNXShgGKdiBnzft2zQYBUgTCCWlbrXtlMrZq7PbSip4SD1bqr-zygKfWb2w1GKXLMT76O_7rN-_6JaN1O6I_2CvpN31kVTneDYkqS3aMPeVgSm0C_eFAWnE7zG442dUVYxnTQoak8hlNADivNhXnwj8CgvJCwN5lSQkR_1Y5eXu5JWGCQDw-2luAHz8r-WTt7_Toz8H2wL0bzeSpMp0BRoPPDEbCHYyngvHZsb_xMLbcu-L_fDyQeH5unjZLINDkNvqmvNZ9QttFQJvoIxe5uVac0m2uZ-Ge4HlU72ZVEP1M27nGtnRI5dcSqdjs9hJPrC2z-a0KfiW0Gi3Z-CTi5JH0flLosjqi25lE4yRQkBbPyAqqm3toOKOUCt0tXRX4w-Pzyu1EOg8LBmLnsJdGzg0unHkstjmBkvv0pg2oNWqQk30u36GPXHOwARRlBn9wRKgjLUSoBDz6ZRzWfrYQUeJPFwf0hwmW5C8TANzVnZYhmqtoIvVjApCrrl76CcL699n0ruggwNdyXLiAiGy4yxZXS_vGRSoGzJltbpasCbfM32XNuT3x66JqlqR6iz6Z5jEDn_GRrBAsMmGO2GZSP0sG8RthntViBELuC3mF8eI3_uv8vqlFLqfyRtgnd5fSNOpqGgKyXSaa9amgHm0pjdRc4hWDhn2KoZqZF03kANUvLBHUDSJEHAw-aEB9eB_NUSRvYE5cAgNOar_C6bne-ceMilMEMfZ5t1KuIwvfuAQE5RQ7i0QyULcpcx18popEVVnORq2hjTqv9ghg5lsUfyKRdCmCrKfLCY5RcKloeuQcATOY3MdZSLZVziP7LbBVhuy_waDwnv65yvvszzvnM1R-LdcmLLa-tGd2Ga1lTgu__Ocd1-2cZ08aIHctvZwPFBYjKnRKfhCy4he3qKaLbYYD4zjx0osRAbL5xdCzqTrcpXsLUJVkKrGSz3uQwCAPU_IOf78dUyprB4vG8pJdrCBxO5kPQX2z7F_xuddAJ32JwYRDfNfLtHvgQ4FWkQBS3QTZrF2mPKPJsQ29cbTh_wkoTAN6JIGjo06m2m6-gkuJTgjrYv3_1JzGfKEgDF1G5Nu6su1nI4grdA5RSfLuJfMolNZ8M9oHRTlZIg_j400uDRo4L-EhT-AdZNZnhOAR58L0i-6rtsoaQfsbIzHaC2M6LFGvHkaPjg8oQN1OMjueBFi2PcjoxyfLwv8BctjjJ_ZiA0C_wRfQZ5prU4zdkq4Wi-09bVRx7Q-8sEoIPOQY9gMg7x8JR_hgF21ORmv1F3N3z_SQr_tZSYxqTmw2NxVumBKArDcTGQmIjzIxXcj-EMldj7VUw00MWyduknXc9aM_MWdhaFbrxsW8nKNDtTI3b6A1sLxbZPI2KBIkus1NhJ-Sn4ut6S239t3Mo-fP72LkZXtdMK5j3KntRZgFUv4w0ajvQwu0oDecl7fE2-riZFvxLGt_M1WCfDEtvdYkpLQWIDmhIAXwo7ZgxeQEbgt46IPCtGkZf47BZ4wfaSFrpPRmRCRPVyWJBsGWdAnPqYWVg8Nmo5cQtkEUN1piE6XhyjovyY5egkb7mfewSZBMeLPQr0iPqxjjHcI4WlwmJQ0ls3kiCAsXk9QO-3UuPIKRfJC-O2sdy6QuMlt14OTRbHiPDMniulzd2iQuFzsrhBcAL8NDJFpNCnVHUhl0tJ5BOtZeB_oSNZLg2TGzZWeW_VcuYUH9Yuu2yWKtQaaONqF3cHsllDUeF8jpJPse7J_zi4W1BKz-u5tXsPYaZ3KJWy3h9j60rgTVjaeu_vKFXyWYKoizsnjA4TrBs5B7MYam_ge8QTiKa1_lmHSMqA23TlWL0F6sNhlBfZImLYMvVVqHG5hbfRbsXWqM3w&pr=13:Y5vDrQAAAADz30yx7sUQDigWqY6-0whCidj_7Q&cid=CAASBORo9SU&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Frame ID: F519A3E910F6FA2A20DDB19566190980
Requests: 10 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Frame ID: A9AE38632CB1742785F773AF29D0F534
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=1&external_user_id=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Frame ID: 880210F57AAFE357487B702B2B02CDEA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3326.js
Frame ID: 50EC238C4BEF27352EB026AF313CA94B
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Frame ID: C6B0D64239808886618DE1B20A80173B
Requests: 1 HTTP requests in this frame

Frame: https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3Db7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Frame ID: 732964197D524A44059AA67B1023FE77
Requests: 1 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN1035863.3595311DV360-BRAND%2FB28348495.344055411%3Bdc_trk_aid%3D535481222%3Bdc_trk_cid%3D176332357%3Bord%3D1671152562746%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D0%3Bgdpr_consent%3D%3Bltd%3D%3F&tracker=true
Frame ID: D05FE5ACBD159CEA546725DE62B608FB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMSIsImF2IjoxNTM5NTUsImF0IjoyMTYzLCJidCI6MCwiY20iOjg3MDIxODg2LCJjaCI6MjM5NjIsImNrIjp7fSwiY3IiOjEwNDA0Nzc4NSwiZGkiOiJiNDU2NDY2OGM3MDA0ODM2YTVhNjhmZjA2MTczYzQwOCIsImRqIjowLCJpaSI6IjhjYWE1MmU2ZTZlMTQzNTNiMGZlNWYzOWFjOGU5ZjJiIiwiZG0iOjMsImZjIjoyNzAyNTYwMjQsImZsIjoyNjE1MjQ4MzksImlwIjoiMTczLjI0NS4yMDkuMTQyIiwibnciOjk4NzQsInBjIjoyMi4xLCJvcCI6MjIuMSwiZHAiOjIyLjA5LCJkbiI6OS45NDA0OTk5OTk5OTk5OTgsImRnIjoyMi4wOSwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicnAiOjEsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6IjE0Iiwic2IiOiJpLTAwM2YyMWI0NTA0YTg4ODQ3Iiwic3AiOjU5MTUwMSwic3QiOjEwODg3MTYsInVrIjoidWUxLTAyY2YxYWY3MzlkNTQ5YzdhZTYzODMyZmFlNWU0ZTE5IiwidHMiOjE2NzExNTI1NTczODIsImJmIjp0cnVlLCJwbiI6Ijk1OTI1NmNjNTkyY2NkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6NDB9%26s%3DmOheQMxEZbixFU5ti5OCM8tgDYU%26property%3Apubcpm%3D10.3&tracker=true
Frame ID: 3A47AC85818C86EA9BDDD0B0D9738146
Requests: 2 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Frame ID: 203201F44EA332F0243FFD306CDF0720
Requests: 12 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Frame ID: B9D2C687698324EA1A9D334502932636
Requests: 28 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Frame ID: C991C483C5DF8080EFC123C5597E1C40
Requests: 7 HTTP requests in this frame

Frame: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Frame ID: 71EDDDDDCB8914B6C093A2CA59CB1A3E
Requests: 28 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Frame ID: DF22CAA849414C46C95F2E4E475352AF
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43515BD33F0C2FDBB20B36F9101FA2BC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: D9B008CE36F14C2FCA9D8B17C7FFFE2C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=
Frame ID: D4915D291EAE196226CBB8F5A69F1247
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQADwQunQAAe&gdpr=0&gdpr_consent=
Frame ID: 2FEF6D8CB129FA884D6C675ECFEF08C2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y7bdxpggfsy
Frame ID: C4418E175DD4D121B5BDE0312C6893EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5255120626500132149&gdpr=0&gdpr_consent=
Frame ID: A9B755C2CD333116A9C3BA9DA6F2C3F1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu
Frame ID: E96035A32F2B3DDDD73B5CC0CEFF6669
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 107EB084F7932B3F49050136E388E5EC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4zrUV83eRg5cK_t5-Jg7Oq310Y4
Frame ID: 871A57D010EE37C9BACBC8D53502DECA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 34AC4785D7D0E6D958136AFC0E9A636D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 54129A74F9ED559117C176DD010D306B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B935C95AC41B8144B7674290CFBD01DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76E0C2E2E70E0879FF57BABC616B9D7C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&167... HTTP 302
    https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

671
Requests

82 %
HTTPS

0 %
IPv6

125
Domains

213
Subdomains

144
IPs

13
Countries

6585 kB
Transfer

15986 kB
Size

231
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1671152544945689074 HTTP 302
    https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671152550877&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671152550877&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 105
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5vDq8Co8YsAACxSgykAAAAA HTTP 302
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5vDq8Co8YsAACxSgykAAAAA&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3DY5vDq8Co8YsAACxSgykAAAAA&isDirect=0
Request Chain 106
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=1be512a9aaf44966a94859e248d01039 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1be512a9aaf44966a94859e248d01039
Request Chain 108
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBPT30PN-1T-J9B5
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDoX_qUEV4m0xBBYpAL3jYU&google_cver=1
Request Chain 111
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Request Chain 112
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Request Chain 113
  • https://ce.lijit.com/merge?pid=42&3pid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 117
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=66cac4ba-8c9e-41de-8046-5b238d0457ef
Request Chain 118
  • https://id5-sync.com/s/464/9.gif?puid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5255120626500132149&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-aa78WJ9lVhQMsi1CIXxeaCgxSplzEmBcXrQuVCL7bg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/4/4.gif?puid=C7790B263FECDBD9&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/3/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/3/5.gif?puid=5255120626500132149&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F0%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F0%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/0/8.gif?puid=4215561582167017865&gdpr=0&gdpr_consent=
Request Chain 119
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=3eb1b694-ae90-424c-8a07-eefafb50cc7c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=4IzS-9cylgN-Wg&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Request Chain 120
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=129c3c4c-ed3f-4aad-9be9-696895f26f3f HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=129c3c4c-ed3f-4aad-9be9-696895f26f3f&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3D129c3c4c-ed3f-4aad-9be9-696895f26f3f&isDirect=0
Request Chain 121
  • https://u.openx.net/w/1.0/sd?id=543998486&val=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=
Request Chain 122
  • https://eb2.3lift.com/xuid?mid=7772&xuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 124
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4zrUV83eRg5cK_t5-Jg7Oq310Y4
Request Chain 125
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 127
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d19654bb-82c7-4e26-b189-d64d728d106a
Request Chain 134
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671152553647 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671152553647
Request Chain 147
  • https://cm.everesttech.net/cm/dd?d_uuid=73956692102159585471605233320435453892 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5vDrQAADtGiWAAe&d_uuid=73956692102159585471605233320435453892
Request Chain 166
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5255120626500132149
Request Chain 168
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3350514596490154961
Request Chain 181
  • https://token.rubiconproject.com/token?pid=6404&puid=73956692102159585471605233320435453892&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBPT30PN-1T-J9B5?gdpr=0
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzM5NTY2OTIxMDIxNTk1ODU0NzE2MDUyMzMzMjA0MzU0NTM4OTI= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH8l9sOf8lsVkXW_LkP7F5Q&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 183
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Request Chain 185
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
Request Chain 187
  • https://dt.scanscout.com/ssframework/uid?UIAA=73956692102159585471605233320435453892&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-19097d74333dc041ba1435c36c60320d
Request Chain 188
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=73956692102159585471605233320435453892&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=73956692102159585471605233320435453892&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 190
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 192
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=73956692102159585471605233320435453892 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=73956692102159585471605233320435453892
Request Chain 193
  • https://tags.bluekai.com/site/43981?id=73956692102159585471605233320435453892&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y5vDrQAAANN2bgAp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTV2RHJRQUFBTk4yYmdBcA==&_test=Y5vDrQAAANN2bgAp
Request Chain 198
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y5vDrQAADtGiWAAe HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5vDrQAADtGiWAAe&expires=90&_test=Y5vDrQAADtGiWAAe
Request Chain 199
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5vDrQAETwY7gwAF HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5vDrQAETwY7gwAF&_test=Y5vDrQAETwY7gwAF
Request Chain 200
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y5vDrQADwQunQAAe HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y5vDrQADwQunQAAe&_test=Y5vDrQADwQunQAAe
Request Chain 202
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y5vDrQADwM_lowAe HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5vDrQADwM_lowAe&_test=Y5vDrQADwM_lowAe
Request Chain 204
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQAETwY7gwAF
Request Chain 205
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5vDrQAADtGiWAAe&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5vDrQAADtGiWAAe&img=1&__user_check__=1&sync_id=55d6eea0-7cdd-11ed-bd41-14a2f8e60507
Request Chain 206
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5vDrQADwM_lowAe&t=2592000&o=0
Request Chain 207
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Request Chain 225
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5vDrZW6IKsKO5fjEthZcwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
Request Chain 260
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expiration=1673744559&gdpr=0&gdpr_consent=
Request Chain 261
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686877360&external_user_id=468a8f41-63f2-4173-9a9a-de41b48e8133
Request Chain 262
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5vDq8Co8YsAACxSgykAAAAA
Request Chain 263
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 264
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c52d74fe-c168-44b5-bdc0-fb7fc90014fb&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 270
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
Request Chain 293
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5vDrZW6IKsKO5fjEthZcwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEApdNkY_mPeXk2c5D4sa3_o&google_cver=1
Request Chain 295
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHVhnPAicDLdo4IwfTl_vA8&google_cver=1
Request Chain 297
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2FjMzY0NTItYTFiMS0yMWQ1LWQ2YzctOGQ3MjE5MTI3YWJl
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBHx8cwW_3tCuDRz4ZVtxL0&google_cver=1
Request Chain 299
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTQ0OWUzYzYtZDEyMy00ZTEzLWJlNGQtMzMyODU1ODI1NTlk
Request Chain 306
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent=
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=howYtsSlQZiqE5S5btRK3w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 309
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=868C18B6-C4A5-4198-AA13-94B96ED44ADF HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=868C18B6-C4A5-4198-AA13-94B96ED44ADF HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&ttd_puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e%2C
Request Chain 310
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=&ct=y
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY4QzE4QjYtQzRBNS00MTk4LUFBMTMtOTRCOTZFRDQ0QURG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELIwECIop3wvUaSOJwdIkCQ&google_cver=1
Request Chain 314
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:974533835F9D416FB00BF3A590E6F282
Request Chain 316
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=
Request Chain 317
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBPT30PN-1T-J9B5 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBPT30PN-1T-J9B5&ex=d-rubiconproject.com&status=ok
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
Request Chain 322
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPT30PN-1T-J9B5
Request Chain 323
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==
Request Chain 324
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_1VIaBW6SZ6iMZFAcWPd0g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_1VIaBW6SZ6iMZFAcWPd0g
Request Chain 325
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=&expires=30
Request Chain 327
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-s5MUcmbL4HpvBNlbLaDyMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-u9R9XrFE2oKFd3qMMp4wEu47AWAHmniKWC3DBw--~A
Request Chain 328
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
Request Chain 341
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918
Request Chain 342
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782
Request Chain 345
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-UuEMjyhE2uIGp.JOBxKD5MU4VMNjy2I-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=0&gdpr=0&gdpr_consent=
Request Chain 361
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5255120626500132149
Request Chain 363
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDaOOpJ5VK4ffcaXUo3PBMw&google_cver=1&google_push=AavPq0NbkXRpdi7azhH5ohHTDqpTYVcWa7jkwOM89yTcaiX-QvACa7WYJdy7yXvPPTnenaWc40IhldoCDYFpGP-4V78GZ30ap4Qs7gelL9acO03feGoTlmdVL5GI78XNIZ1jMUSlt_IiEJPT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbkXRpdi7azhH5ohHTDqpTYVcWa7jkwOM89yTcaiX-QvACa7WYJdy7yXvPPTnenaWc40IhldoCDYFpGP-4V78GZ30ap4Qs7gelL9acO03feGoTlmdVL5GI78XNIZ1jMUSlt_IiEJPT
Request Chain 364
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJNvD83lan3JcyA5-t1qBsI&google_cver=1&google_push=AavPq0NbQ88hc7CjW2eTKZpYtfg_g3Ud8MjRvPBTzLi32vNOc_nJoSZ6pQklkbP0StNcZKJteeaTgw7CvEY1y4kapYZlHUX3B-VCv8mPONSpQq-nVoWq5r_-Dg5dEX8lcbqexGTfb3Jz2wk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NbQ88hc7CjW2eTKZpYtfg_g3Ud8MjRvPBTzLi32vNOc_nJoSZ6pQklkbP0StNcZKJteeaTgw7CvEY1y4kapYZlHUX3B-VCv8mPONSpQq-nVoWq5r_-Dg5dEX8lcbqexGTfb3Jz2wk&google_hm=eS16SE05eGxCRTJwSFFPX1Z6NFh0Mzh4QWY1WWYzR1g2bn5B
Request Chain 365
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAo95Iyqmfb9RsSY8e2VGSI&c_param1=AavPq0PAvD3PA1EJoXx9YzFN8IzgM2G0ilpp-q23fL039GloqEe41qOGVgaShqyhS33MWaQf641hk1Lq2d_2yyS760kpF4RlU_fsZObemO-QVeMAuaKsmCXrAORHNdbNWaI4nu2RDeGZXCoZ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PAvD3PA1EJoXx9YzFN8IzgM2G0ilpp-q23fL039GloqEe41qOGVgaShqyhS33MWaQf641hk1Lq2d_2yyS760kpF4RlU_fsZObemO-QVeMAuaKsmCXrAORHNdbNWaI4nu2RDeGZXCoZ
Request Chain 366
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEPmrp2QDWga4mkSG5Vqffe8&google_cver=1&google_push=AavPq0PuDiv0LdwcSOhsSY26K3tPVgZrxSgVcEVhGZUZuQoqk2uVm16fynbdebCKXhotjNlqb_Fkk4PGPzFYJMvygndGu9uFXCk6j9abggEOjT-MDJ2BDuAcRyrfLKO4Yzg2_oUEkJF5gdU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0PuDiv0LdwcSOhsSY26K3tPVgZrxSgVcEVhGZUZuQoqk2uVm16fynbdebCKXhotjNlqb_Fkk4PGPzFYJMvygndGu9uFXCk6j9abggEOjT-MDJ2BDuAcRyrfLKO4Yzg2_oUEkJF5gdU&google_hm=AT79y8cZBENXjqB9tbzBL-M
Request Chain 368
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENjoSGEDnE29WCbXFZo7tio&google_cver=1&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28EHU3ktWCB5t_gzQEsNY79XmI3DcwiJjhMYH_h5grOTuMmU_tglX6yHBfWE-V1Ykp2EQ HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESENjoSGEDnE29WCbXFZo7tio%26google_cver%3D1%26google_push%3DAavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28EHU3ktWCB5t_gzQEsNY79XmI3DcwiJjhMYH_h5grOTuMmU_tglX6yHBfWE-V1Ykp2EQ HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1633101085883266158&exchange=193&google_gid=CAESENjoSGEDnE29WCbXFZo7tio&google_cver=1&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28EHU3ktWCB5t_gzQEsNY79XmI3DcwiJjhMYH_h5grOTuMmU_tglX6yHBfWE-V1Ykp2EQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE2MzMxMDEwODU4ODMyNjYxNTg&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28EHU3ktWCB5t_gzQEsNY79XmI3DcwiJjhMYH_h5grOTuMmU_tglX6yHBfWE-V1Ykp2EQ
Request Chain 369
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOD9U2w5AxuimzYrh1G26kY&google_cver=1&google_push=AavPq0P_UZ6d70xDi-Q4HnJ9mHaIELvCIruKZsYCELLrxFiKCrsA4CHqzlYYM9jzyudJW631oT-EgET5vukbDs_bE27kFFDuXtDLsxlIpui2Jc_Z6XIJU9KPQOG1ea4qRYFtbT6kdWw3i5xO5w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D&google_gid=CAESEOD9U2w5AxuimzYrh1G26kY&google_cver=1&google_push=AavPq0P_UZ6d70xDi-Q4HnJ9mHaIELvCIruKZsYCELLrxFiKCrsA4CHqzlYYM9jzyudJW631oT-EgET5vukbDs_bE27kFFDuXtDLsxlIpui2Jc_Z6XIJU9KPQOG1ea4qRYFtbT6kdWw3i5xO5w
Request Chain 372
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELSRdhy1wEf_692T1UAsKgM&google_cver=1&google_push=AavPq0NjUeY-LI4e2CoTmmvRcCZu4N2O0rivFY8EnDo-yBvKuhPq22p_5DlIB9Bf7lgupE9Z0QLKLuHytCLGNy0nHnTIKcRK6kIKFiQJdu5491P0CWGh4xH-PszeIP845E5f0o22xGqhsL8mEEEBcHb4wYE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MDUxNDU5NjQ5MDE1NDk2MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELSRdhy1wEf_692T1UAsKgM&google_cver=1
Request Chain 373
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAhOEh6hcgdXVGK1-_dRwYM&google_cver=1&google_push=AavPq0OSf4raNJI0zgjIPK0hJhUlBsXyglLGrHEy-d_qrUIETuQ9vs6LRpkV1O00ekGBwxSfXVo8pMlmaPV_3VhI4EH4XZJKnordUgyBjWP0Q4uKEHux3cuHnQJkyCQ9VCvT8zZUVvc1huHn3xSu_DqJJg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0OSf4raNJI0zgjIPK0hJhUlBsXyglLGrHEy-d_qrUIETuQ9vs6LRpkV1O00ekGBwxSfXVo8pMlmaPV_3VhI4EH4XZJKnordUgyBjWP0Q4uKEHux3cuHnQJkyCQ9VCvT8zZUVvc1huHn3xSu_DqJJg&google_hm=jZuNT7yYQqWFg8R4t_1VLo4
Request Chain 374
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1&google_push=AavPq0McM12oDdPmWFeXqtLq-r7E5bze3kL-zU1mANlcUbZmmEVRCAitgMkufnr7_HdqR-K7UcuUVY-IFOas3ckitc0XoIfESulDA-IgT3O86A4JrxoN_Z7sgRmTDt9c_QvRc-j0S3AVKryihvI1HLNmInU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTV2RHE4Q284WXNBQUN4U2d5a0FBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1
Request Chain 375
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIx_J2mhuDleXCSjg0I5bM0&google_cver=1&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFPyhhEkA3Sx0bEa2_elnkcW9WCxMui4rCEohwPwNMiOhBTQio9QU1_F8tkkD7Fk8uKo_-3aU HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIx_J2mhuDleXCSjg0I5bM0&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFPyhhEkA3Sx0bEa2_elnkcW9WCxMui4rCEohwPwNMiOhBTQio9QU1_F8tkkD7Fk8uKo_-3aU&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFPyhhEkA3Sx0bEa2_elnkcW9WCxMui4rCEohwPwNMiOhBTQio9QU1_F8tkkD7Fk8uKo_-3aU&google_hm=bHJpREd1OURMRHRJQ3JObUVTTGE=
Request Chain 376
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJXFGpLslfllgW4Q5JZ5-Fk&google_cver=1&google_push=AavPq0NhozvnTLH4NHU0P3DCPUXuXDUVzQacPp_WKF1IC8SEFHKfgFW63cdpE5HFiGpkox580j4fxUGexFcObp_OQwfjmKQo1-PVzQdDw67HSeOdnPkdBF1RRUD5eyhHZwGv3nPNT9nJ8U9kNTGeNR4V_94 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==&google_push=AavPq0NhozvnTLH4NHU0P3DCPUXuXDUVzQacPp_WKF1IC8SEFHKfgFW63cdpE5HFiGpkox580j4fxUGexFcObp_OQwfjmKQo1-PVzQdDw67HSeOdnPkdBF1RRUD5eyhHZwGv3nPNT9nJ8U9kNTGeNR4V_94
Request Chain 377
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEBXZ6X7KO1uzULeEVfGHLIg&google_cver=1&google_push=AavPq0MGOpPQNMX7jQ8oLJP5IOCsu1nFUsUN7a5IbmtAcFrAx8qi_aDYGeqcINOIRtj2TKXf_Fep-NJfKeRDmy4H4wP5t1SpP_ZTHtWCNKgmesjqGUlHlkgxjNa0whv9YhNBoBDCThZDg-tlR7WEPt6Dv5E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AavPq0MGOpPQNMX7jQ8oLJP5IOCsu1nFUsUN7a5IbmtAcFrAx8qi_aDYGeqcINOIRtj2TKXf_Fep-NJfKeRDmy4H4wP5t1SpP_ZTHtWCNKgmesjqGUlHlkgxjNa0whv9YhNBoBDCThZDg-tlR7WEPt6Dv5E
Request Chain 378
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHn9vgGR4Er25oovAUYA05E&google_cver=1&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvAoqov_3NpwLGOlHPQkZf7l5YHgsYUAABXDYpfAc1zzkbmACQTdjLSF2rGxpao8dOK5U5qF4RVHRLOYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvAoqov_3NpwLGOlHPQkZf7l5YHgsYUAABXDYpfAc1zzkbmACQTdjLSF2rGxpao8dOK5U5qF4RVHRLOYw&google_hm=WTV2RHE4Q284WXNBQUN4U2d5a0FBQUFB
Request Chain 386
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5255120626500132149
Request Chain 388
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGO3E7HN4cAACAxKPi5mA&expiration=1672362162
Request Chain 389
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae4639b-c3ae-4c00-94be-7376bf7903cd
Request Chain 391
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d0c349a4-caca-8d48-04016383
Request Chain 392
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Y7LXHg8aTEM63OFOemkx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WJXJRMEQZZYMFKEKTJWGNHUMT3FNVVXQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WJXJRMEQZZYMFKEKTJWGNHUMT3FNVVXQ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Y7LXHg8aTEM63OFOemkx
Request Chain 393
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=974533835F9D416FB00BF3A590E6F282
Request Chain 407
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671152561452%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
Request Chain 413
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Request Chain 414
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=34rf44qKhLPEi4fn0dvLudiB1bbE2t-32oi9lEDG
Request Chain 415
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0o4tx5321P5Z7A5
Request Chain 417
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
Request Chain 418
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Bomd6Ptx1kVhja5_RY8u&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2QTPNVSDMUDUPAYWWVTINJQTKX2SLE4HK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2QTPNVSDMUDUPAYWWVTINJQTKX2SLE4HK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Bomd6Ptx1kVhja5_RY8u
Request Chain 420
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE_xk7HN4cAACDFjDf7ZA&expiration=1672362162
Request Chain 483
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&google_gid=CAESELOBCLxxxmWDWb-Ru3bu8V8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Request Chain 484
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBKwrMpttXP94t4hKMJdBDQ&google_cver=1
Request Chain 490
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=aXhrckt2LW01WVE
Request Chain 491
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
Request Chain 492
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&google_gid=CAESELOBCLxxxmWDWb-Ru3bu8V8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Request Chain 494
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e HTTP 302
  • https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3Db7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Request Chain 578
  • https://ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/B28348495.344055411;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/B28348495.344055411;dc_pre=CL3ipLf4_PsCFWS_SwUdQrAG5g;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 581
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5255120626500132149
Request Chain 582
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_639bc3b4257c9&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639bc3b4257c9
Request Chain 583
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Request Chain 586
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
Request Chain 588
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=lriDGu9DLDtICrNmESLa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23DSNFCEO5JZIRGEI5CJINZE43KFKNGGC HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23DSNFCEO5JZIRGEI5CJINZE43KFKNGGC HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=lriDGu9DLDtICrNmESLa
Request Chain 615
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQADwQunQAAe&gdpr=0&gdpr_consent=
Request Chain 616
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y7bdxpggfsy
Request Chain 617
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5255120626500132149&gdpr=0&gdpr_consent=
Request Chain 618
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu
Request Chain 619
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 620
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4zrUV83eRg5cK_t5-Jg7Oq310Y4
Request Chain 621
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae4639b-c3ae-4c00-94be-7376bf7903cd
Request Chain 622
  • https://idsync.rlcdn.com/420486.gif?partner_uid=868C18B6-C4A5-4198-AA13-94B96ED44ADF HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg2OEMxOEI2LUM0QTUtNDE5OC1BQTEzLTk0Qjk2RUQ0NEFERhAAGg0ItIfvnAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3d48afea784b7b20742ea9248e393064219d2ddc503d3fe27f8794a743bb38ee791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZDQ4YWZlYTc4NGI3YjIwNzQyZWE5MjQ4ZTM5MzA2NDIxOWQyZGRjNTAzZDNmZTI3Zjg3OTRhNzQzYmIzOGVlNzkxNDI2YjU0MTdkY2UyMRAAGgwItYfvnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZDQ4YWZlYTc4NGI3YjIwNzQyZWE5MjQ4ZTM5MzA2NDIxOWQyZGRjNTAzZDNmZTI3Zjg3OTRhNzQzYmIzOGVlNzkxNDI2YjU0MTdkY2UyMRAAGgwItYfvnAYSBAgCEABCAEoA&google_gid=CAESEDkFlzQTGWSrHLp8eQfGbTU&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fac5b1aa-0f37-4cc7-8b4c-195ba7d6dada
Request Chain 623
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gzOTyDZE2uXeLhI3j6iS8H7P8GPcaD0-~A&gdpr=0&gdpr_consent=
Request Chain 624
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522871640278562624&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=98634a23-b404-4601-b8ae-f5ddb66f6c8e&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522871640278562624&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207530804367000430548&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522871640278562624&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 625
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8750192507165236982
Request Chain 626
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3350514596490154961&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 627
  • https://pixel.adsafeprotected.com/rfw/st/796404/57922638/skeleton.js?ias_adpath=%23ISMViewability&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:e388208d-3fac-a111-1fd2-b05174dff5d6,c:wUVedh,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-744bf54998-mdjc5,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:532,mot:0,app:0,maw:0,fm:tq8xQPM+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:597,oid:58fa52c1-7cdd-11ed-a38c-36d25bc357c1,v:19.8.374,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability

671 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1671152544945689074
  • https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
523 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
60723334f47c555bd814a234ad0090d2fb761e7ced50952e06e6c5409edf0f57
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:27 GMT
expires
Fri, 16 Dec 2022 01:02:27 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 535587 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3ddf7430288ff097c3ca5286f62c6e5efa-1671152545&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=df7430288ff097c3ca5286f62c6e5efa
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=2993
content-length
154
content-type
text/html
date
Fri, 16 Dec 2022 01:02:25 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
275FEC52742BD6B3
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=74486
accept-ranges
bytes
content-length
11472
x-amz-id-2
IVnTIaUhKHXQir+Znof6dy37oHqsxU5oLNTbsgCQSwUsi/yxeEd2fckGsI5WAk0gjMs/U4ujn1Y=
expires
Fri, 16 Dec 2022 21:43:54 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
45848B4AA7DC4868
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=147467
accept-ranges
bytes
content-length
12052
x-amz-id-2
romzxQzdw/EtyocjUv4Yb6IcUsxbsLC7IQJ97xaM37jA51fZfXYpM06R7S477KI+0aMA0Ss1vmw=
expires
Sat, 17 Dec 2022 18:00:15 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
XE608XH2JQPY9M4C
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=538149
accept-ranges
bytes
content-length
12440
x-amz-id-2
xtS5X8zqfRWWlpi1B3sMWw57xMMm9nFysXQEZ0JUxoJkfCtrYy1ppxityt7bve71Sq+vT1Cfeko=
expires
Thu, 22 Dec 2022 06:31:37 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
D5509D0BA22E6447
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=290888
accept-ranges
bytes
content-length
11372
x-amz-id-2
gcjYwkNeKzl/QoYd2RdSCUAMdqlAfsg+6AGakSKNgroTpc7v9Hlkk/IvTe4PnMuy1AZAyHma9WM=
expires
Mon, 19 Dec 2022 09:50:36 GMT
lux.js
cdn.speedcurve.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
363
date
Fri, 16 Dec 2022 01:02:29 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
1594
x-cache
HIT
content-length
7152
x-served-by
cache-syd10156-SYD
last-modified
Fri, 16 Dec 2022 00:35:55 GMT
server
Apache
x-timer
S1671152550.573481,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Dec 2022 00:35:55 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:30 GMT
date
Fri, 16 Dec 2022 01:02:29 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:30 GMT
date
Fri, 16 Dec 2022 01:02:29 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2967
x-rq
sin1 0 2 9980
last-modified
Wed, 30 Nov 2022 04:28:24 GMT
server
nginx
etag
W/"6386dbe8-1d74"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:39 GMT
date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
nrt1 0 2 9980
last-modified
Tue, 29 Nov 2022 14:18:41 GMT
server
nginx
etag
W/"638614c1-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:39 GMT
date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
kix1 0 2 9980
last-modified
Tue, 06 Dec 2022 05:08:16 GMT
server
nginx
etag
W/"638ece40-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:39 GMT
date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
kix1 0 2 9980
last-modified
Tue, 06 Dec 2022 05:08:16 GMT
server
nginx
etag
W/"638ece40-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		240 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eda6cbe188160d4a7aeb44bc9af6cc6b97a4e9f8a84758b59b439c5202d0342b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
nVfirtuGA_ogEUwhrPSu6HBKH9hhpZPt
content-encoding
gzip
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:29 GMT
x-amz-request-id
YCT56ZNQ3M2V3X6J
age
44
x-cache
HIT
content-length
36319
x-amz-id-2
ggdjCLVymRgt0QgKVPHuKl6vIAYPGSPsgmRdjqfBuyzb5RWvMPOlRVscNZuaWW5T/YGfyFDmKCo=
x-served-by
cache-syd10176-SYD
last-modified
Thu, 15 Dec 2022 12:30:48 GMT
server
AmazonS3
x-timer
S1671152550.608599,VS0,VE0
etag
"ac646210abdb8d9a4c07095f6034dec9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
38
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
6f350db0
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/6f350db0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d984e305de27e0e2a7163350108b77fc35af26a417570f43d8ad32033153f1f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:30 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Fri, 16 Dec 2022 01:02:30 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8790
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"4d2df14b619cc0ba041d47e87337c4d13f28e63ff58a4c96625b07a6a054d624"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f6f350db0&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=6f350db0&session=df7430288ff097c3ca5286f62c6e5efa
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
8CFC5CF20FCCF0E0
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=170448
accept-ranges
bytes
content-length
16112
x-amz-id-2
AX9xKzvyw8F7URJ4HsRau/7gUlz9ldHtflgeH4seCCuG/IAZ+XqRAnV+hWm9j5KML9DAp3P3UaA=
expires
Sun, 18 Dec 2022 00:23:16 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 13 Jan 2023 07:35:09 GMT
date
Fri, 16 Dec 2022 01:02:28 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2442761
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
1J7K2R2S5W0QCG3W
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=412485
accept-ranges
bytes
content-length
15948
x-amz-id-2
nruS5wshl+Z53oSxuJC5+gzpa8OsRlwVDWEf/z6xyogyoJwFPbDOW+3prnciPYrDNF71xlrPNUg=
expires
Tue, 20 Dec 2022 19:37:13 GMT
f5be3056891869acd61b11449da2744d
content.api.news/v3/images/bin/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f5be3056891869acd61b11449da2744d?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
71e3b723f5ae76026f529032d00bf30ee21fb78dfa6473d8e849d84442450851

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
x-check-cacheable
YES
edge-cache-tag
f5be3056891869acd61b11449da2744d
content-length
9766
last-modified
Thu, 15 Dec 2022 23:43:47 GMT
server
Akamai Image Manager
x-serial
733
etag
d7fcc6ed07412c8df6129490dac92416-f5be3056891869acd61b11449da2744d-650
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179246
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 23:43:14 GMT
02f21382aef829fdd9cf74f582f26ef9
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/02f21382aef829fdd9cf74f582f26ef9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b873419c70b8ea89bcf56673a3010f24f9ea0b5fa2b3eee5bd82c2730b793ba7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Fri, 16 Dec 2022 00:54:37 GMT
server
Akamai Image Manager
etag
fd14fa4b966aef99dabd98f31efe939c-02f21382aef829fdd9cf74f582f26ef9-150
edge-cache-tag
02f21382aef829fdd9cf74f582f26ef9
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183526
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4542
expires
Tue, 14 Feb 2023 00:54:34 GMT
e8c8136eab414a175dfbc0754291c1b3
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e8c8136eab414a175dfbc0754291c1b3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5df9b5aa6074e6434f3ebbb7897d52c5040b85dea23c376b1a0ccd5a2e552dc8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:29 GMT
x-check-cacheable
YES
edge-cache-tag
e8c8136eab414a175dfbc0754291c1b3
content-length
5162
last-modified
Thu, 15 Dec 2022 23:43:58 GMT
server
Akamai Image Manager
x-serial
1925
etag
facaff9e68fbeff7bd7be7ba2dfdcec7-e8c8136eab414a175dfbc0754291c1b3-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179327
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 23:44:36 GMT
a55edf7f387f8ea377ecb74eb3cb172f
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a55edf7f387f8ea377ecb74eb3cb172f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f133540c0c926d332f3c4758411cf619558bcae72e56fc2a061b120761d6a8e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Thu, 15 Dec 2022 20:19:13 GMT
server
Akamai Image Manager
etag
fd4a3601abbd797acb4813a65075ee75-a55edf7f387f8ea377ecb74eb3cb172f-150
edge-cache-tag
a55edf7f387f8ea377ecb74eb3cb172f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5167007
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5171
expires
Mon, 13 Feb 2023 20:19:15 GMT
2cf1c16cf4cde77d074d785879226fb1
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/2cf1c16cf4cde77d074d785879226fb1?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
056756bf7602d67afcbec94cf373eeb3ca70b99e039db2690b7c242ed8a80e40

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Thu, 15 Dec 2022 21:12:48 GMT
server
Akamai Image Manager
etag
10629d3b348a0685e809361ffdeb94a6-2cf1c16cf4cde77d074d785879226fb1-150
edge-cache-tag
2cf1c16cf4cde77d074d785879226fb1
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5170168
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3068
expires
Mon, 13 Feb 2023 21:11:56 GMT
5496162ad93dbe37cff0fdd71b8e9643
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/5496162ad93dbe37cff0fdd71b8e9643?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ca16f812e3db2250581ea7917b1d480cb28f51e05f20bbf9a134cde4ffec3983

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
x-check-cacheable
YES
edge-cache-tag
5496162ad93dbe37cff0fdd71b8e9643
content-length
3657
last-modified
Thu, 15 Dec 2022 23:08:42 GMT
server
Akamai Image Manager
x-serial
1214
etag
2b1b0ee50e5cac24fbae31178e79cee3-5496162ad93dbe37cff0fdd71b8e9643-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177023
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 23:06:11 GMT
6a55b683d144c433cf9f180273ca1802
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/6a55b683d144c433cf9f180273ca1802?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3ef8b7133a8587845f82752bcdaf67c56a3b2441146b1b63b7c70f170d73cd0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:29 GMT
x-check-cacheable
YES
edge-cache-tag
6a55b683d144c433cf9f180273ca1802
content-length
6003
last-modified
Fri, 16 Dec 2022 00:07:59 GMT
server
Akamai Image Manager
x-serial
1159
etag
38e7ea4f68d4036fb47be0d57469daaa-6a55b683d144c433cf9f180273ca1802-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5180509
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 14 Feb 2023 00:04:18 GMT
385626d28d5e4f468e489d59b62e23ce
content.api.news/v3/images/bin/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/385626d28d5e4f468e489d59b62e23ce?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e23432edb82743800869821316f368d2dc290e0f50dc520155a42fce57db3b9c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
x-check-cacheable
YES
edge-cache-tag
385626d28d5e4f468e489d59b62e23ce
content-length
37834
last-modified
Wed, 14 Dec 2022 02:28:48 GMT
server
Akamai Image Manager
x-serial
1811
etag
c731151d7e3e2e6fab1b832de91512a8-385626d28d5e4f468e489d59b62e23ce-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5016419
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 02:29:27 GMT
f43ffbb80934ae8e6407487a0018ad3d
content.api.news/v3/images/bin/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f43ffbb80934ae8e6407487a0018ad3d?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4b0de807419bbac204627af01ac4647de367f1236da84060df6fecf86c630aa2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
last-modified
Thu, 15 Dec 2022 20:19:31 GMT
server
Akamai Image Manager
etag
206798a3dc1ba75adcea8bbc79e32738-f43ffbb80934ae8e6407487a0018ad3d-650
edge-cache-tag
f43ffbb80934ae8e6407487a0018ad3d
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5167107
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
23431
expires
Mon, 13 Feb 2023 20:20:55 GMT
cf1193b82a5836dad2cac1b7f0e77e9c
content.api.news/v3/images/bin/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/cf1193b82a5836dad2cac1b7f0e77e9c?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f76e5c0b14c5f8a937cca611499f2594d63d6f1623f46a88a50bc9e16fb6c4c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:28 GMT
x-check-cacheable
YES
edge-cache-tag
cf1193b82a5836dad2cac1b7f0e77e9c
content-length
58113
last-modified
Thu, 15 Dec 2022 23:45:47 GMT
server
Akamai Image Manager
x-serial
189
etag
86a1dfcc8fec34c06d2c840b20fa9e58-cf1193b82a5836dad2cac1b7f0e77e9c-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179337
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 23:44:45 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
7D7951CE58958EA3
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=367531
accept-ranges
bytes
content-length
540
x-amz-id-2
c9QV5xkLqZA3aeUA+058OxiQN9SbPZxH29WSoy5e4h/svbFFRtWq6gzsRBj8GficGxoExGdKPks=
expires
Tue, 20 Dec 2022 07:08:01 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.132.94 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:31 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
XCN5P0JRSH3G33R8
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
JvLVYCEPuK30JnmalWRLsWRF3lzUQJ/Indx0K1orVhFr5LXTmXj71Y5HNq+79uTFVal/HlvK7Gc=
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 01:02:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Dec 2022 01:02:29 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 13 Jan 2023 08:41:12 GMT
date
Fri, 16 Dec 2022 01:02:29 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2446723
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
/
www.heraldsun.com.au/_static/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGRuaGBoVEWAK9DIhM=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 16 Dec 2022 01:02:29 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 20:10:12 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 16 Dec 2022 01:02:30 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 16 Dec 2022 01:02:29 GMT
cache-control
max-age=57756
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
0CFAD35F585CD25F
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=514894
accept-ranges
bytes
content-length
535
x-amz-id-2
/dMDWimqjNaN3Tcwf330wcepiHJ85rowGvlxWAI4XFDCzqgpfSqU6umPtJ3+EDdM8Cd02euf6XA=
expires
Thu, 22 Dec 2022 00:04:04 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=387191
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Tue, 20 Dec 2022 12:35:41 GMT
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3db327f30abd927cb04397b021e5f2bbfb3eeaad43a60a7f271a3fbd8ed04cbb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 16 Dec 2022 01:02:30 GMT
x-datacenter
gce-asia-east1
etag
"e318ec5b06b0d633aa5cd0fc97b5b2398e2cdf243d74a5a19f147a7921b2d9e7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-gwkf
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 16 Dec 2022 01:02:30 GMT
x-amz-request-id
769Q37HT361EJFAE
age
262
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
tYdPMngv710tMSP6xQi7thZP+hgpno/vIuX2wz0Hkx5Gi1OeC9MsQuoSoynYmXr+kliP05dZYf8=
x-served-by
cache-lax10664-LGB, cache-syd10183-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1671152550.374290,VS0,VE0
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
3, 10
impl.20221215-12-RELEASE.js
cdn.taboola.com/libtrc/ 		698 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b96a281629dda172e65bc95d10d589a71b4b45edf4ee68a6d326789c9f66ab9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
yXrzcfQRfPkk3nHRQmrjaTVSbn15CjvQ
content-encoding
br
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:30 GMT
x-amz-request-id
XKP8QTKHJNP5W75C
age
17278
x-cache
HIT
content-length
148069
x-amz-id-2
aZ6OSpe6y5JY7Fa8+hfHXNfYak4VGFpjIsYEupRehQV+0dSytThpuqFNGiVV4jm8ES6iJVnIJEE=
x-served-by
cache-syd10176-SYD
last-modified
Thu, 15 Dec 2022 12:14:32 GMT
server
AmazonS3-br
x-timer
S1671152550.165988,VS0,VE0
etag
"1ece2524f4e13b48156b677a246be3e2"
vary
Accept-Encoding
content-type
application/javascript
abp
21
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
21592
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-129.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 15:57:46 GMT
content-encoding
gzip
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
63580
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
umSoUhDX0ygjsvSy2BMNpuJQHx--MN4IZMyzbf0Nw81Lurue1NyUdg==
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:30 GMT
date
Fri, 16 Dec 2022 01:02:29 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
"63844cfe-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Fri, 16 Dec 2022 01:02:30 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1605
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 16 Dec 2022 01:29:15 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-syd10142-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 16 Dec 2022 01:02:30 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1671152551.985807,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
313042
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:31 GMT
date
Fri, 16 Dec 2022 01:02:30 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29864
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-182d6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:31 GMT
date
Fri, 16 Dec 2022 01:02:30 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 01:02:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Dec 2022 01:02:29 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c98c20916f12f74e43f885162eb285c213a978a45c76769a2517e4b8c6d4b1ae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 01:02:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16115
x-xss-protection
0
server
sffe
etag
"6fc2662babd12b8e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Dec 2022 01:02:30 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8W8XE7H63ACAA50Q
age
1346846
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
WEpywNY9kINKGzy3pyUEoGXebdnrAVg/EQfwsrJ8pRbMrgTqp78ek4dm1Sb0dOyG5JgO70t9rfY=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ViHjlJNg6D0oDI93fpcvgzXOSLxi0%2FZ0aZkhhztGtrwI%2BtSBGzMiADf7RhuCe7JVFpSbjju7hf0GAZ0f316GKByR%2Bq%2FEdJkhZKmIymZoDiW%2FGw9bR8p2bD88jdtXLWQJqjFHsEs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
77a37e7399ac4a41-SIN
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=01%3A02%3A30.493&lti=deflated&data=%7B%22id%22%3A737%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1671107436850%2C%22vi%22%3A1671152550449%2C%22cv%22%3A%2220221215-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11073%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1290.671875%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2f8db62be1de5d9a54a2631f8ba49d15b14953ea52212255736be9ff159bb30

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
141
date
Fri, 16 Dec 2022 01:02:30 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-syd10176-SYD
server
nginx
x-timer
S1671152551.546191,VS0,VE141
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 16 Dec 2022 01:02:30 GMT
x-amz-request-id
CBJAXHHVTDDK1AH7
age
21481385
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
T+SO3zzAu/vI3ID3zGGjDx2/OWdNCwfDObUAO4AV3bMqhIR2V9jGe9Y4TcERARxY+Vu0wOuMQqY=
x-served-by
cache-sna10723-LGB, cache-syd10183-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1671152551.797618,VS0,VE0
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 23230
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-15.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:33:19 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
1031353
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
bTBYy98KxrL7WnQN2KMJWrWHl3joCf8KgkFX_0C0KNgSNBdA67aRVw==
authorize
login.newscorpaustralia.com/ Frame 0CB4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=js71RrUy2.fDOcSnq7qC3CJdAULmvdud&nonce=agbyJaFEfwISkZH7s91vp5QNphHlr-eF&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
230be5b7d68732a59fdfc31fdd975bc4a377a839301c0a2b9fbcbcb44d877e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
77a37e793cdc8994-SIN
content-encoding
gzip
content-length
805
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Fri, 16 Dec 2022 01:02:32 GMT
expires
Fri, 16 Dec 2022 01:02:32 GMT
ot-baggage-auth0-request-id
77a37e793cdc8994
ot-tracer-sampled
true
ot-tracer-spanid
78a0c88e330c309c
ot-tracer-traceid
3a0239eb05265359
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000003a0239eb05265359-78a0c88e330c309c-01
tracestate
auth0-request-id=77a37e793cdc8994,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 584 0 pmb=mTOE,3
x-auth0-requestid
d033399b778e8fccbd0f
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
997
x-ratelimit-reset
1671152552
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:31 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:49 GMT
server
AkamaiNetStorage
etag
"edd094a83833400340dd04039cdd122f:1670479309.994367"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Fri, 16 Dec 2022 01:07:31 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:31 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:50 GMT
server
AkamaiNetStorage
etag
"173d1f23698ee8297b151a48bdea9d96:1670479310.123213"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21334
expires
Fri, 16 Dec 2022 01:07:31 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		192 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:32 GMT
date
Fri, 16 Dec 2022 01:02:31 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45762
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 04:54:40 GMT
server
nginx
etag
W/"638d7990-30150"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:33 GMT
date
Fri, 16 Dec 2022 01:02:32 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3442
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-21ad"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
userx.20221215-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221215-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d771e8e3fac85b1113de6212248832838a6a24e6d3bde88342c7794e87b552b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
pvsLVnWetz1iIcepY9T789a1rJTNcS0L
content-encoding
gzip
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:32 GMT
x-amz-request-id
Y30PH22TN8A02WPP
age
94
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
4omxRl2MDYMyugNazE3sOpss7Kyd7Sv11Rf3w/LeytpnHKULsO3Z+KdipI/uOl6E45eVVEW0cR4=
x-served-by
cache-syd10176-SYD
last-modified
Thu, 15 Dec 2022 12:35:10 GMT
server
AmazonS3
x-timer
S1671152552.089667,VS0,VE0
etag
"0f73685c0f5b00a0f3d2bde2cfba6afb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
8
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
22
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Fri, 16 Dec 2022 01:02:32 GMT
via
1.1 varnish
x-amz-request-id
JC91BP2JQ28V5KMY
age
1022
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
G4eyqL9eH/PW5fQ6BSslf4KbqY0dfvjpFhoRZLmaJ+Urb5/+YMWAIR6OEj3azhAXZKdpNmy7jYg=
x-served-by
cache-syd10176-SYD
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1671152552.089646,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
8
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
16
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
YALUMBA-DELICIOUS-T3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/11/YALUMBA-DELICIOUS-T3.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3d8ee79a19143d47c20f10690e0123986c4fae2625bef8cd694cba3cafce847c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 16 Dec 2022 01:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/11/YALUMBA-DELICIOUS-T3.jpg
age
1855720
edge-cache-tag
573225354734633603489448099083075216451,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
573225354734633603489448099083075216451,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
263
req-referer
https://www.dailytelegraph.com.au/
content-length
7958
x-request-id
3d5d59c2b8bab667615f8d8414f9e1a4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100039-IAD, cache-lga21925-LGA, cache-iad-kcgs7200166-IAD, cache-syd10176-SYD
last-modified
Wed, 23 Nov 2022 03:51:48 GMT
server
nginx
x-timer
S1671152552.108615,VS0,VE0
etag
"bc591a3817bd13d99b3935c13a7e487c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 15
comments-count
mhr.talk.news.com.au/api/v1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=7fcb8813720a13ec73746887d663e456,afa8e6bf423c08a06b3b144e7ffd1ad8,f883d3a5d9b94db4bbc3fbc3d577686b,e452fab25b988f03184ee3f83d34eb66,64a928fa6e9567696f0b8d7750212c0c,ff0ec866d5daa9a0a3db89fb68e8493f,1246ae6b27b848641dd38481f9180654,0a8f6a9e76a1d9ae09b56df2f0e7ea3b,ce321dcee12101092f7d7dc65a29f7bf,4fda2f741a782932081cf7ac1173cc76,157bf8b366d6dc20cc2b482cb8c268e2,93ca629abcc797f95ff2d3f0542c8b11,767a8910dc0ab1088ed76e9adb91c539,4ca67ac17e960d93abf1ceb0b9af99c8,594e44798821593b20c48b9a43967aa7,445a954110e6a6f97a19525213628e49,722b266786583558d3feed4270330fcf,ca58256097b4596d84a452cdef656de8,556f0a1fd6a1380a30a4c4110ed17c7c,e1dfacd728776459b53cb4696e4c2398,e07aaaae5734be611f705674fafa34e7,05e7f3d292502d7a2e9aefcb4d86fcc2,50f8efa3feab821916c18e2ac0323c11,bd0182af0050e93727d6f2541aab5196,159d06a93112763b53620434ff7cc6c9,a77116bc5acebbf02a1e364ee35f7281,677cc4f8e3b67d0e3ee30912b12f908f,34a4a8a4f8f0eb7a07c761706c9c83bf,3db535d094cffe79eb190d0e8c9c6e40,d8a4c386a9b019351beb2a9c7894ea24,f2d5b346eec8ac2551f8553d33b5147a,6be969a44eb52f7bea566d2f070cb85c,249f22bc829072c398e2711b6fafa25e,ab7ce0d86d06912ab2280dff6212ce06,5cac2b6ee5fe1cc3188f38a77937b92d,67349ae239f76a8a2ef9bb1920525618,7f3d18c0df7151e40bb2e40fe2daa974,a018ac2b580c483ecc9a11d1c72267bf,c80aad85d3d15eb4f972adbf0c334e2e,9db05614805deb6b9a8bc2385cc5622e,5271a7442996245f7dca2e89994a2092,4b8befd2a69ff8b38683ddcb3ea067d2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
82ec8cd333ea0644fb3524da9d408727a214aab9d224863c75ff1a9cd1dbe48f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 01:02:32 GMT
server
nginx/1.20.1
etag
W/"624-yhk3JWdlTM8A/A35E8i71wxgpV8"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
51dedc90-7cdd-11ed-a051-d35dc4d0aff1
content-length
890
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
442b3c402128c6b3354ded0d6f2e6ff0fc98a7adcc6bfe5c723decd7e4141bde
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 16 Dec 2022 01:02:30 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1711
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=14
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 16 Dec 2022 01:02:44 GMT
1a9b6e7d4f9f03388987468c9a0caa95
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1a9b6e7d4f9f03388987468c9a0caa95?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
707d2c0e6f2ebf60d6f8555335382ee4b51f7577298d08a7f7b357e0efa33adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
last-modified
Wed, 14 Dec 2022 21:28:49 GMT
server
Akamai Image Manager
etag
8f69cbcc0c2eb35b3e7d9ba1f5e3ccf5-1a9b6e7d4f9f03388987468c9a0caa95-150
edge-cache-tag
1a9b6e7d4f9f03388987468c9a0caa95
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5084681
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5420
expires
Sun, 12 Feb 2023 21:27:11 GMT
ad585a5dfc408c0117c406b39c7cce45
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ad585a5dfc408c0117c406b39c7cce45?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f165a9d06f5fa4a94dde100488e8932c15f31013058fe53aecf6828378b73035

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
x-check-cacheable
YES
edge-cache-tag
ad585a5dfc408c0117c406b39c7cce45
content-length
8202
last-modified
Tue, 13 Dec 2022 00:48:27 GMT
server
Akamai Image Manager
x-serial
259
etag
af7f9a06bd1eec563c2ca3fe17dc639a-ad585a5dfc408c0117c406b39c7cce45-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4923963
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 11 Feb 2023 00:48:33 GMT
c3aac69b3b321934118cb867c9e93520
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c3aac69b3b321934118cb867c9e93520?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e1623e1451248e9a54e49b3fbc7290db5e5e620756f4c8933efeece19abc5816

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:30 GMT
x-check-cacheable
YES
edge-cache-tag
c3aac69b3b321934118cb867c9e93520
content-length
6621
last-modified
Wed, 14 Dec 2022 03:40:20 GMT
server
Akamai Image Manager
x-serial
1049
etag
6b9afaabc430fda4777ee8b5a1fe47c0-c3aac69b3b321934118cb867c9e93520-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5020506
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 03:37:36 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671152550877&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671152550877&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671152550877&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.88.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-129.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:32 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
fGq1zE2inJf9qc0L0WM-gelOwZE05JGz2xYAGFLvyyioN510khNjEw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671152550877&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Fri, 16 Dec 2022 01:02:32 GMT
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
dONX_OEvedPX3ACNxacEzPWAnQGEgPgAt_znR15uGqPMk-pZCtMtDg==
x-cache
Miss from cloudfront
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-129.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 16:21:14 GMT
content-encoding
gzip
via
1.1 17da3580ac51ce2ae5123bc46728adb2.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
63582
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ibn__V6zg-mXhMTsIR2TETNNUHdUwSw2M1Z1lDfM8xKfebFyQvBysQ==
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&lti=deflated&ri=ee25593a761ede2acf2b1bf7c87300ff&sd=v2_d73c1019abc1b44ca7c695bf52bb5738_f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926_1671152550_1671152550_CIi3jgYQgPNHGLGE0cPRMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGjvhs2V9cu1kixwAQ&ui=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&pi=/&wi=873729681997272865&pt=home&vi=1671152550449&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A02%3A30.920&id=1935&llvl=2&cv=20221215-12-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
80ac989a17ee405e242703dd5661b871
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/80ac989a17ee405e242703dd5661b871?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d06dfb9ba2818d82a6518c1e830da2fca0011c632452782d69dc372278a27556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:32 GMT
last-modified
Thu, 15 Dec 2022 23:14:31 GMT
server
Akamai Image Manager
etag
38ae0e56608d7f23e81774ddea04c62d-80ac989a17ee405e242703dd5661b871-150
edge-cache-tag
80ac989a17ee405e242703dd5661b871
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177677
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4642
expires
Mon, 13 Feb 2023 23:17:09 GMT
0f1e498dad5016b74d95d81ee0998203
content.api.news/v3/images/bin/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0f1e498dad5016b74d95d81ee0998203
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4cd4c532693fb60f644782aabe2b08453a2432b4310179e7b0429b40126571c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:32 GMT
x-check-cacheable
YES
edge-cache-tag
0f1e498dad5016b74d95d81ee0998203
content-length
30995
last-modified
Thu, 15 Dec 2022 20:56:11 GMT
server
Akamai Image Manager
x-serial
1238
etag
cbbe251dcdfd2f5a99ad46fcf555db22-0f1e498dad5016b74d95d81ee0998203-0
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5169178
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 20:55:30 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
f782453376c8eafe4712af01d339385534774c44b0ebdb57ed5eadf96d49e859
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Fri, 16 Dec 2022 01:02:31 GMT
x-powered-by
Express
content-length
720
x-served-by
cache-qpg1227-QPG
server
Google Frontend
x-timer
S1671150664.860602,VS0,VE336
etag
W/"774-Gz0BfRPqOiT4UaGn9yqXPba+ckw"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
52f50366e53cc2a06e63c148571c429a
cache-control
private, max-age=6
function-execution-id
xq930jimjtip
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.9,ms;q=0.8
x-country-code
SG
expires
Fri, 16 Dec 2022 01:02:37 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Fri, 16 Dec 2022 01:02:31 GMT
expires
Fri, 16 Dec 2022 01:32:31 GMT
function-execution-id
xkamvq9but57
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
15146d251f2ab79dea2e980116d4f2c9
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1248-QPG
x-timer
S1671152551.173052,VS0,VE234
717a7403e66fec5a988a4bc77c83af04
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/717a7403e66fec5a988a4bc77c83af04?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
98994f12023d36dfec4acab48919b1a38715786e87bef351f1f129cf09de71a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:32 GMT
last-modified
Fri, 16 Dec 2022 01:01:19 GMT
server
Akamai Image Manager
etag
1f89bae8e620c2bd9c7b9637df1c8c77-717a7403e66fec5a988a4bc77c83af04-150
edge-cache-tag
717a7403e66fec5a988a4bc77c83af04
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183888
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5046
expires
Tue, 14 Feb 2023 01:00:40 GMT
pixel_6f350db0
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_6f350db0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/6f350db0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Fri, 16 Dec 2022 01:02:31 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_6f350db0&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_6f350db0&session=df7430288ff097c3ca5286f62c6e5efa
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16711525516420.9907007104222036
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Fri, 16 Dec 2022 01:02:32 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 16 Dec 2022 01:02:32 GMT
cache-control
max-age=64535
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
cafe /
Resource Hash
54f113ab388f08aea775976f2178ee0efd5d444c7141cf1a4f3fb9bfc3685e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12628
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:36:38 GMT
content-encoding
gzip
via
1.1 9f6f7c775068d68476f4af0ffa848d4a.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
84355
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wOrRFzeGTRZZxkC51-Ev8kCO3muo4yoWBHVw8S06uF5rdI1gpLGUkg==
expires
Fri, 16 Dec 2022 01:36:38 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=59240
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=82931
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 01:02:33 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
C+xwG6mzxjMZNEv8WV2IK+cford/No91DYIbsW8yvPFwa2G2RqatKSBwKn99XTuFk+pmQB0bp/7YICAzr7qJyg==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-27.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:13:22 GMT
Content-Encoding
gzip
Via
1.1 0f2b81f417aa397d9ed9b32b2017aaca.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
2951
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
gUnNbG6VWnL0mq68RtCc54WuE-yi1ZkzW-lTHGw7hslwKlbEhSA3yQ==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-12-16T01%3A02%3A31.663Z&country=au&newsconnectId=&fpid=df7430288ff097c3ca5286f62c6e5efa
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.167.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-167-128.compute-1.amazonaws.com
Software
/
Resource Hash
79ee8e9cfdde7255fab7e1b11f2537e7ce824f89dfe6e088ef112b275d6ef51f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
UMrEOOoRVoPiBBX.XHkgU0Lo2Jl9BQ7R
content-encoding
gzip
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:33 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ740X792WN4M9N
x-cache
HIT
content-length
520
x-amz-id-2
dyRXwCFfuyLEyiKBxhe0MP6ZJf1JgnDEyhFPm93wlxrhsLFMv2BuMtgZpBGNpvJD3g9O+wO/tuo=
x-served-by
cache-syd10122-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671152554.541503,VS0,VE0
etag
"1e637b4fd7dec49af4390ec7ed24432b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
53001
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
9VZ67T48R79GN53B
age
1486
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77a37e874a526a6c-SYD
x-amz-id-2
6t/gGu1rBx86SQ4eFlHAN0QDkUzF9u73E+wZtd8HddYWlMenZW2oXbH+bTiaA+kG5o4PyqBfatc=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.44.233 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-233.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Fri, 16 Dec 2022 02:02:35 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f1604ee8add5dbb6f8ce1e3a4b7711de:1669603221.223968"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=45917
content-length
2297
tad.js
tags.news.com.au/prod/tad/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ada52adfc48f667e35362bd9e99165d1:1670478883.668009"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=39483
content-length
33851
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
bdda5fd122f247d9ac522edad66dad0f5874fd9cedd384cb8a974558b28d6837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27541
x-xss-protection
0
server
sffe
etag
"1422 / 765 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Dec 2022 01:02:35 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21bc24c8bcd1483603667dc443ad71f3f28d14839667c31a6fb7acf357bb2770

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:36:20 GMT
content-encoding
gzip
via
1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront), 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
last-modified
Thu, 15 Dec 2022 17:02:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
age
1576
x-amz-server-side-encryption
AES256
etag
W/"1453894bd42bb648e199d9d7d63e6cba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
_dcUtb6ARe601bec7To3lq8m8XqaO1ZWXU6ARK_JJi4pDFJOOcYIfQ==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=38783
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-87.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:42:09 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
1226
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
uXP7JSNY1GHe8KdE9dLQs4nB-wtmqWdJFy9Yr3jBQNH5DF0Ss0eK0A==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b9045a036305d0268317898151e53de:1667439593.577923"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=59747
content-length
5801
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 16 Dec 2022 00:06:44 GMT
server
cloudflare
age
3350
cf-polished
origSize=5866
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wioLUTf%2FuIAVGP4DTMszosL6DV2Pbj%2BlkwM3m6JBxC3LZGzyC6TOsOiczyH13ere3oAi9tmBwaTKW5JyQ4Xip9A6yQmiU5pTWdhOk36Uxo06lMazGPjWMlRSYpz1HSWdC23P8UtC"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77a37e8b9ad3a8d0-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Sat, 31 Dec 2022 01:02:34 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		1 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:09:54 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Fri, 16 Dec 2022 01:02:31 GMT
last-modified
Fri, 25 Nov 2022 07:11:01 GMT
x-timer
S1670908410.580240,VS0,VE347
etag
"b1ca29a23e5260534bf5bac85850f27c26008d0db91e6f95dc58f6ba485b4e12"
x-i
true
vary
Accept-Encoding
x-served-by
cache-qpg1242-QPG
content-type
text/css; charset=utf-8
cache-control
max-age=443
accept-ranges
bytes
content-length
482
x-cache-hits
0
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1f33bea29d3a3031701b094adb902ff0e8609f9629c6bee9d9ee45bdfe78bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:30:00 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Fri, 16 Dec 2022 01:02:34 GMT
last-modified
Fri, 25 Nov 2022 07:11:01 GMT
x-timer
S1670908409.392753,VS0,VE258
etag
"456051da5149d639dd12231e1f147753d0bd2cb193079988e6aac163b80e871c"
x-i
true
vary
Accept-Encoding
x-served-by
cache-qpg1278-QPG
content-type
text/javascript; charset=utf-8
cache-control
max-age=1646
accept-ranges
bytes
content-length
7797
x-cache-hits
0
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
95
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:31 GMT
via
1.1 varnish
x-served-by
cache-syd10176-SYD
server
nginx
x-timer
S1671152552.890650,VS0,VE95
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
title-arrow-blue.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		168 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-blue.svg
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.214 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-214.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
last-modified
Wed, 14 Sep 2022 05:11:08 GMT
server
AmazonS3
x-amz-request-id
4S5JTGWCSWBHNB03
etag
"66be3d1dd6a8e48ce691f235e6119f50"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=360594
accept-ranges
bytes
content-length
168
x-amz-id-2
gUzQxo5Wray7qrMjMwq/E8acfAtIb4VU4TBORDtft/eIL3V+hPswuKg/TvVi+AQMB8zhK8aUyo4=
expires
Tue, 20 Dec 2022 05:12:28 GMT
v2enprtOE3NXrHRHcc3OZeLkiKqE2ZqSYrB3p-NKffUBhUC1BgZMBw4oKfheIAsTFajw--N7y
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2enprtOE3NXrHRHcc3OZeLkiKqE2ZqSYrB3p-NKffUBhUC1BgZMBw4oKfheIAsTFajw--N7y
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4c75f8a634a5b74c5958044005b8dac2e4348cb99655465467e92d3727a7f4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 16 Dec 2022 01:02:32 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-gwkf
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 16 Dec 2022 01:02:31 GMT
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b890e2fe66bddbfcf0aad772997478817d1ee529a7d79bc58d296a33a68970fa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:35 GMT
date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
31250
x-rq
nrt1 0 2 9980
last-modified
Thu, 01 Dec 2022 00:12:15 GMT
server
nginx
etag
W/"6387f15f-79f6"
vary
User-Agent
content-type
image/png
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers
27213587
login.newscorpaustralia.com/akam/13/ Frame 0CB4 		0
0
BXzEPMh4B
login.newscorpaustralia.com/mtGhi0OCHx/jM/rPt09xMY/pOL3rmrcuVaw/bUw8AQ/QDN/ Frame 0CB4 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN5-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
TucMuRo0wQet2z_7KQV_92pMFouMoYnE4Sn-asuPeO0oMgM17tPVEQ==
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-73.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 23:05:47 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
7009
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ZzzhbK6l29L3YsjkDMFqUBd8nl2pDFZof8UKiulqht7ur8RK4wcvAw==
101956
jadserve.postrelease.com/suid/ Frame 9FC8 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.236.153.238 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-204-236-153-238.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:35 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
rtb-h
match.taboola.com/sg/supershiprtb-display-network/1/ Frame 9FC8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5vDq8Co8YsAACxSgykAAAAA
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5vDq8Co8YsAACxSgykAAAAA&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3DY5vDq8Co8YsAACxSgykAAA...
0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5vDq8Co8YsAACxSgykAAAAA&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3DY5vDq8Co8YsAACxSgykAAAAA&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1671152556.965575,VS0,VE130
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10176-SYD

Redirect headers

location
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5vDq8Co8YsAACxSgykAAAAA&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3DY5vDq8Co8YsAACxSgykAAAAA&isDirect=0
date
Fri, 16 Dec 2022 01:02:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
417877
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 9FC8
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=1be512a9aaf44966a9...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1be512a9aaf44966a94859e248d01039
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1be512a9aaf44966a94859e248d01039
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
417607

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=1be512a9aaf44966a94859e248d01039
date
Fri, 16 Dec 2022 01:02:36 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 9FC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 9FC8
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBPT30PN-1T-J9B5
0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBPT30PN-1T-J9B5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671152556.028750,VS0,VE94
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-syd10176-SYD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBPT30PN-1T-J9B5
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9FC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDoX_qUEV4m0xBBYpAL3jYU&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDoX_qUEV4m0xBBYpAL3jYU&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 16 Dec 2022 01:02:35 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671152555.456386,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10176-SYD

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDoX_qUEV4m0xBBYpAL3jYU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9FC8 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 9FC8
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
date
Fri, 16 Dec 2022 01:02:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
417877
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9FC8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
96
date
Fri, 16 Dec 2022 01:02:35 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671152556.822111,VS0,VE96
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10176-SYD

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 9FC8
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
63.251.14.3 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sea1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sea1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9FC8 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7675cfbcb7-r4fjq
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 9FC8 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.52 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 9FC8 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.55.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-55-209.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:36 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9FC8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=66cac4ba-8c9e-41de-8046-5b238d0457ef
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=66cac4ba-8c9e-41de-8046-5b238d0457ef
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
417607

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=66cac4ba-8c9e-41de-8046-5b238d0457ef
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
906032
content-length
0
expires
Fri, 16 Dec 2022 00:00:00 GMT
8.gif
id5-sync.com/c/464/10/0/ Frame 9FC8
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5255120626500132149&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-aa78WJ9lVhQMsi1CIXxeaCgxSplzEmBcXrQuVCL7bg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F4%2F4.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/4/4.gif?puid=C7790B263FECDBD9&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/3/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/3/5.gif?puid=5255120626500132149&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F0%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F0%2F8.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/0/8.gif?puid=4215561582167017865&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/10/0/8.gif?puid=4215561582167017865&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 16 Dec 2022 01:02:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://id5-sync.com/c/464/10/0/8.gif?puid=4215561582167017865&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9FC8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=3eb1b694-ae90-424c-8a07-eefafb50cc7c
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=4IzS-9cylgN-Wg&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
420020

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Date
Fri, 16 Dec 2022 01:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 9FC8
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=129c3c4c-ed3f-4aad-9be9-696895f26f3f
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=129c3c4c-ed3f-4aad-9be9-696895f26f3f&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3D129c3c4c-ed3f-...
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=129c3c4c-ed3f-4aad-9be9-696895f26f3f&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3D129c3c4c-ed3f-4aad-9be9-696895f26f3f&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 16 Dec 2022 01:02:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1671152559.526647,VS0,VE131
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10176-SYD

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=129c3c4c-ed3f-4aad-9be9-696895f26f3f&tbid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&query=taboola_hm%3D129c3c4c-ed3f-4aad-9be9-696895f26f3f&isDirect=0
date
Fri, 16 Dec 2022 01:02:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
421333
sd
u.openx.net/w/1.0/ Frame 9FC8
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=
date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame 9FC8
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 16 Dec 2022 01:02:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 16 Dec 2022 01:02:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame 9FC8 		49 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.246.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-246-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
274
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 9FC8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4zrUV83eRg5cK_t5-Jg7Oq310Y4
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4zrUV83eRg5cK_t5-Jg7Oq310Y4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
421333

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=4zrUV83eRg5cK_t5-Jg7Oq310Y4
Date
Fri, 16 Dec 2022 01:02:37 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 9FC8
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&gdpr=0&gdpr_consent=&us_privacy=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 16 Dec 2022 01:02:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 9FC8 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 9FC8
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d19654bb-82c7-4e26-b189-d64d728d106a
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d19654bb-82c7-4e26-b189-d64d728d106a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
422147

Redirect headers

date
Fri, 16 Dec 2022 01:02:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=d19654bb-82c7-4e26-b189-d64d728d106a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:36 GMT
x-amz-request-id
X0ZYP01DBVFV8BGR
age
2115
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
4Kz0IYrYemcpVmkh7tqXAdNXHjnvoIBG0gj4fKylvZEutp7Kxoecb4kvf6bm3AoltdeGYgepo18=
x-served-by
cache-syd10176-SYD
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1671152557.910104,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
8
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4843
eid.es5.js
cdn.taboola.com/scripts/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221215-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95a0a3e04c4d3d467eb4f90f9a5adcc78acf490cfc91b70b17c14ce3913b0c13

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Selzxesyize0sMwHTGFFWAHTB1VZ15_v
content-encoding
gzip
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:36 GMT
x-amz-request-id
9A00N17F3S74XWS1
age
16562
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5615
x-amz-id-2
SSlneHdMvkLiqb5uCbLzaxh3qoJP1rh6xW4YtAZyWMyTBxwO762UsiU9r7s9PngExD/S3uv3028=
x-served-by
cache-syd10176-SYD
last-modified
Tue, 13 Dec 2022 10:04:05 GMT
server
AmazonS3
x-timer
S1671152557.910284,VS0,VE0
etag
"2f0c9514d2851585dfff8603176b2063"
vary
Accept-Encoding
content-type
application/javascript
abp
8
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
38837
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 varnish
x-amz-request-id
R49A95MEAARZDWRY
age
5722
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
OwQO4r3NRn2mobB8qX5KI65TenVKTAqHjn3l8Eljsiqz/LERXHRjxQ8w1JWWw1vGRMYpafcYhZ8=
x-served-by
cache-syd10176-SYD
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1671152557.910266,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
8
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1067
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
84702
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 01:30:55 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBngOzGUbDUEK7TFKJJVsuA5JeeFLvgyhTQYjJTV4ubnWyQZz_vsJHwBOBK8X8it384G32TIG9V82mZ4ePP67KBwV1LDSj175mMaleINQ7ucKWYRt_EnKZjyOpHsyeQdkxc0GEYytR9-LduJDa&sai=AMfl-YTSo00qP4AU6QpQp4IoxoHYgaK0Wsy4j3H8ugZkGeDMTAFiuiDm3ftDC2QGfzq7E2nejdWd9deOhhLGDITKyw&sig=Cg0ArKJSzJKuuRTqy3GIEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221207.85115&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:33 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CZVJGVCrLAEnW8pS5&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11250&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=10985&t=CYXUZ0CTcU7HBTHy8gD4UzeGDjIqtm&V=139&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=OknGoCX7M7ytDcxFDVx2H4C9K0eh&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.87.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-87-237.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671152553647
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671152553647
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671152553647
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9c1ca20f49b5fd3ebf3f04cbae4fc4c9289e60e46b326cac72247cb9a6885405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0c2302585.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
qOFyMJ5sQeg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1558
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v041-05dab4ffe.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7r1FRncnRBw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671152553647
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2baecf61e76db3299173f3f15490f3b9184c98cffdcecbc0207ee967abe2a63a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
s5aemWNnA0EVHnz21zY7ElUpgOsa7OQO
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:51:44 GMT
last-modified
Thu, 15 Dec 2022 19:19:29 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
659
x-amz-server-side-encryption
AES256
etag
W/"ce63a6c973c71dcebde12bbb1649ef46"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
zpWRSfXkoaVXLvGQMVKGy7wktTDuxul4RAy1yyxuaybpnVN0ugTJrg==
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
00963888aa539b10793484d1b020aac609a909c06f08441b3cb0b3cc37e9635f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 01:02:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85936
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
cWb7x5nYpztSfh0hAZCsWINyvPFWpyuu5iKaosLMmwY5CpaKMaywLpsRoCof5tNnxbxLRdgg3TOheYssSfRkzw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
server
AkamaiNetStorage
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=1319
content-length
65
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=7be7723fd9fa1906888c05dc9ff8e922&timewithTz=2022-12-16T01:02:31.663Z&country=au&newsconnectId=&fpid=df7430288ff097c3ca5286f62c6e5efa
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.167.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-167-128.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:37 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.91 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-91.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 12:49:58 GMT
server
AmazonS3
x-amz-request-id
VBSGRMDGRMTATJDJ
x-amz-cf-pop
ATL58-P1
etag
"35540205d0226005e7cee3000c54ae8f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
EUbtxkrcE1cKQzu7ZKs1tD2beamQSVDnt1xDcYZja63v86LbG_BGNw==
x-amz-id-2
l/gSRa5XquhGfXrcUKta7HP7iDuMtOTx8XKIN+IsOqP1UxdcsJYoJpFXlDIZt2GxhLkxqy5DkAo=
content-length
21840
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202212080601&cb=1671152554761
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 16 Dec 2022 01:12:34 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CZVJGVCrLAEnW8pS5&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=11343&o=1600&w=1200&j=45&R=1&W=0&I=0&E=1&e=1&r=&KK=176::2456::nQszJgvuX9BnsNYcB7nrrKC9hrat::::c::https%3A%2F%2Fwww.heraldsun.com.au%2Ftopics%2Fthe-royals::Is2FUCPWbkpBugTqxBKcDKTCAD7Dv::&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=10985&t=CYXUZ0CTcU7HBTHy8gD4UzeGDjIqtm&V=139&tz=0&_acct=anon&sn=2&sv=OknGoCX7M7ytDcxFDVx2H4C9K0eh&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.87.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-87-237.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
query
www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/ 		28 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.13.1)%3B%20Browser%20(lite)&x-algolia-api-key=&x-algolia-application-id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
33f6fc3033ee33a0f3533e9105efc5244028a5c53dd814525cbb6c419443e2bf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

expires
Fri, 16 Dec 2022 01:02:34 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 16 Dec 2022 01:02:34 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
content-disposition
inline; filename=a.txt
x-opw
4
content-length
28246
pragma
no-cache
x-alg-pt
11
server
nginx
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:34 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 16 Dec 2022 00:06:44 GMT
server
cloudflare
age
3350
cf-polished
origSize=47101
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6kAPwjwrib%2FPv5sNHFhO%2B5l1kNBG92DjfIMELie%2BS47BaxX28LtQ8NI8eOHBdxaV0MpcpJhhqyQ6bniBYbvjo2tIzVkzHuY8miYv2PgOM4IiYaxq9J1ZCAQTYj3dv5NxGkOzjus"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77a37e8c4b3ea8d0-SYD
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-40.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 10:28:21 GMT
Content-Encoding
gzip
Via
1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
484457
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
O6n5sMPyQARBq1BYp_1EfiERYyXIy1aQ1Somxe7lOSqeYGnFIviUSw==
dest5.html
newscorpau.demdex.net/ Frame 9483 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-167.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v041-039bf2bc9.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
SX8BJHgeQ4w=
content-encoding
gzip
date
Fri, 16 Dec 2022 01:02:35 GMT
last-modified
Fri, 28 Oct 2022 13:33:44 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=73977920735991626331607330381802921694&ts=1671152554985
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-179.data.adobedc.net
Software
jag /
Resource Hash
a4fba9383e0638379a3e43d67f2664ac611337f93c7835b5225c619696ef474c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y5vDrQAADtGiWAAe&d_uuid=73956692102159585471605233320435453892
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=73956692102159585471605233320435453892
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5vDrQAADtGiWAAe&d_uuid=73956692102159585471605233320435453892
0
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5vDrQAADtGiWAAe&d_uuid=73956692102159585471605233320435453892
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-039f2e248.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
WlE3geZBSTM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5vDrQAADtGiWAAe&d_uuid=73956692102159585471605233320435453892
Date
Fri, 16 Dec 2022 01:02:38 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
c.js
collector.brandmetrics.com/ 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=7444546
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
content-length
0
content-type
text/javascript;charset=utf-8
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 16 Dec 2022 01:02:35 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame BDF0 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
2384
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 16 Dec 2022 00:22:52 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wGG_BbiUJuDVZS2i7oaxcy2oX74pjMjn3Csk0Toze4Juc0issxMgKQ==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=df7430288ff097c3ca5286f62c6e5efa&&bust=16711525551590.3694622444862794&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
160bd5b24ce2af7464aee520d10b7d180f09a94787ffd55c21b0d18b74324ba5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
v3jgQ9dvduoJ4tC6AutIOGAvaG34W3X6Lqk9j9rfQGsn0eTO3TfPYg==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Dec 2022 01:02:35 GMT
Server
nginx
swg.js
news.google.com/swg/js/v1/ 		149 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
sffe /
Resource Hash
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46777
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 18:33:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:38:42 GMT
comments-count
mhr.talk.news.com.au/api/v1/ 		115 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=895c31a4e898f9d8db3473340088aba9,%2098d56a434068bddbeecc864e00fbd3a9,%204812c9192332d4421d6a015eb3f2400d
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
b55cf6f004895c53bd2e283d9633df67a0fd981fd7955946835deeb49e6e1ab3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 01:02:35 GMT
server
nginx/1.20.1
etag
W/"73-3AsuWGYQOxchkfhR2blZj8wvR4Y"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
53cf8900-7cdd-11ed-a051-d35dc4d0aff1
content-length
106
x-xss-protection
1; mode=block
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221216
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32488
x-jsd-version
1.0.1556
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4550-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-7f8qDY2VEq3Tg9Q/RU9Vxgw1xIU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uvnjk%2BsfxYIWbPzKld6t3Y8tB9%2BVSrMcSqdbite0MmgU34Uin7WBRV7aTQum4EgAYMmyUP3hzzXSi6X8he6dxXGS0i5gBLQGc7l9AwNiiC3%2F3WVIAJuF3jx9dnTOIpbtwD0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77a37e90680da823-SYD
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-13.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
36691917333c34d70a8f4e8907f33869549b5a02ef9f8326a32175f8fd07d30b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
br
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-P1
etag
"13062...218.2022121601"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
CewYYzTnDy-dq775LywVW9Gp6bWMHKwygC5mFPnCRgFACU7hOKaJIg==
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 18:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Dec 2023 18:04:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:35 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:39:01 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
15813
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
r_JKUiRaOvTTOn0c7qwKRP0hFRvAv3uw5s4PgDMS0MCs40I-gi3-SQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 9f6f7c775068d68476f4af0ffa848d4a.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 05:17:01 GMT
x-amz-cf-pop
SIN2-P2
age
71147
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
CPFqK7JP3bVv6BJoeaZG4bg84QgENFVX5YwyCMkOd9L33g2uVEo6jQ==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e237eff9aa31f56802a5457bb48eb043c9123629a678ccf14371defe665a7281
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 16 Dec 2022 01:02:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
4f221bc2f86320957a6930c3498d121fcc36d02f5f053dd87dd424745f13445f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 16 Dec 2022 01:02:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=73977920735991626331607330381802921694&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01df7430288ff097c3ca5286f62c6e5efa%011&ts=1671152555831
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
980dbafb3c0bf1cdd0bb5ae8c403fbbd73db134afe75edc5f598ee57139bf90f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v041-01bda8aba.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
8lMJwXFvQsQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1559
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 16 Dec 2022 01:02:36 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.104.211.97 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-104-211-97.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Dec 2022 01:02:36 GMT
Server
nginx
ibs:dpid=358&dpuuid=5255120626500132149
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5255120626500132149
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5255120626500132149
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0de159760.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dQqEgd/WRVU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 16 Dec 2022 01:02:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7837def8-5cdd-4a98-b24d-8a6de90a1311
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5255120626500132149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s65777316283011
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s65777316283011?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=16%2F11%2F2022%201%3A2%3A36%205%200&cid.&newsnkidcookie.&id=df7430288ff097c3ca5286f62c6e5efa&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=df7430288ff097c3ca5286f62c6e5efa&mid=73977920735991626331607330381802921694&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D112&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=12%3A02%20PM%7CFriday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=112&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=df7430288ff097c3ca5286f62c6e5efa-00000000000000000000000000000000-1671152552956-172762&v110=2022-12-16%2001%3A02%3A25&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-179.data.adobedc.net
Software
jag /
Resource Hash
545e78ae2b4d6507c3e9eb2ea6698fd7a4c6ea44b92397e11ed10d1a40907896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-aam-tid
fe9ZrMkeTB0=
date
Fri, 16 Dec 2022 01:02:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-1-v041-03814018f.edge-usw2.demdex.com 14 ms
pragma
no-cache
last-modified
Sat, 17 Dec 2022 01:02:36 GMT
server
jag
etag
3588772788889747456-4619733039524592268
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 15 Dec 2022 01:02:36 GMT
ibs:dpid=470&dpuuid=3350514596490154961
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3350514596490154961
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3350514596490154961
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0e868ee09.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
m+dkodrfSxA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3350514596490154961
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
prebid
ads.playground.xyz/host-config/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
4c70fea5-77d6-409a-a06d-afe8de536a5d
v2
mfad.inskinad.com/api/ 		86 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a026be89951dfa5f2dffbe9aae228280088a9664139f3aa180e6f2328201695f

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
content-encoding
gzip
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"15687-pIE1fEARZx1mFu1nz0xW5neRho8"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by
bifrost-production-shard001-us-east-1e-i-003f21b4504a88847
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=71747815935
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ 		37 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22153929bf6040276%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216741914e2d0ec%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%22195a7654494e31b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%2221c3deee99d053b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%2222534cee8ba5bf9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d8d4d0ac971f59345b73a988d9e621bf94f0b8e89a03388a8eec3342ed895e

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fD%2BKR2%2B%2Ba8To53ZHk7wY%2BIqoL5%2FJ9fEpfWJZRykApKNWP9YaldK4wkn1jvd4ve0Se4EwWlSzrquSRknQxg5gWndnRRDjWYSb3dL5a7TwwZqHcHHv73Ll4%2BuMjq3VpVASbt4wTgi"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77a37e964855a97a-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		496 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
acbb30fcc33a9c58f57efd3b4a0d7f04e2afe64d88c3f74b37e1c85f04c0ea90
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:36 GMT
AN-X-Request-Uuid
2763faa5-ed8a-4f69-8d57-ab5029b8b096
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 16 Dec 2022 01:02:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=f96ec43f-3aa0-4dd3-8d27-b4e25eb84ecf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.41956893160019915
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6ed685033853dc3e218e56c366c019b654b4695e322b9392a37bb923c96b2c10

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=335cedc5-f791-4eec-bfed-49f9ab155b0e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.6210812638659631
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
659afe4f88a83decaea31a575588ffe8462ff3aa166393e4fe3f3614ac9a81a3

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
406
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=60bf3aa4-f892-4366-8cf9-747163abbf10&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.6105015770851747
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
17e260d0e7d304a38b587e2271b1c2dd43b18d3a5d53ae5cc19edbaf8010a22f

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=36cc7dde-8480-4ea7-a567-4e70bca0d15b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.5409076850884718
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
db7a2a5604bda9c65ea872cb1cc6f963f4ba2c3cf561f30c448f092f78c2d93a

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
386
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		113 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=EBiomUoWQarTS&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:36 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
UKa72VxWR5FQU2Sxn7lJEuSYH30Y5HO2LmRhLlgXHa_ULw6XfcwSjA==
ibs:dpid=481&dpuuid=LBPT30PN-1T-J9B5
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=73956692102159585471605233320435453892&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBPT30PN-1T-J9B5?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBPT30PN-1T-J9B5?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-05e3eb769.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
iJ5yMr2US7Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBPT30PN-1T-J9B5?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEH8l9sOf8lsVkXW_LkP7F5Q&google_cver=1
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzM5NTY2OTIxMDIxNTk1ODU0NzE2MDUyMzMzMjA0MzU0NTM4OTI=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH8l9sOf8lsVkXW_LkP7F5Q&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH8l9sOf8lsVkXW_LkP7F5Q&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-03e40795d.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qM0qu5LiT+Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEH8l9sOf8lsVkXW_LkP7F5Q&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0d64ea920.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7WvRHnmHTiw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 9483 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0ac0bc90f.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+usbzBgXS5c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOWpNGYai8X1%2FgH1cCoxjptj5kNSXLCCl9mRmqNS8sihGXoQWkKCD4YwM3FGa5GDVhplA6uVwVsTaiLHkPfyybBr4PfNUwYUz7rs9Em%2BGN79a8RRD1thp2fmw4fvLTEqjphVO%2BVW"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
cache-control
no-cache
cf-ray
77a37e9adcf7a80b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
1cb3ede1f3a74da6c531c05895cf179220e00202a512c44962f8b2736f384619
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ibs:dpid=30432&dpuuid=CI-19097d74333dc041ba1435c36c60320d
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=73956692102159585471605233320435453892&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-19097d74333dc041ba1435c36c60320d
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-19097d74333dc041ba1435c36c60320d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-04c095abe.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lF4iNO+cSCw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-19097d74333dc041ba1435c36c60320d
Date
Fri, 16 Dec 2022 01:02:37 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=73956692102159585471605233320435453892&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=73956692102159585471605233320435453892&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0f404dc1f.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
TrAIiBIZQHc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 16 Dec 2022 01:02:37 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-73.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
ph6ve-N3GQA8mbITNfBwg_JtfxqjPm_khadgwTDYK4r1XHssAvQo8Q==
expires
Fri, 16 Dec 2022 01:02:36 GMT
iu3
s.amazon-adsystem.com/ Frame FCB6
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Dec 2022 01:02:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SC8M3Z6PHMZ6SV12DRK4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Dec 2022 01:02:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HKX4D25PNW8CCBVNSBDC
/
pips.taboola.com/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-syd10156-SYD
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 9483
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=73956692102159585471605233320435453892
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=73956692102159585471605233320435453892
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=73956692102159585471605233320435453892
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.41.136.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-136-75.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n018-pdx-prod.krxd.net
date
Fri, 16 Dec 2022 01:02:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1671152558
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=73956692102159585471605233320435453892
date
Fri, 16 Dec 2022 01:02:37 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a020-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=73956692102159585471605233320435453892&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0cd2b8174.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
uMHW1nkUS58=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Fri, 16 Dec 2022 01:02:38 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?id5id=ID5*zFxo38Ogel_ZKuoj0SG3WvU5pFJVw_l4GArNogAWr94wG2y28UF78ri1QdYWrzvp&o=api&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 16 Dec 2022 01:02:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		725 B
828 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=0bd2be39-0614-4f8b-a3f8-956477971553
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-101.data.adobedc.net
Software
jag /
Resource Hash
3a55cf235c2f8cc8b9802ce77fa1a010db5f96461173bc5bc3b91a8e7a6f446b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
x-xss-protection
1; mode=block
x-request-id
0bd2be39-0614-4f8b-a3f8-956477971553
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.11.2:836cd9b5
pixel
cm.g.doubleclick.net/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTV2RHJRQUFBTk4yYmdBcA==&_test=Y5vDrQAAANN2bgAp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTV2RHJRQUFBTk4yYmdBcA==&_test=Y5vDrQAAANN2bgAp
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.762722,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTV2RHJRQUFBTk4yYmdBcA==&_test=Y5vDrQAAANN2bgAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 01:02:38 GMT
cache-control
no-store
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y5vDrQAADtGiWAAe
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5vDrQAADtGiWAAe&expires=90&_test=Y5vDrQAADtGiWAAe
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5vDrQAADtGiWAAe&expires=90&_test=Y5vDrQAADtGiWAAe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.765380,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5vDrQAADtGiWAAe&expires=90&_test=Y5vDrQAADtGiWAAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5vDrQAETwY7gwAF
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5vDrQAETwY7gwAF&_test=Y5vDrQAETwY7gwAF
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5vDrQAETwY7gwAF&_test=Y5vDrQAETwY7gwAF
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.755086,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5vDrQAETwY7gwAF&_test=Y5vDrQAETwY7gwAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y5vDrQADwQunQAAe
  • https://ib.adnxs.com/setuid?entity=158&code=Y5vDrQADwQunQAAe&_test=Y5vDrQADwQunQAAe
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y5vDrQADwQunQAAe&_test=Y5vDrQADwQunQAAe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:38 GMT
AN-X-Request-Uuid
1d4dafac-dd8f-4dfd-9b61-c33a9344c3e0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.058784,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y5vDrQADwQunQAAe&_test=Y5vDrQADwQunQAAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1671152557599&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671152557597.147040035&it=1671152553799&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 01:02:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y5vDrQADwM_lowAe
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5vDrQADwM_lowAe&_test=Y5vDrQADwM_lowAe
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5vDrQADwM_lowAe&_test=Y5vDrQADwM_lowAe
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.957340,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5vDrQADwM_lowAe&_test=Y5vDrQADwM_lowAe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:42:15 GMT
x-amz-cf-pop
SIN2-P2
age
1223
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
_0clhUEzxzssb7MA_oIzR8QPH6IUYAgeJVTXyoCRvoPVnraqkwA6rw==
Pug
image2.pubmatic.com/AdServer/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQAETwY7gwAF
1 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQAETwY7gwAF
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.754981,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQAETwY7gwAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5vDrQAADtGiWAAe&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5vDrQAADtGiWAAe&img=1&__user_check__=1&sync_id=55d6eea0-7cdd-11ed-bd41-14a2f8e60507
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5vDrQAADtGiWAAe&img=1&__user_check__=1&sync_id=55d6eea0-7cdd-11ed-bd41-14a2f8e60507
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.126 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
36
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 16 Dec 2022 01:02:38 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y5vDrQAADtGiWAAe&img=1&__user_check__=1&sync_id=55d6eea0-7cdd-11ed-bd41-14a2f8e60507
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
26
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 9483
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5vDrQADwM_lowAe&t=2592000&o=0
43 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5vDrQADwM_lowAe&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:02:38 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
856ohXnfdJQmbwJYe7sOirFo+T32aGqNQoYeaEaOweRjmqG4SVzdERZx3YVpB0hGNcdgyzWjCh/bOo5FtE0yCQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
expires
Thu, 15 Dec 2022 17:02:38 PST

Redirect headers

x-served-by
cache-syd10175-SYD
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671152558.957256,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5vDrQADwM_lowAe&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 9483
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0f8c8c501.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CpeWM/zwSwk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
96
date
Fri, 16 Dec 2022 01:02:38 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671152558.060130,VS0,VE96
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10176-SYD
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 78CA 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
3458
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 16 Dec 2022 00:05:01 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
x-amz-cf-id
VrUarCvN_fuGzKsCL03nyaw0gp69j4Kg1YjpWHjvmjGMexg2a88bFg==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1671152558103&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.2.1671152557597.147040035&it=1671152553799&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 01:02:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
0
sync.1rx.io/usersync/adobe/ Frame 9483 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 , Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:38 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Dec 2022 01:02:39 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		121 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3891412402154402&correlator=2348459794482601&hxva=1&scor=2959301935059764&eid=31070233%2C31071010&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26hb_format_inskin%3Dbanner%26hb_size_inskin%3D980x300%26hb_pb_inskin%3D15.00%26hb_adid_inskin%3D3940ca65012e953%26hb_bidder_inskin%3Dinskin%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D11.50%26hb_adid_rubicon%3D38e334469c649f5%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D980x300%26hb_pb%3D15.00%26hb_adid%3D3940ca65012e953%26hb_bidder%3Dinskin%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refreshed%3Dfalse%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3Ddf7430288ff097c3ca5286f62c6e5efa%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%252Ce%252Cg%26abtest%3Da%26pvid%3Ddf7430288ff097c3ca5286f62c6e5efa-00000000000000000000000000000000-1671152552956-172762%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671152558355&lmt=1671152558&dlt=1671152547804&idt=8406&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=28%2C462%2C10055%2C10934%2C3935%2C11654&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x11672&msz=728x133%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=669853208.1671152558&ga_sid=1671152558&ga_hid=1141418336&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
1c0e181856df8be4746cedc5a11adeced5917b671e076c3da70056b056739751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37141
x-xss-protection
0
google-lineitem-id
5329951885,-1,-1,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138306973687,-1,-1,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:38 GMT
expires
Sat, 16 Dec 2023 01:02:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 78CA 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=bbraoaivwsnletuwm7iewqznc1zpi1671152558&c16=sdkv,bj.6.0.0&uoo=&fp_id=p6fngwqjyhaqfsfzwdysdpc0ryn4t1671152558&fp_cr_tm=1671152558058&fp_acc_tm=1671152558058&fp_emm_tm=1671152558058&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.110.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-110-117.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:39 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
bbraoaivwsnletuwm7iewqznc1zpi1671152558.nuid.imrworldwide.com/ Frame 78CA 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbraoaivwsnletuwm7iewqznc1zpi1671152558.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-13.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 06:29:18 GMT
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
66801
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
aB8S7PYIgRFl_bCXwfAZG8w-kVObYDLDBsWHnvN9a6kwg7Npm39izg==
pub
pixel.adsafeprotected.com/services/ 		775 B
1013 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a31e8919-0236-2142-4d33-bcd84ada9f76&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1a959886c0069860e94358583acb4c911ca2efc2423e1235ebcb26f9ee8d7dc3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
server
nginx
x-server-name
app03.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pr
s.amazon-adsystem.com/v3/ Frame 51A1 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
620a96ac0bcf86f90d84acf376a5e3065b95af6b5778de014e8d63445766faf9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 16 Dec 2022 01:02:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
C1JAYMH7CP9HH8WMC14P
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.91 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-91.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
date
Fri, 16 Dec 2022 01:02:39 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"4a5e4a11bf4a74aeb574379e169fa679"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=71
accept-ranges
bytes
content-length
18049
x-amz-cf-id
_fRpZ6SHxLfhjoYE1VaiYtt_rCfphK9oFWIW70n8U3x_zG6uwl9OUQ==
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1671152558942&pvs=1&pvid=5591efaf-2ddd-4f0b-8841-c45a7d5605f4&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-13.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
dotmetrics-hit-status
01 OK
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
NiHQL1A21TT-kmA3kqPfndwFXVRahGaDsbD3SdY7NUpXOS96AS4EjA==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1671152558942&pvs=1&pvid=5591efaf-2ddd-4f0b-8841-c45a7d5605f4&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-116.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:42:07 GMT
via
1.1 d4555cc532101371fed7b03db24c29be.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
1233
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
RgKxXV-aWi0JcfnsTj1IqVQN-LhFYBldMKTdlN1r0OVvIhrg4HuUNQ==
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:07:12 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:59:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:49:10 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 527E
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
ESF /
Resource Hash
9c85dc5060f303a50702105dba3137165dac3441ca067f92f5c17c8998c79f4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hMWV892mo8utzRBn9hSwgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hMWV892mo8utzRBn9hSwgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Fri, 16 Dec 2022 01:02:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-HxMfi_krbFXBS1AWVVm4MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
application/binary
cross-origin-resource-policy
same-site
date
Fri, 16 Dec 2022 01:02:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=218
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-13.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
br
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 15:20:21 GMT
server
Kestrel
x-amz-cf-pop
SIN2-P1
etag
"1d90406186815f7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
vokC41Vkf_nANdBgOqD9lUtKb_HU8xV6U3AGL6pCtVsQfkJyHTPBAw==
usermatch
ssum-sec.casalemedia.com/ Frame 2E40 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1e053d9059b62b6f07201f2d84339e3e321117fb315989b3ae2494e9b42d3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a37ea86905aae7-SYD
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 01:02:39 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK8JwWOt9TUxCbHGY1v%2B%2BFxTAYLqcaHJOg1QT3sRRmoLscAga8Lby6qFFxEQooQS7EcoW3DxOLvlBz4BGa%2FptDBFlk4KiS%2F%2BoLxH6kX5FdGyxukIsQ8nzbDrp%2FZwU7m0XWum3AAXVmb7Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame ED33 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Dec 2022 01:02:39 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C946 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=149204
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Dec 2022 18:29:23 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
A1MQAJPH8HBQC9Z2
age
2297
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77a37ea838266a6c-SYD
x-amz-id-2
k8kFWvbsSBWp1BEqV2k01dKomLYsRSclo6rMVigG0wiyXURD82Wfn52mAe01ykmhS6mMBT+YhfI=
view
securepubads.g.doubleclick.net/pcs/ Frame ED94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRxn1Wj2nMT8nyb22rJrPZcGO4JCr9-9ArdiveKKoiI4tbutZV15bCcGMoejHuEK3IX_MqBtwHo8gP__p2icxEaQXareHpSCy1jOLd-_TEPHmIQiaOYmdKRsJZ3kQ19FppgjE3T2aAeqOW5Jb6jYPIJD_qmS4IjH5pPBJ5StKXJgrQ0Mk_LfZekDexwGb4AyC4CGTXUZDHh04_K-IjRznQV53pinJu4rM-2ZDW5bB9sY2HjjYBZNiUG5FdRtLD5JoUpN_H4kEQ4WI7qB2e3lYvGjo9dNUrex1Wrw_H2AVexXmBCCmZ9_8z3Ovyxb3V4eluxw&sai=AMfl-YRMC_1fEiY2qQCS33BBWUOBpxBcoWNwC1ZiI_n6pOoK4EHvDjwRHqfzVMMM50fxbejEbkjmwHRfyzYEIs39aah4ylNnvoDPFBzSqt_i8AkjNos9k7lMhZbugarGFKr09A&sig=Cg0ArKJSzCvVyG5smXGbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED94 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:02:39 GMT
i.gif
mfad.inskinad.com/ Frame ED94 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/i.gif?e=eyJ2IjoiMS4xMSIsImF2IjoxNTM5NTUsImF0IjoyMTYzLCJidCI6MCwiY20iOjg3MDIxODg2LCJjaCI6MjM5NjIsImNrIjp7fSwiY3IiOjEwNDA0Nzc4NSwiZGkiOiJiNDU2NDY2OGM3MDA0ODM2YTVhNjhmZjA2MTczYzQwOCIsImRqIjowLCJpaSI6IjhjYWE1MmU2ZTZlMTQzNTNiMGZlNWYzOWFjOGU5ZjJiIiwiZG0iOjMsImZjIjoyNzAyNTYwMjQsImZsIjoyNjE1MjQ4MzksImlwIjoiMTczLjI0NS4yMDkuMTQyIiwibnciOjk4NzQsInBjIjoyMi4xLCJvcCI6MjIuMSwiZHAiOjIyLjA5LCJkbiI6OS45NDA0OTk5OTk5OTk5OTgsImRnIjoyMi4wOSwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicnAiOjEsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6IjE0Iiwic2IiOiJpLTAwM2YyMWI0NTA0YTg4ODQ3Iiwic3AiOjU5MTUwMSwic3QiOjEwODg3MTYsInVrIjoidWUxLTAyY2YxYWY3MzlkNTQ5YzdhZTYzODMyZmFlNWU0ZTE5IiwidHMiOjE2NzExNTI1NTczODQsImJmIjp0cnVlLCJwbiI6Ijk1OTI1NmNjNTkyY2NkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJiciI6MSwiZnEiOjB9&s=ECZaKCriPfQx1t2kHeWEnWeXI9c&property:pubcpm=10.3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:39 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1a-i-0fc11ee865831a61c
default.js
cdn.inskinad.com/isfe/publishercode/1088716/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/publishercode/1088716/default.js?autoload&id=ism_tag_86959548288253680
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6696e0029b626d0f183216889901f692dd4a7f5811657004c5f445818d08113b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
dN0XBT7NQr_BCZFk6WwxI5alAqooEzwf
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:41 GMT
last-modified
Tue, 22 Nov 2022 08:44:48 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
etag
W/"e8eb04b119168dfd552f2089dee11df4"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
_4q0fzrmfD_HyPhM_qwH2rKwPwmIT2yFEaskkHwZXCV7JXEuXOd7dw==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022211060024000/ Frame A3BC 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
dce9f5afda30bc387f9f1090b155cbb90596e3c7c1374ea9e135b7184c8fc707
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 05:07:01 GMT
age
158138
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61620
x-xss-protection
0
server
sffe
etag
"011de7b3056fa7b4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 05:07:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022211060024000/v0/ Frame A3BC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 10:39:25 GMT
age
138194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 10:39:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022211060024000/v0/ Frame A3BC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 13:34:06 GMT
age
127713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 13:34:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022211060024000/v0/ Frame A3BC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Dec 2022 01:40:08 GMT
age
256951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Dec 2023 01:40:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022211060024000/v0/ Frame A3BC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Dec 2022 08:07:38 GMT
age
147301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 14 Dec 2023 08:07:38 GMT
css
fonts.googleapis.com/ Frame A3BC 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700|Roboto+Condensed:400,700&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
7589eb7aa1d97aad96b3f6fb62c7712ecab961fcb09510a207a64e102d7e4ce7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 00:39:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Dec 2022 01:02:39 GMT
css
fonts.googleapis.com/ Frame A3BC 		10 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700|Roboto+Condensed:400,700&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
467b8082b90a68f4a7e197d9f807935bb74a18c44f8bb32958c8bec4d9209187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 01:02:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Dec 2022 01:02:39 GMT
container.html
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 469A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:38 GMT
expires
Sat, 16 Dec 2023 01:02:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A3BC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:03:11 GMT
x-content-type-options
nosniff
server
cafe
age
21568
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 16 Dec 2022 19:03:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A3BC 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 10:35:29 GMT
x-content-type-options
nosniff
server
cafe
age
52030
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 16 Dec 2022 10:35:29 GMT
11792149367946227412
s0.2mdn.net/simgad/ Frame A3BC 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11792149367946227412
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
015da834507a76a51cb091b1542b4202cc2013c99203132aa7897275a0e4b2ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159887
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 02:50:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Dec 2023 01:02:39 GMT
994362226313191261
s0.2mdn.net/simgad/ Frame A3BC 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/994362226313191261
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
b7bff0367c655589f2e81add0d93cbc9c3d6a0763f7cf1b36eab013857406477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25200
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 02:37:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Dec 2023 01:02:39 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A3BC 		42 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cwgq1xgSHtdHylrLk70Vl80wV-s2hk5lE1z8_0P_YGW36ehY5dbgyx8lUpn6SXXslKq4gmABWWhNc5SxdMi9gLHEGbu4bujyUzpCnXzjtxqAk8Ink85Z43cRvpmr8pRsc8S4wF7yGRuWVLC9Y9LLiCx-q2TA&dbm_d=AKAmf-A1EKx5XEmwvSUMywKEh3edTct5fBXRgoFbmeLHbbEpPH_LDIno7KUoLVMOREqCC5vg_x7nMAKH_IDTGegsuyQ8G0FGQLJaRt_HvuS9m-O67VnraSeabtZ8l3kzYYETrRexOwcFDqV4rgSxIYhJPp6HlpP3iPLr8W5lkcJlIhhHxKfwYz1Yr3oQXQFWvIqGVukhyx5z8trMl0SyrAojguxfjjXCRx-ihJE1eJolpd04bGYvURjo8eKI8WKXEXSflK0_uj-Ir_DGaSsahyFvncjm1V4atxhk21qf7wa61ebFH-p_AKXE37Wokvw4ecrdUhrmUKUPNllC-oXZJMer3oHiqaaV4sqxBbp8MmEtG8turH9kMPnpFdYj-ZQiGt6oJl1kzZ8jVtP4Q6miWSAedEUBPoV9EuGIFQ7KVXwf8084MJT-Cj4Tr4SsLTeu4kO55-RyrmFW0nVQ14uifYvLXSav-b2WKtqVHBEigDQ0JVNvlUVBwg2iB50SRJ-q54WtatqMIveSUfvxkofvbnPIeZzj62N3q_Gw_6FYBp2o4sIWWzfUs364KU5AC1AnqH3FRdL7D_7oETcAKvepkwBwIKds5fR70nF75wGEehAwK-SeSQuMi0cr2GQHM-5uHawvEp3bCix81fu4OTyYGYmgCxAiGU5hy5M8GgtFh8oUr73jdM7wlnwvUxrGbvAuMBfgrh1dnohXERUVnsLazmGe2pki3Qwf0BPLUTEZpOoIfuv33A_i_452YbvM6mMTEWK9r_ulN264UH1l7DYhL7OBb6tL3txtH3AEUgGhZ3vG_cjaB0DmR6NaBuYd0xT3dzzCt9r7yC_hefTdoN4yhA31k2twRUalg6WASwphByDYdaVfgsFBNcpnfuZQhvjOX2lK2GR6F-X5u2KS4Lqgp3Fba-qjx1sJ8_HuYndtpe64zMV7ECjDn89nNHa6ruBkCRJ1ZR4H5nAde27eVilCqDRD8zuFdkZ_9yT_ZcIfBIBgIq0bL1u7ZKuT517oL3emhlaWZLeBv9Gy5keSflNW2jp-wNghdT5zkCxT_gxHdeM59zTfbwnyTIGAbpgA5NAqtqEVPyJNR6ciaUN4_1QigokHebsxNbInvXgF-iQee27kmzEX6upjWmctNLQpRAyVJfN68zqWvdnoiTKqiojVw7HX49q5ah0rpPqh-9xC-hEqWKWPZUAhG9hyYgiiKfPlMmkOjIbMNcunvOaT00o3Jvbd1Gnmy-CAauTUuKS_T-NZDPBbMbhNl4fRKSwngyjwJ2ex5ak-S1DbrA29WE7h2yrBTS-JSSxRRy7E7ff8hJ1SFC9mKSROdONv1aib1hdqH2IWgLvZPqjkbqqNe26OmFuPTsfqr9bC_NndlOLA5lDeC2rnLj4eFyfGYowe1XfaUCvQHvYI8P1D4qKiyfiU9MwX8LCE-CD3TRr5zC7dgBdJzAoCwRr1Ntc9GnCUQ-KRDGeh3A1LHOVlinsooiEkyY43OKZbUhjw4hstsyN7uzdaND9U05p6PhEKHh-nEK645rStSVYy__I9xtaiEp7FQiO7saF4I0kvz8Wl4gSrOElXca6v1fAhtdaMAiaEf7AC3Ts9A-TfW4Y6kAlzx28CySZrLuqqYqro19ybr5HExD5-AMYfSLAxRqz9PthM3YigBS7XuGXQaAyGNQuFR5_rADsmkszrmnOdX2PAJEy3ANAJyXvGC5CN28RbbP27YddyPQrFdrYjAyllhBcniyuGHOxyNSmWM8sDrpmkHzaSVNBtKuKnX8FSA3P3mTSr_Z96DLr_M7pmyQHICVE6n0veb8cfAMhMTBUYeBKmIjO1LnPqWnYuiOXtOMScnv8VCupbuCkKxvr9bQpc8eWEwI0miozACsJ6b3EZcLKbjuMCYp04ufmfQjpnPzVwU9EZMANs_9EZFjHyUW9VqTWVHVHv5v4TG-PoSp2NLU9fqTRPpwhb9QxpwoMYZCCc4cXraWLjPM37dBIqusKSd8-20hy6ydYI3mbB0I0ylHr8NqiCwwffoHoXadtgbA-x_AzENPEl9nT81UfWZYEbdi2ZpPLOrftPBADXxDNkYfzwYSt0AT0zNIF9jTxurKjT1aYL9_zhfxXTc3r50z-cFSzyKLYP0P_rvqT7hLZxCwRZ7ZfSfPJALh_0A4juoAh1qvdMLfrqZTtlFZvHhUrmmCbuHgzqSq3dsH7kOS55rci-CofbM-N_jxwNUrj36c4a47RRLqO_Suswy-A5a1wPkIqcyVvL9ufDlggTLFSZ08ATLutnUNH0eHG__z2wcEPrSDjoKyNu-jKgflBT8QicrNH7JcNppaB_AdeYnMKZ6TmQEMcZmPl4LayobClmYkyiNIgA6AOBx2o_aYsutAPo-AYf2vNsTWcGlqBH9HYU8ofhpZm0Fueig5QcPfY_g75o7FA7oRsLEBitiLg8QctDcDOcgG_ML6QUQHaMYM7ONvsbL26-_UfirSEHhY9ALip1nHzWemTbLPWHG0OWg--EGSytrkYTekcnFYaywPW5AYTKByKuQUoAeQQ1J7X7C7r5HwCxVTxC9Wx2Kk3PFgRsGZnoIIqPpvxgb7mAFDuAbPd-6tnqc1x8Y5WISvDR23--oO_eKQ0JPz9viQnQoV2X98BlUuIiW-SNnWyTdl2el0ckUgw3VbSOYDHr1jsIYtyprUfaU0Ds5hfQaLDlgt4MuvIH-_RbrHLUBSRmwLKvcTx_gWDZuMxee_DnVVu-JRzHsC69lxPKfK_P6mNy7Coqid1F90fnOK7mlp9CfBQQjI2q2HIIHcCwr05HhP-w8I55opemQ0FEWHGUaZV8ZJm_kW4D18OZTD_mJEkvPGKEPwiOcaHI5CJ96iQlkQ16_e2KXk_zSgxuUVAmUwsc6HSziK12SKUxjZeLAxGmqf7cGvP0hipIe2y0nbb0V0_h8K9bE9jlZwknOwk2kWpiA2HTW6RwlV4XfYzVXsvpFJ4iEzHOHRLpg75Dk1JLHJIy9IMFX58Cg2ZM2M-iItFEZ0-9iFPbTHI9d1sSFPItorxnpXdluPvHxnzWB1VaMutAqJxxJkMS-Y_oBqKjj0GIWYdKdznnNlTci1SnnLS4VqVYG0LPR7Zs2E60YZLNOegsz5KSHd4vmye4qbIPxnsqTqy9UYDVSdDr_H-8BFdJx8d3LwTDKIwH25IRlQ06SLUYXxXh2HBvFk5VGkU9mNmV25Zel2ymoi__FlJ4quOsgjzhNkgMYyBpNpd3vuSHcj-sPLWIpc1m7CIrqr72tFOk_GwTNp6NbeWjJaS-Ehbh9KF5Xw&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&dc_exteid=4188989673096758929&dc_pubid=4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A3BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C_k8arsObY_XPH9SyrQG1yKf4C-Ofo91tyKq4zYsRmqDBvuUvEAEgi4iDKGClgICAkAGgAY-BwqgByAEGqQKJSSyybme0PqgDAaoE9gFP0Hxbq_NWQMMqR4XcOT1r5rpn2R3mI0vuu9X2qvWeNG-RGBw5l-UEjI3un27VmBlcpBFQ34XYwjH2GLhcXnWS8Fna6vYCsyQyAbwZH1qxfcjmShCVrtmF33yjg7G19gdOSVRncnqDJSzVm37kBVH70PVxktWp6oafzMfozbZYKCV2ARdlos_5r5le-ILf0KLJtkeavZr7RPpWzGMwOUG0ahHDyKiZ7rGbgsOnuyOvu5PUOlgNd7w7BECvGV8BlQ4Sy9caNZ0VcQ0LfUvuzROYc_CKvU9f3yEw55VmxwJy-WWnHSq3b36Yi2nsfWrZI2CCjiQwdcPABJf-iMOTBOAEA4gFzfL5lUeSBQYIAxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB9n-vdcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwsQv7iYAhio-ZzbAdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAbAT-szKEcgTjIvP4QPQEwDYEwqIFATYFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTE3MjcwMDU4NzE3NTMzMhjXzxI&sigh=xpOU9GBp0xI&uach_m=[UACH]&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&template_id=509&vt=10
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame A3BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQvxyscPpS-FWPMGxOwfkXwHiaM71hQwY5a7pxU3EsOJd_RHoL9imHEAVp7ToQc0RWV55Jxh9aqiEC3h5rErzpk1aAkw
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
container.html
3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:38 GMT
expires
Sat, 16 Dec 2023 01:02:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A3BC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1aaf2d8419c207f8d214f58484f66f4becefe6e0104fe95b963dfe094e4a45

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame C946 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63976520&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
56cafcfb79a2eb06b9f7e4ba028bdc473b9d0a6200d3c1bceefd19aa11f28a70

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 16 Dec 2022 01:02:40 GMT
content-length
1672
content-type
text/html; charset=UTF-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 17 Dec 2022 01:02:39 GMT
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 16 Dec 2022 01:02:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		398 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjU1OTFlZmFmLTJkZGQtNGYwYi04ODQxLWM0NWE3ZDU2MDVmNCIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1671152559612
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-13.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
34f3e54d868d0fbb0d0506efc4a659518716b102a7c8bc784ccf2d5ff47f8d7b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
content-encoding
br
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
fbGzTuDBFvtkJfHGEnIT670dWsyu_EGh6iAQx3tDhJNjBuMdVGx41w==
dcm
s.amazon-adsystem.com/ Frame 2E40 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GS59FS9FX9ZAK7M5J6KX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
43 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UOn25JbjREGANWtNmu1iCqW%2Fu47SALe%2FxSiV6qf3jIlbCHj%2BV5Bg9aE7JgbmXbjolwzPnBPAWlattc9aEFc5TZh7529YIpfrSC0e8nJ%2FhHH0GcjumFtkp720s5LIaxNIvjsvFgsVcpDow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a37eac7adcaaf6-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5vDrZW6IKsKO5fjEthZcwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expiration=1673744559&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expiration=1673744559&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expiration=1673744559&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686877360&external_user_id=468a8f41-63f2-4173-9a9a-de41b48e8133
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686877360&external_user_id=468a8f41-63f2-4173-9a9a-de41b48e8133
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Dec 2022 01:02:40 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686877360&external_user_id=468a8f41-63f2-4173-9a9a-de41b48e8133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5vDq8Co8YsAACxSgykAAAAA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5vDq8Co8YsAACxSgykAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Dec 2022 01:02:39 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.142","key":"Y5vDq8Co8YsAACxSgykAAAAA","privacy_sensitive":false,"uid":"Y5vDq8Co8YsAACxSgykAAAAA","upstream_id":"m-ad37"}
X-SO-Key
Y5vDq8Co8YsAACxSgykAAAAA
X-SO-Upstream-ID
m-ad37
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad37.dc4p.scaleout.jp
X-SO-UID
Y5vDq8Co8YsAACxSgykAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.142
X-SO-Cluster-ID
0
Server
nginx
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5vDq8Co8YsAACxSgykAAAAA
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
crum
dsum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Fri, 16 Dec 2022 01:02:40 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 2E40
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c52d74fe-c168-44b5-bdc0-fb7fc90014fb&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c52d74fe-c168-44b5-bdc0-fb7fc90014fb&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c52d74fe-c168-44b5-bdc0-fb7fc90014fb&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 16 Dec 2022 01:02:40 GMT
server
_
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2E40 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SD26BJKXASGA4XDP0P2J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 527E 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oAYrMUQ8hI8zN8X5Wom8Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 16 Dec 2022 01:02:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-oAYrMUQ8hI8zN8X5Wom8Cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/ed=1/rs=ABXTjI68vr761Uj7dZ85VgqERoNpFNkZHw/ Frame 527E 		521 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/ed=1/rs=ABXTjI68vr761Uj7dZ85VgqERoNpFNkZHw/m=serviceiframeview,_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:57:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 19:57:50 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 527E 		178 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464209&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
285dd74b0a91b3aace48f15e2b158c04c7f0ab0a2f722473e9b56f8df3ce5090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64140
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 23:51:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 19:57:06 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-73.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-639bc3b0-515eb09a3207568654c62d0c
x-amzn-requestid
e899f3a7-37b0-40a6-afde-8e3d1c56339b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
dNuDmFNIDoEFrZA=
content-length
25
x-amz-cf-id
G4uRcx2490HYdZ8sMOOpX9liJsqg0xvENuLkVMKagZQfGooiRUgFKw==
si
googleads.g.doubleclick.net/pagead/drt/ Frame A3BC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Fri, 16 Dec 2022 01:02:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame AFAA 		624 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKekxgIQwNKMgwQY1bv-2wEwAQ&v=APEucNV6tO6UORv4ANpkSbq4Qc5C_Pv2kEB4F0DdwXKFiGpLqJrukwK2yVQJOQtGMqWsjKf4POB9TBlcbQWPHW-OqeRr3OB6IA
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 469A 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKUAMjp4iqfQJb5S4NGigpJVeDL3tbkWj4Ox3i8QNrnZQ2b3Jyj4aC0AmnFb3OXurKWCVEA1GcyAOslVoxX1n-qnWf0g&cry=1&dbm_d=AKAmf-DajV5QYf3CW_b18E-h-L7GVare8g2A7d-yEcHQROZcQ0AG_rGk7RB1OMKPXSNMpNZDEOCXxLdjjF1W9hdP0x4M2mSWfr0K-eHwUJFlWA7mMgXKkjLEFxxi7ooRGKB1Wks1gYvtcCwMPnm3e3hMurS9KdAf-4V-TCvxxBaZHMWxKejcw5Md-OL0N_cIbdZYrH1SlupluuZ7NMX_ICgnBtf__EqHJKkDsRGe4NIu5Nn2XunglV-rNh8Q3aXwgfn1yb1GQiRmOlKcNBf2lcGQT3cfOzEoXY0cCnzD8WbiBvZsX5OfMEikFqvItAybL4-nB6RgI5C3HklvA_AYCfxFqG_aurzajxT4MGtpWSFraKdxlMDgCJHLkp95CLg4_zxaiRpgbZJHnLXoDwV0Xvo0qqtlqSAe5Coy3YqGgagZ4vE0wmvpZGS4rCcHP1OnpA5e9UOI5vlUhr-kwiO8WR7DEYNQVciFiBfiyXjrbINea9OEElV2C0iaT1v4g_hwezWBJ5I3OhmOJnYpLyupxc9JYBAozk4WRVru91CRM_Bq6xB0bP6-1t8LIPOPBorjJAemyXpLUSFxbVErEurj-qdWCVhwaTpmCdtGJ7dnkqyehEuXnNv5-VGxkbiG2Dk3anqdz9Od_TiUnorY8EqmZtQ2G5Uv7LZJ5VKd6HS7ZDZusVTPYRdZFmLv3wIthVXcf9L7bTyzUdv_WUwCISjgFuRDRPvSU9nCmD4Avii-df0Bb0RXCY7lp_ub0-PoR0TkoJ54UoJx9mSYUOImyxcOhmDqZx2x9mwkqy1sabqqZNMR6eiXubykRg94PREs53rnOIzdsFbOoXUsCbjwbB6DfKP4kbTevsQ5oT8nfQ656GQkEBGWNyCzB8yGO6qTTJ7dko57IOws14BQ5wfCGVCHgs963nbealCKQYWGSfP7b33OBINc-KQ2QDIAxmJKmGwgMy8wrv1p7T1OPfTncvsAx_Ir2Raceh6vFVJdyDPMj-VstA25kKzLNsGnpQIi4Dz0pATn3nbTQhCLddKMZCUani12pAjWf0pm9pBvusvI39eHZ-EXDXkBYTjG7eBYOxu1bsKx0QftIlSrzVgIypCPVSdhe9Y4N__1XRzfzeTWzjldLN101DKgaIOkX8-6BgMOn23ly6GcrZG3SKcR1-OuUIEzB8YEs0lJMRTN5wVZ_9pNZeZ7p4AipcV7uuysJDbW6qpK0KXTiZ7MVjBjWcMqx7UmxAP25Kqv1UhJQ_YUSdRc8rd7f4ZQuDalbXobTv3BBV9KQ2ecVCRdCyvvyKQFDFPCM0ToSZEsBvLscTh19jUe9YUzx6cFw_hY-a7SAqBqmqn7hTTghVST5pFFXyWLm9SEOiuIEHk7fQUeWnpch_oN7WYK0xNauLi46nrjQ_pDoXknh9GFym-KJSJs9k2Cs0itc9fZaSB9EZlioU8YdBBCD4gUkS9E4zexb0Jd4a3trbeKmLHjs63biBps80164bw4Y3Rprfsl9U4z1RvGDz1df7oe9csBN5D02f21dKBnfeoz7YuosiVHglklJ_aY2BbFVlVRXWZvszkpaNg9EIQjmJYwlNtYSm7ja5iUhjYwWcJ1QZ4QNgjU3yAtgLRbuYnWh57Yce_oO3TjLITB87KhG_xOJHklAqHoimB9B6fvkKmj6f4Z4_ltU2txLoUjrMPIgQ5aJYHwzf-xG0dYi-CKEJ2avZTC_pcI6rXwOINCI-9QPqjde0CjRXwuw6ae8Zd8TvWlkVMsh1LUojx-WoD3KnPq5x2b5eFmKHfV4V855EgeYvaNx_BKifvvHjpr1oAwUIXquT7F5zZlZUlFBdM-BYSJuEffh8tDYMTS_3Mjo5GHDq1DE77kXHNwJNJ7S8IYWtFT00OBO_lsKDUf5FBLga4r4gUMmknANIeqqWgFiWwwsO_PvqL2cnfXlykn8bP_3Dh8AIRolytk-4aii0qwn0VwpbPQ16hfeVUWnIoR2EwMqvdqj_ahABUBwf7xEfXztkgmJEH8qgCM-CMxIsGVAJlpvFD2uvMJeP_6gPylKWqMuzVwfw7UjRITXjXm54MUiOR_1WvRU8w9sPIb1Lu1mVZhzQJR6VElJKw7D8-ODc8g0SgjCNMoX_HdhuRziLgM0DHS5xfdNxF1Z8NAnf4ISZ9P6oFkZgALalfpEi01iYMJeCsM1H7aRdc9xvThK51QoYX2ZEq1lIogUZXPu9X9Ti86NFc_2CYRl9PYxl5fCc1hlU_67y4K7XH7w36i4IFycGx3I03lerA41a3lkykqR79AYXRMRNQM5AjeluCSckFAvnJkjYrVKZfYEwUNn_1N4csKHX55pA7pRNSrHs2W23HYABFyzqIUx7_oF2j2Dx6olCSpWpz2aJEehUKSRDaot9Dcj8DKbMc4H1s20dU7r_1HoT53t1P1HfHKeHG_mcHe0E6kKQPntBOKKCQtKcTSmhTNkXJPrIEYiE0kZRYYFijuu6aErXNzUhCyspUScC6fwMY-Lbtp40hz_FNd2wrAaSxdaet_OUl2G-Of5KNRvyKfjX4LSlFOCF8pAHZSBAWvTztfpdN0N7vPHOc3qSUeO3NwMOacuyGmnqz11JMd3fmbNIHC-FDf5Xg0OoVgQzBKDgSOQz2QFiBi7YOH1oaVxtPFg8tQQSbt7Aa590IDr-cijXYx9xfos2RNw_1cEYMITsPGUz1kn3WMQmmEfkGMHw-Iq6YNTSUU5ToHSRVkzmeev4QJhNsBz38tJWB7rp5_MXVO4VL3Ctl7krMnt3PgI-82KvxnTZUsyN0fwkrWNOC2ImwdIHA11DpdU6D9zvhI3rJGVX-GodGQ2chNVTPnOBYLSem86nXjP7tSUbCeP6eya-5OnFitO6eKVYpl1ub_5wdJv3KrMihhTpJjZ_dSUeP4EDykiqWh5mEqo_OrRqEHYK7kNgDE7-c3L9MbeQ2CFhK6H3FGOFD8zs53jaq1wcsiLbyyxf5imxVHaxwG8J6Bt7jwtwZSAwlnVBvUgnKGtM_C9CMtm2ZhqeFkUaXcaDlanijZWBMEJi5eBVru7uHIrIIcCnvnwjUYBvBe3zCS-I3SXAy2uUOisvf3vdkLkyBd9kUgKKkHqEink_Xvid82ivpPtW1pb5RJxFvxO4FY0M196x_1cg3oJeyZ7gHFpTLDzFyg7X5PEbWCwnOzCcn6d7Wiws2_o2IQ_rFoexxsgtoy8QHD26v2VynZjoAt933nRRKmvQ&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
828856dbfeb24129393f588dc9dfa0c77964fe466dd40f066f423b64a9e0ccbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34636
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 469A 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BD_YVlN1orz-05K6NIcXs9cOQF7QS5DsR9TAZK1SsqIAOgR6X_5jur6lpxA1m382ijMS8JFX_Bu9JWH7b24jj08XieDG02A05GUq2pUQd0_ZQPbp4
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 469A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:12:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 469A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
9625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:22:15 GMT
l
www.google.com/ads/measurement/ Frame 469A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGKdv4m82PjPMoqLF_HR2S2waGnBnxShi8b0tCniMen1P5hENoS0s2ICGuYsW-PSds9xh_W84N9ERgk6YiO4RC5V-upA
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 469A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:02:40 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A5D4 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPH1NRDdm5cBGNPW99UBMAE&v=APEucNWcFQPnYm03RaLmMiibk5Bkgw8MoEoO_IEQNhjnFFi0adn0qgypV_7nCz-kRv7y0QEweDO7yXCTn2jC7q2yxC7avIbUTw
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0A9B 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV8nInYXODY-hXDuGYkGP94ZjyBhdZ4XFzwpyNWLUR3IGIKaw8Tm1d5BtD_Iw_YB33hBkaFHRr_owm3bjq-ZOAmDXHrr9BarMIfltqys-MiE3gtISuja2197PVh26TVZizbxW0fJynoR_izvzBns4dnmM_JOko5OFKvRgNYa7Jlkxc698&dbm_d=AKAmf-ATfhiKrISZlp9nbmfmB864FVrdQmArYStairLf1IA0twHZdrm6TVg0_wWS2ZOixPy3BnVcKmx6k8iWXFL68N3dvb5sfoyRk9U_O9qtbcfFHgM5WBWkdDelpS5qNjd5tAWHikgCdc3XXXYWxbfofsezOaSVQj6wPGIp6w7c_FwyJCQ6zsjEvNZ43fr435Q_mhcG4xi_M5QFcuC7WXU_ypMrYjzDyqj1xE8LIDWXhlgr_qr5xFw8z6YmT8YtiYVFMFL9J-aoBpvYXaq8oQJrQ4KW72unKuJPUtfMbOnJQCAE4elN-cLE0GpxvuG9g_QsFTSUVQN7OjL0EnF92eRcaw-S5cuMnsrvC8J_Xp7mK8ImriNz88PE3jX8v3m3t0tjt9G4t08KdRDq_L9wGfFEh8uji2D7FfFJRAToOixqPbirLcuvpTB6ERuIDSCU4_iJnJNuM7435SKMM1XSX6jcEhz4Ghihfd473Xe2ENXtVp4P-PDwqjlfm300o27vl_ErLlTA61eWUYuEYjpLoTFpAZ9KTEkP2laGmQMZEkSamKnwmJDyJZjzpZ3MLbiQyNdbY7wMqzDJXSyctZZhshxKDq9ZEtMKifzH-FKIrQr4qsnlzc3-llam0SBTGfbgahOKP4IONu6L9cwUvpnTO9kSdHGNJDf-8AIsKE81fFJup3ten6GGOtN5kp9JJ79TCAZprXapjNk-1Vxwpf6EJwRiZCkh3mRn9n6n_2PF9m2WVhLf3O869VSRwD1nPdef81XdSOYVl9DCGVTkV5CLEx-JzQxe10KyiLmNsg64ZvZkpRCpZt4h14okqrB758ks01xJj1G8yRkrBoSm4X2PwYMUCHMauw1tfzzqZhPVkJhwNfxQXvtUjd_vuxafeOUbOzs4uU7OhpJYu9HGY-fgb9ySqEgx64NydqqT8vU0AmM8fGUUykEbk0yTLnZj5dH2Q2w_P4ebmicPr3orLHpaYXrv2pwSkikWkFk9OMF0hLJAItRFU5uMb1BbUxHj96xbBmzOgtka11HuS-87I9MeBx2Ma4RmaDS7OrztUtlkaoN-0Mj71I1leq09cY51L-Ywz10Gp1zofCNTjEhOoHS0UbmR70W4WffXJgai3quRUdCiuC0r0FpBocMF4-i__zfipPs0VCiC9tFfjyA3NXsYCyiqcKn4kUq0_sQzt5MM4wTnbA1jP5l00I-FiGwD_j84C2-qIVeEawCAT7H5LrlT7GuQ8Qp1Dvsnm4CISHFY60eba6mcVEuemNvG4Dzs84xpuA9WM0PRszgQEcS0hY34koVav9x9nh51v3CumM3p73U4KNvd9tPkY25HYtwkvW6KGHobypIt2psWb-I_L2-zFNqlHrEfdBc3PTclne2c9orCx0blOn3WkiM7gvGBGW9mlsgOvP8DoRMcSiL2AjSWy2BxHCI3b0idddVK5wZas5yMeck3DwwPpnvyV9R_6luOw6bRgZ0QQh2maAGiBJhGHNP75vUudTSx2JJd-Uvhm_68_xhufTj1Mlh66b_ydJnY0Jw-YnO_7TmN1qmXz2pSAlH3yHsr9_kj70fOkNE2R8G1RymUEQUdgsrUsKehK4TRcc7dJanaSR1uB515VzcGrtwMnnnXq8rbA7J50_WdD6z0sUJJzUrRbB8N4LGCINI-tHAkxFJlLHORgbKKttlIEeVWasw186BSdSWVaYP60eSgy20k53Ic-G_NdHuXKxhsDE7ZOdq1aHKyjkEPh8iPIfRPTdKSDVv-y7akv2ZqltV9HcXyktiT7U-s70NFHL_CnS2mHWmdaj81bCqdhhBXbOajBuWVdt5ypBLzVAEqF6v3VkuExkW9KDyczjJDBuPvA41u41O0vUOe4p-6j5-oyDaA1emhhZkpJTVNs14nr9k54VGNQpWv9QPZuSVYtcQGcxtjOQ2QVgh7eBm3RK_hpxQyvFLUqTzGu4e_O2lzt2o3qsXHmHUGbA9muQTFO1D0Od5jFEEGpqK5RBqnvAhf-ux5Ed7DGVzH3TrHoJJeyYu-2glrSAgJqANj412GO7vPift4uvFtCuuRX1UboqxJBgtARhRqsdFnKHChRXZBYr2S_g--0B6yIpBtItgJo2DlSWSHKluhOH2ftxLvoMOxY173zyYOCBK5wntnduMx6jafga9rvAkrV5kfZWScgmqgo9VX2eXxHtZu9LgFOe3xMrsQf4GNAciKGTTWKo6jWYvnVDr-JjpVRAjyIfrehaEw_FTX_4VrDK15UELv96RAPOPB008YVysWmHiZKkaq10FVBxbGySduLBoET5sGi4Z-6b_P6ni_f3pLTQQe3iBY6jl8FFLMf15pMtvGnkReynyEHEcggtVkOjnsG6KAcb_FybBA2hjsP0r-4OIclGCFKRdjg4pG5pzggrPV8iiUVz1GEF4t5Lx2gAQUrVwh7eeYfMBGqr5uQpgS0H-Pm0DFWY7yHGjwKRgegsmaW_oa_dVpSvQNfah4kbZegPdPwuX5JZHuKoWF4HhqDDjYX9WVj4SvyexiirHW4SE3D4g2Fqmz_vYf_5mOecmrypxUaMxmzUX3aVr6p3W23ydhAz5MDL-yM8hFjdzu6rCRosFdILVn04YfuHJfbrry2A6lemeajIhjYbAgW9SfQL_2In6r8ABSFBPcXLqdSEb7KSyYdlj1OaC3FIpky83WdHOyU-CcIUIav0zxWr8a7hESVJEX3vjt2izh3IFMc6KjiYuoBCBjGkU0XoDa9S175rn_qxtJeXACN6oGQxLenUEbvSQJuOpOP__kghcuxvzceSWH06rwM40zt7sm6NO85L7_UXHAcaIFJMfCkK1bSSAxZmrkFnENvHVs0mpTngF-Sw0Ew-nAMN3wxtDAnyqsuCxaFmyrbaJRoMqec4gALALZRUf5dWAeWdCqAyHWoZTdQt9FgsmfglLhNICk6hg_3voYYpcF8z8AOlnaLwljsBCY4INy-68r0lwH3emUP8hh2bMy-6xTAngt28BbfcHfpvUJlKC0MeRC0ZX4nPF-PNbq2S1D6dNz3vXBM9qYYtk9lq-YARyi1UEooXkB7emfRmIH4nLalA057oxDPwWWjvrLHWUP2GUTlD9JiXW5vA65oveP7yGI8V7PY1EJ0r7CgNpYqV3Qe5DklZEnjyI8I3wCir7S9LUrA_L2K4vw95Pwt1VXhdvP9nL_GWf-GAFyqM2MX7EHFqX9FpcPGTOxvJG688v4UzUhTKk5_dtcn8UkgcHpre1-3l-jYgQN4ltZJ_MaQSZTKTkM5VCMODNiHM6VpprzwVjmzoLwWWWT3Q&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d234b4f283a0522104e4d9d96971db56b8d7f08e776734b9ec8b0ea3219afeed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35422
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A9B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMOyK_huhYTtmQwOuu8oPG4jJawnshcDXFWxgJxXLqL7NmbJXdAAPw87njdScjHwSWwcOlhfKn0s2gcvZpqMspjFulAG_SVNFU5_SpN7WaDfa4xKg
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0A9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
10195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:12:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0A9B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
9625
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:22:15 GMT
l
www.google.com/ads/measurement/ Frame 0A9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA5GtTMdG-Anz0GDp3VlHxxrCFdriOQc0iPNs3fwOIsiPyBldsVLlYW_Una550gz7F4A-Mqje7Z3_fmyg6t-MdIOeYoA
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A9B 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:02:40 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame A3BC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700|Roboto+Condensed:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 05:55:13 GMT
x-content-type-options
nosniff
age
241647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 05:55:13 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame A3BC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700|Roboto+Condensed:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 18:47:17 GMT
x-content-type-options
nosniff
age
22523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 18:47:17 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3BC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700|Roboto+Condensed:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 18:53:34 GMT
x-content-type-options
nosniff
age
22146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 18:53:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A3BC 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700|Roboto+Condensed:400,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 18:50:28 GMT
x-content-type-options
nosniff
age
22332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 18:50:28 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=p6fngwqjyhaqfsfzwdysdpc0ryn4t1671152558&fp_cr_tm=1671152558058&fp_acc_tm=1671152558058&fp_emm_tm=1671152558058&ve_id=&sessionId=bbraoaivwsnletuwm7iewqznc1zpi1671152558&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,tqvpfdnadli0klonfztc4xhfdid4d1671152558&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16711525580556658&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1671152553675&c3=st,c&c64=starttm,1671152559&adid=1671152553675&c58=isLive,false&c59=sesid,&c61=createtm,1671152559&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1671152559&rnd=849810
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.110.117 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-110-117.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame ED33 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1ab3eeac5d9c63708fa57a4dc53f3e7c3d2f94b3982f6bba9734cd43ff872a79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 22:10:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76028
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 22:09:48 GMT
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=2176280754749197313&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D6035126186677437559$$&ns=0&rnd=6538884482944163&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.26.177 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-26-177.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
75f61a096082e808b7e3df989ce2384a0bebc24346823daf342380c50bd8be18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2307
expires
Sun, 05-Jun-2005 22:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AFAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKekxgIQwNKMgwQY1bv-2wEwAQ&v=APEucNV6tO6UORv4ANpkSbq4Qc5C_Pv2kEB4F0DdwXKFiGpLqJrukwK2yVQJOQtGMqWsjKf4POB9TBlcbQWPHW-OqeRr3OB6IA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame AFAA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5vDrZW6IKsKO5fjEthZcwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKekxgIQwNKMgwQY1bv-2wEwAQ&v=APEucNV6tO6UORv4ANpkSbq4Qc5C_Pv2kEB4F0DdwXKFiGpLqJrukwK2yVQJOQtGMqWsjKf4POB9TBlcbQWPHW-OqeRr3OB6IA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE4HOU--qWrZvP_4KAXCHP4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AFAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEApdNkY_mPeXk2c5D4sa3_o&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEApdNkY_mPeXk2c5D4sa3_o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKekxgIQwNKMgwQY1bv-2wEwAQ&v=APEucNV6tO6UORv4ANpkSbq4Qc5C_Pv2kEB4F0DdwXKFiGpLqJrukwK2yVQJOQtGMqWsjKf4POB9TBlcbQWPHW-OqeRr3OB6IA
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:40 GMT
AN-X-Request-Uuid
22229611-29cc-4186-872a-50799e68c5ee
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEApdNkY_mPeXk2c5D4sa3_o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFAA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKekxgIQwNKMgwQY1bv-2wEwAQ&v=APEucNV6tO6UORv4ANpkSbq4Qc5C_Pv2kEB4F0DdwXKFiGpLqJrukwK2yVQJOQtGMqWsjKf4POB9TBlcbQWPHW-OqeRr3OB6IA
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Dec 2022 01:02:40 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
726497da-219d-47b0-b8fc-b7e6985ff707
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A5D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHVhnPAicDLdo4IwfTl_vA8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHVhnPAicDLdo4IwfTl_vA8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPH1NRDdm5cBGNPW99UBMAE&v=APEucNWcFQPnYm03RaLmMiibk5Bkgw8MoEoO_IEQNhjnFFi0adn0qgypV_7nCz-kRv7y0QEweDO7yXCTn2jC7q2yxC7avIbUTw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHVhnPAicDLdo4IwfTl_vA8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5D4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2FjMzY0NTItYTFiMS0yMWQ1LWQ2YzctOGQ3MjE5MTI3YWJl
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2FjMzY0NTItYTFiMS0yMWQ1LWQ2YzctOGQ3MjE5MTI3YWJl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPH1NRDdm5cBGNPW99UBMAE&v=APEucNWcFQPnYm03RaLmMiibk5Bkgw8MoEoO_IEQNhjnFFi0adn0qgypV_7nCz-kRv7y0QEweDO7yXCTn2jC7q2yxC7avIbUTw
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2FjMzY0NTItYTFiMS0yMWQ1LWQ2YzctOGQ3MjE5MTI3YWJl
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame A5D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBHx8cwW_3tCuDRz4ZVtxL0&google_cver=1
23 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBHx8cwW_3tCuDRz4ZVtxL0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPH1NRDdm5cBGNPW99UBMAE&v=APEucNWcFQPnYm03RaLmMiibk5Bkgw8MoEoO_IEQNhjnFFi0adn0qgypV_7nCz-kRv7y0QEweDO7yXCTn2jC7q2yxC7avIbUTw
Protocol
H2
Server
23.73.13.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-13-34.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 01:02:41 GMT
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBHx8cwW_3tCuDRz4ZVtxL0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A5D4
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTQ0OWUzYzYtZDEyMy00ZTEzLWJlNGQtMzMyODU1ODI1NTlk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTQ0OWUzYzYtZDEyMy00ZTEzLWJlNGQtMzMyODU1ODI1NTlk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPH1NRDdm5cBGNPW99UBMAE&v=APEucNWcFQPnYm03RaLmMiibk5Bkgw8MoEoO_IEQNhjnFFi0adn0qgypV_7nCz-kRv7y0QEweDO7yXCTn2jC7q2yxC7avIbUTw
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NTQ0OWUzYzYtZDEyMy00ZTEzLWJlNGQtMzMyODU1ODI1NTlk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Fri, 16 Dec 2022 01:02:41 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame ED94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdW3yTWvJNrl3p3fV9uSkC90h9NqTr6miOLwgTb51Vq6mLkS-_PBagNiW3Xy0_J3HbB6rlE1bdbI8kjOwQiEAGxsnU2ECcoBCZZxeyYe-hYjQLWBb6k0hvAfNmFT7RS_OoqRgAB488nzQjzgsT886nKEU3vghtl6hyQwhX2Fp0G0CLGgSOXFwH-PmfdZB6-jgXkOyhYZpEPo648XmmpgHGIYYqW1oKBudtJ6krF_VPeap2HzM-5Y8ep_3R-M6aNvPVipz8hisrC3F8KMsiGLXey60ROowjTFvP9Kug57GgDi4p-CHt0mIbKIwNT2zj7NHjGrSN&sai=AMfl-YSRkKXEtOUeKmz7HrM3XMkn-RQg0E0ONyJRKVGXOQl6JapqdsFCud-ir-lIKDMC22OdvdxYB2xziooVukfk6uPnfsDwsoYVLHuWL5Md2B8IWI1yQWopr_bW6SRbF6lPzw&sig=Cg0ArKJSzP0GJIqZSbHiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:40 GMT
truncated
/ Frame ED94 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8785e4dc35b113c133137cddb644d17d9e1af63e4ecc4dfd9589fd1e62089bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 8BF5 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=4857565153&chanId=171638111&placementId=5329951885&pubCreative=138306973687&pubOrder=2678049062&cb=1851874928&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
61de6bb82566c9538bae9aeba8655b87931dd646f4441b1e1c500e8afc3992a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 469A 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Origin
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:23:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 03:23:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 469A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKUAMjp4iqfQJb5S4NGigpJVeDL3tbkWj4Ox3i8QNrnZQ2b3Jyj4aC0AmnFb3OXurKWCVEA1GcyAOslVoxX1n-qnWf0g&cry=1&dbm_d=AKAmf-DajV5QYf3CW_b18E-h-L7GVare8g2A7d-yEcHQROZcQ0AG_rGk7RB1OMKPXSNMpNZDEOCXxLdjjF1W9hdP0x4M2mSWfr0K-eHwUJFlWA7mMgXKkjLEFxxi7ooRGKB1Wks1gYvtcCwMPnm3e3hMurS9KdAf-4V-TCvxxBaZHMWxKejcw5Md-OL0N_cIbdZYrH1SlupluuZ7NMX_ICgnBtf__EqHJKkDsRGe4NIu5Nn2XunglV-rNh8Q3aXwgfn1yb1GQiRmOlKcNBf2lcGQT3cfOzEoXY0cCnzD8WbiBvZsX5OfMEikFqvItAybL4-nB6RgI5C3HklvA_AYCfxFqG_aurzajxT4MGtpWSFraKdxlMDgCJHLkp95CLg4_zxaiRpgbZJHnLXoDwV0Xvo0qqtlqSAe5Coy3YqGgagZ4vE0wmvpZGS4rCcHP1OnpA5e9UOI5vlUhr-kwiO8WR7DEYNQVciFiBfiyXjrbINea9OEElV2C0iaT1v4g_hwezWBJ5I3OhmOJnYpLyupxc9JYBAozk4WRVru91CRM_Bq6xB0bP6-1t8LIPOPBorjJAemyXpLUSFxbVErEurj-qdWCVhwaTpmCdtGJ7dnkqyehEuXnNv5-VGxkbiG2Dk3anqdz9Od_TiUnorY8EqmZtQ2G5Uv7LZJ5VKd6HS7ZDZusVTPYRdZFmLv3wIthVXcf9L7bTyzUdv_WUwCISjgFuRDRPvSU9nCmD4Avii-df0Bb0RXCY7lp_ub0-PoR0TkoJ54UoJx9mSYUOImyxcOhmDqZx2x9mwkqy1sabqqZNMR6eiXubykRg94PREs53rnOIzdsFbOoXUsCbjwbB6DfKP4kbTevsQ5oT8nfQ656GQkEBGWNyCzB8yGO6qTTJ7dko57IOws14BQ5wfCGVCHgs963nbealCKQYWGSfP7b33OBINc-KQ2QDIAxmJKmGwgMy8wrv1p7T1OPfTncvsAx_Ir2Raceh6vFVJdyDPMj-VstA25kKzLNsGnpQIi4Dz0pATn3nbTQhCLddKMZCUani12pAjWf0pm9pBvusvI39eHZ-EXDXkBYTjG7eBYOxu1bsKx0QftIlSrzVgIypCPVSdhe9Y4N__1XRzfzeTWzjldLN101DKgaIOkX8-6BgMOn23ly6GcrZG3SKcR1-OuUIEzB8YEs0lJMRTN5wVZ_9pNZeZ7p4AipcV7uuysJDbW6qpK0KXTiZ7MVjBjWcMqx7UmxAP25Kqv1UhJQ_YUSdRc8rd7f4ZQuDalbXobTv3BBV9KQ2ecVCRdCyvvyKQFDFPCM0ToSZEsBvLscTh19jUe9YUzx6cFw_hY-a7SAqBqmqn7hTTghVST5pFFXyWLm9SEOiuIEHk7fQUeWnpch_oN7WYK0xNauLi46nrjQ_pDoXknh9GFym-KJSJs9k2Cs0itc9fZaSB9EZlioU8YdBBCD4gUkS9E4zexb0Jd4a3trbeKmLHjs63biBps80164bw4Y3Rprfsl9U4z1RvGDz1df7oe9csBN5D02f21dKBnfeoz7YuosiVHglklJ_aY2BbFVlVRXWZvszkpaNg9EIQjmJYwlNtYSm7ja5iUhjYwWcJ1QZ4QNgjU3yAtgLRbuYnWh57Yce_oO3TjLITB87KhG_xOJHklAqHoimB9B6fvkKmj6f4Z4_ltU2txLoUjrMPIgQ5aJYHwzf-xG0dYi-CKEJ2avZTC_pcI6rXwOINCI-9QPqjde0CjRXwuw6ae8Zd8TvWlkVMsh1LUojx-WoD3KnPq5x2b5eFmKHfV4V855EgeYvaNx_BKifvvHjpr1oAwUIXquT7F5zZlZUlFBdM-BYSJuEffh8tDYMTS_3Mjo5GHDq1DE77kXHNwJNJ7S8IYWtFT00OBO_lsKDUf5FBLga4r4gUMmknANIeqqWgFiWwwsO_PvqL2cnfXlykn8bP_3Dh8AIRolytk-4aii0qwn0VwpbPQ16hfeVUWnIoR2EwMqvdqj_ahABUBwf7xEfXztkgmJEH8qgCM-CMxIsGVAJlpvFD2uvMJeP_6gPylKWqMuzVwfw7UjRITXjXm54MUiOR_1WvRU8w9sPIb1Lu1mVZhzQJR6VElJKw7D8-ODc8g0SgjCNMoX_HdhuRziLgM0DHS5xfdNxF1Z8NAnf4ISZ9P6oFkZgALalfpEi01iYMJeCsM1H7aRdc9xvThK51QoYX2ZEq1lIogUZXPu9X9Ti86NFc_2CYRl9PYxl5fCc1hlU_67y4K7XH7w36i4IFycGx3I03lerA41a3lkykqR79AYXRMRNQM5AjeluCSckFAvnJkjYrVKZfYEwUNn_1N4csKHX55pA7pRNSrHs2W23HYABFyzqIUx7_oF2j2Dx6olCSpWpz2aJEehUKSRDaot9Dcj8DKbMc4H1s20dU7r_1HoT53t1P1HfHKeHG_mcHe0E6kKQPntBOKKCQtKcTSmhTNkXJPrIEYiE0kZRYYFijuu6aErXNzUhCyspUScC6fwMY-Lbtp40hz_FNd2wrAaSxdaet_OUl2G-Of5KNRvyKfjX4LSlFOCF8pAHZSBAWvTztfpdN0N7vPHOc3qSUeO3NwMOacuyGmnqz11JMd3fmbNIHC-FDf5Xg0OoVgQzBKDgSOQz2QFiBi7YOH1oaVxtPFg8tQQSbt7Aa590IDr-cijXYx9xfos2RNw_1cEYMITsPGUz1kn3WMQmmEfkGMHw-Iq6YNTSUU5ToHSRVkzmeev4QJhNsBz38tJWB7rp5_MXVO4VL3Ctl7krMnt3PgI-82KvxnTZUsyN0fwkrWNOC2ImwdIHA11DpdU6D9zvhI3rJGVX-GodGQ2chNVTPnOBYLSem86nXjP7tSUbCeP6eya-5OnFitO6eKVYpl1ub_5wdJv3KrMihhTpJjZ_dSUeP4EDykiqWh5mEqo_OrRqEHYK7kNgDE7-c3L9MbeQ2CFhK6H3FGOFD8zs53jaq1wcsiLbyyxf5imxVHaxwG8J6Bt7jwtwZSAwlnVBvUgnKGtM_C9CMtm2ZhqeFkUaXcaDlanijZWBMEJi5eBVru7uHIrIIcCnvnwjUYBvBe3zCS-I3SXAy2uUOisvf3vdkLkyBd9kUgKKkHqEink_Xvid82ivpPtW1pb5RJxFvxO4FY0M196x_1cg3oJeyZ7gHFpTLDzFyg7X5PEbWCwnOzCcn6d7Wiws2_o2IQ_rFoexxsgtoy8QHD26v2VynZjoAt933nRRKmvQ&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
84705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 01:30:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 469A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKUAMjp4iqfQJb5S4NGigpJVeDL3tbkWj4Ox3i8QNrnZQ2b3Jyj4aC0AmnFb3OXurKWCVEA1GcyAOslVoxX1n-qnWf0g&cry=1&dbm_d=AKAmf-DajV5QYf3CW_b18E-h-L7GVare8g2A7d-yEcHQROZcQ0AG_rGk7RB1OMKPXSNMpNZDEOCXxLdjjF1W9hdP0x4M2mSWfr0K-eHwUJFlWA7mMgXKkjLEFxxi7ooRGKB1Wks1gYvtcCwMPnm3e3hMurS9KdAf-4V-TCvxxBaZHMWxKejcw5Md-OL0N_cIbdZYrH1SlupluuZ7NMX_ICgnBtf__EqHJKkDsRGe4NIu5Nn2XunglV-rNh8Q3aXwgfn1yb1GQiRmOlKcNBf2lcGQT3cfOzEoXY0cCnzD8WbiBvZsX5OfMEikFqvItAybL4-nB6RgI5C3HklvA_AYCfxFqG_aurzajxT4MGtpWSFraKdxlMDgCJHLkp95CLg4_zxaiRpgbZJHnLXoDwV0Xvo0qqtlqSAe5Coy3YqGgagZ4vE0wmvpZGS4rCcHP1OnpA5e9UOI5vlUhr-kwiO8WR7DEYNQVciFiBfiyXjrbINea9OEElV2C0iaT1v4g_hwezWBJ5I3OhmOJnYpLyupxc9JYBAozk4WRVru91CRM_Bq6xB0bP6-1t8LIPOPBorjJAemyXpLUSFxbVErEurj-qdWCVhwaTpmCdtGJ7dnkqyehEuXnNv5-VGxkbiG2Dk3anqdz9Od_TiUnorY8EqmZtQ2G5Uv7LZJ5VKd6HS7ZDZusVTPYRdZFmLv3wIthVXcf9L7bTyzUdv_WUwCISjgFuRDRPvSU9nCmD4Avii-df0Bb0RXCY7lp_ub0-PoR0TkoJ54UoJx9mSYUOImyxcOhmDqZx2x9mwkqy1sabqqZNMR6eiXubykRg94PREs53rnOIzdsFbOoXUsCbjwbB6DfKP4kbTevsQ5oT8nfQ656GQkEBGWNyCzB8yGO6qTTJ7dko57IOws14BQ5wfCGVCHgs963nbealCKQYWGSfP7b33OBINc-KQ2QDIAxmJKmGwgMy8wrv1p7T1OPfTncvsAx_Ir2Raceh6vFVJdyDPMj-VstA25kKzLNsGnpQIi4Dz0pATn3nbTQhCLddKMZCUani12pAjWf0pm9pBvusvI39eHZ-EXDXkBYTjG7eBYOxu1bsKx0QftIlSrzVgIypCPVSdhe9Y4N__1XRzfzeTWzjldLN101DKgaIOkX8-6BgMOn23ly6GcrZG3SKcR1-OuUIEzB8YEs0lJMRTN5wVZ_9pNZeZ7p4AipcV7uuysJDbW6qpK0KXTiZ7MVjBjWcMqx7UmxAP25Kqv1UhJQ_YUSdRc8rd7f4ZQuDalbXobTv3BBV9KQ2ecVCRdCyvvyKQFDFPCM0ToSZEsBvLscTh19jUe9YUzx6cFw_hY-a7SAqBqmqn7hTTghVST5pFFXyWLm9SEOiuIEHk7fQUeWnpch_oN7WYK0xNauLi46nrjQ_pDoXknh9GFym-KJSJs9k2Cs0itc9fZaSB9EZlioU8YdBBCD4gUkS9E4zexb0Jd4a3trbeKmLHjs63biBps80164bw4Y3Rprfsl9U4z1RvGDz1df7oe9csBN5D02f21dKBnfeoz7YuosiVHglklJ_aY2BbFVlVRXWZvszkpaNg9EIQjmJYwlNtYSm7ja5iUhjYwWcJ1QZ4QNgjU3yAtgLRbuYnWh57Yce_oO3TjLITB87KhG_xOJHklAqHoimB9B6fvkKmj6f4Z4_ltU2txLoUjrMPIgQ5aJYHwzf-xG0dYi-CKEJ2avZTC_pcI6rXwOINCI-9QPqjde0CjRXwuw6ae8Zd8TvWlkVMsh1LUojx-WoD3KnPq5x2b5eFmKHfV4V855EgeYvaNx_BKifvvHjpr1oAwUIXquT7F5zZlZUlFBdM-BYSJuEffh8tDYMTS_3Mjo5GHDq1DE77kXHNwJNJ7S8IYWtFT00OBO_lsKDUf5FBLga4r4gUMmknANIeqqWgFiWwwsO_PvqL2cnfXlykn8bP_3Dh8AIRolytk-4aii0qwn0VwpbPQ16hfeVUWnIoR2EwMqvdqj_ahABUBwf7xEfXztkgmJEH8qgCM-CMxIsGVAJlpvFD2uvMJeP_6gPylKWqMuzVwfw7UjRITXjXm54MUiOR_1WvRU8w9sPIb1Lu1mVZhzQJR6VElJKw7D8-ODc8g0SgjCNMoX_HdhuRziLgM0DHS5xfdNxF1Z8NAnf4ISZ9P6oFkZgALalfpEi01iYMJeCsM1H7aRdc9xvThK51QoYX2ZEq1lIogUZXPu9X9Ti86NFc_2CYRl9PYxl5fCc1hlU_67y4K7XH7w36i4IFycGx3I03lerA41a3lkykqR79AYXRMRNQM5AjeluCSckFAvnJkjYrVKZfYEwUNn_1N4csKHX55pA7pRNSrHs2W23HYABFyzqIUx7_oF2j2Dx6olCSpWpz2aJEehUKSRDaot9Dcj8DKbMc4H1s20dU7r_1HoT53t1P1HfHKeHG_mcHe0E6kKQPntBOKKCQtKcTSmhTNkXJPrIEYiE0kZRYYFijuu6aErXNzUhCyspUScC6fwMY-Lbtp40hz_FNd2wrAaSxdaet_OUl2G-Of5KNRvyKfjX4LSlFOCF8pAHZSBAWvTztfpdN0N7vPHOc3qSUeO3NwMOacuyGmnqz11JMd3fmbNIHC-FDf5Xg0OoVgQzBKDgSOQz2QFiBi7YOH1oaVxtPFg8tQQSbt7Aa590IDr-cijXYx9xfos2RNw_1cEYMITsPGUz1kn3WMQmmEfkGMHw-Iq6YNTSUU5ToHSRVkzmeev4QJhNsBz38tJWB7rp5_MXVO4VL3Ctl7krMnt3PgI-82KvxnTZUsyN0fwkrWNOC2ImwdIHA11DpdU6D9zvhI3rJGVX-GodGQ2chNVTPnOBYLSem86nXjP7tSUbCeP6eya-5OnFitO6eKVYpl1ub_5wdJv3KrMihhTpJjZ_dSUeP4EDykiqWh5mEqo_OrRqEHYK7kNgDE7-c3L9MbeQ2CFhK6H3FGOFD8zs53jaq1wcsiLbyyxf5imxVHaxwG8J6Bt7jwtwZSAwlnVBvUgnKGtM_C9CMtm2ZhqeFkUaXcaDlanijZWBMEJi5eBVru7uHIrIIcCnvnwjUYBvBe3zCS-I3SXAy2uUOisvf3vdkLkyBd9kUgKKkHqEink_Xvid82ivpPtW1pb5RJxFvxO4FY0M196x_1cg3oJeyZ7gHFpTLDzFyg7X5PEbWCwnOzCcn6d7Wiws2_o2IQ_rFoexxsgtoy8QHD26v2VynZjoAt933nRRKmvQ&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
8697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:37:43 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 96CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 16 Dec 2022 01:02:40 GMT
Expires
Fri, 16 Dec 2022 01:02:39 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 254 34fcae8 master nrt-pixel-x1 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 5D6E 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID868C18B6-C4A5-4198-AA13-94B96ED44ADF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Dec 2022 01:02:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FJ982WYZ5VC8JH7T8P6J
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C946
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=howYtsSlQZiqE5S5btRK3w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=149203
accept-ranges
bytes
content-length
5549
expires
Sat, 17 Dec 2022 18:29:23 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C946
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=868C18B6-C4A5-4198-AA13-94B96ED44ADF
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=868C18B6-C4A5-4198-AA13-94B96ED44ADF
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&ttd_puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&ttd_puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&ttd_puid=98634a23-b404-4601-b8ae-f5ddb66f6c8e%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
qmap
sync.crwdcntrl.net/ Frame C946
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=&ct=y
49 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
3.0.118.42 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-118-42.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.1.19
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.0.44
content-length
0
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame C946 		42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=868C18B6-C4A5-4198-AA13-94B96ED44ADF&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:57 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C946
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODY4QzE4QjYtQzRBNS00MTk4LUFBMTMtOTRCOTZFRDQ0QURG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C946
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELIwECIop3wvUaSOJwdIkCQ&google_cver=1
42 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELIwECIop3wvUaSOJwdIkCQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELIwECIop3wvUaSOJwdIkCQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C946
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:974533835F9D416FB00BF3A590E6F282
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:974533835F9D416FB00BF3A590E6F282
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:974533835F9D416FB00BF3A590E6F282
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Dec 2022 01:02:41 GMT
868C18B6-C4A5-4198-AA13-94B96ED44ADF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C946 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/868C18B6-C4A5-4198-AA13-94B96ED44ADF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C946
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=
42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
ecm3
s.amazon-adsystem.com/ Frame ED33
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBPT30PN-1T-J9B5
  • https://s.amazon-adsystem.com/ecm3?id=LBPT30PN-1T-J9B5&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBPT30PN-1T-J9B5&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EEW352DSY9SKAVQCSKQK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBPT30PN-1T-J9B5&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0A9B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Origin
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 17:44:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 17:44:30 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 0A9B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV8nInYXODY-hXDuGYkGP94ZjyBhdZ4XFzwpyNWLUR3IGIKaw8Tm1d5BtD_Iw_YB33hBkaFHRr_owm3bjq-ZOAmDXHrr9BarMIfltqys-MiE3gtISuja2197PVh26TVZizbxW0fJynoR_izvzBns4dnmM_JOko5OFKvRgNYa7Jlkxc698&dbm_d=AKAmf-ATfhiKrISZlp9nbmfmB864FVrdQmArYStairLf1IA0twHZdrm6TVg0_wWS2ZOixPy3BnVcKmx6k8iWXFL68N3dvb5sfoyRk9U_O9qtbcfFHgM5WBWkdDelpS5qNjd5tAWHikgCdc3XXXYWxbfofsezOaSVQj6wPGIp6w7c_FwyJCQ6zsjEvNZ43fr435Q_mhcG4xi_M5QFcuC7WXU_ypMrYjzDyqj1xE8LIDWXhlgr_qr5xFw8z6YmT8YtiYVFMFL9J-aoBpvYXaq8oQJrQ4KW72unKuJPUtfMbOnJQCAE4elN-cLE0GpxvuG9g_QsFTSUVQN7OjL0EnF92eRcaw-S5cuMnsrvC8J_Xp7mK8ImriNz88PE3jX8v3m3t0tjt9G4t08KdRDq_L9wGfFEh8uji2D7FfFJRAToOixqPbirLcuvpTB6ERuIDSCU4_iJnJNuM7435SKMM1XSX6jcEhz4Ghihfd473Xe2ENXtVp4P-PDwqjlfm300o27vl_ErLlTA61eWUYuEYjpLoTFpAZ9KTEkP2laGmQMZEkSamKnwmJDyJZjzpZ3MLbiQyNdbY7wMqzDJXSyctZZhshxKDq9ZEtMKifzH-FKIrQr4qsnlzc3-llam0SBTGfbgahOKP4IONu6L9cwUvpnTO9kSdHGNJDf-8AIsKE81fFJup3ten6GGOtN5kp9JJ79TCAZprXapjNk-1Vxwpf6EJwRiZCkh3mRn9n6n_2PF9m2WVhLf3O869VSRwD1nPdef81XdSOYVl9DCGVTkV5CLEx-JzQxe10KyiLmNsg64ZvZkpRCpZt4h14okqrB758ks01xJj1G8yRkrBoSm4X2PwYMUCHMauw1tfzzqZhPVkJhwNfxQXvtUjd_vuxafeOUbOzs4uU7OhpJYu9HGY-fgb9ySqEgx64NydqqT8vU0AmM8fGUUykEbk0yTLnZj5dH2Q2w_P4ebmicPr3orLHpaYXrv2pwSkikWkFk9OMF0hLJAItRFU5uMb1BbUxHj96xbBmzOgtka11HuS-87I9MeBx2Ma4RmaDS7OrztUtlkaoN-0Mj71I1leq09cY51L-Ywz10Gp1zofCNTjEhOoHS0UbmR70W4WffXJgai3quRUdCiuC0r0FpBocMF4-i__zfipPs0VCiC9tFfjyA3NXsYCyiqcKn4kUq0_sQzt5MM4wTnbA1jP5l00I-FiGwD_j84C2-qIVeEawCAT7H5LrlT7GuQ8Qp1Dvsnm4CISHFY60eba6mcVEuemNvG4Dzs84xpuA9WM0PRszgQEcS0hY34koVav9x9nh51v3CumM3p73U4KNvd9tPkY25HYtwkvW6KGHobypIt2psWb-I_L2-zFNqlHrEfdBc3PTclne2c9orCx0blOn3WkiM7gvGBGW9mlsgOvP8DoRMcSiL2AjSWy2BxHCI3b0idddVK5wZas5yMeck3DwwPpnvyV9R_6luOw6bRgZ0QQh2maAGiBJhGHNP75vUudTSx2JJd-Uvhm_68_xhufTj1Mlh66b_ydJnY0Jw-YnO_7TmN1qmXz2pSAlH3yHsr9_kj70fOkNE2R8G1RymUEQUdgsrUsKehK4TRcc7dJanaSR1uB515VzcGrtwMnnnXq8rbA7J50_WdD6z0sUJJzUrRbB8N4LGCINI-tHAkxFJlLHORgbKKttlIEeVWasw186BSdSWVaYP60eSgy20k53Ic-G_NdHuXKxhsDE7ZOdq1aHKyjkEPh8iPIfRPTdKSDVv-y7akv2ZqltV9HcXyktiT7U-s70NFHL_CnS2mHWmdaj81bCqdhhBXbOajBuWVdt5ypBLzVAEqF6v3VkuExkW9KDyczjJDBuPvA41u41O0vUOe4p-6j5-oyDaA1emhhZkpJTVNs14nr9k54VGNQpWv9QPZuSVYtcQGcxtjOQ2QVgh7eBm3RK_hpxQyvFLUqTzGu4e_O2lzt2o3qsXHmHUGbA9muQTFO1D0Od5jFEEGpqK5RBqnvAhf-ux5Ed7DGVzH3TrHoJJeyYu-2glrSAgJqANj412GO7vPift4uvFtCuuRX1UboqxJBgtARhRqsdFnKHChRXZBYr2S_g--0B6yIpBtItgJo2DlSWSHKluhOH2ftxLvoMOxY173zyYOCBK5wntnduMx6jafga9rvAkrV5kfZWScgmqgo9VX2eXxHtZu9LgFOe3xMrsQf4GNAciKGTTWKo6jWYvnVDr-JjpVRAjyIfrehaEw_FTX_4VrDK15UELv96RAPOPB008YVysWmHiZKkaq10FVBxbGySduLBoET5sGi4Z-6b_P6ni_f3pLTQQe3iBY6jl8FFLMf15pMtvGnkReynyEHEcggtVkOjnsG6KAcb_FybBA2hjsP0r-4OIclGCFKRdjg4pG5pzggrPV8iiUVz1GEF4t5Lx2gAQUrVwh7eeYfMBGqr5uQpgS0H-Pm0DFWY7yHGjwKRgegsmaW_oa_dVpSvQNfah4kbZegPdPwuX5JZHuKoWF4HhqDDjYX9WVj4SvyexiirHW4SE3D4g2Fqmz_vYf_5mOecmrypxUaMxmzUX3aVr6p3W23ydhAz5MDL-yM8hFjdzu6rCRosFdILVn04YfuHJfbrry2A6lemeajIhjYbAgW9SfQL_2In6r8ABSFBPcXLqdSEb7KSyYdlj1OaC3FIpky83WdHOyU-CcIUIav0zxWr8a7hESVJEX3vjt2izh3IFMc6KjiYuoBCBjGkU0XoDa9S175rn_qxtJeXACN6oGQxLenUEbvSQJuOpOP__kghcuxvzceSWH06rwM40zt7sm6NO85L7_UXHAcaIFJMfCkK1bSSAxZmrkFnENvHVs0mpTngF-Sw0Ew-nAMN3wxtDAnyqsuCxaFmyrbaJRoMqec4gALALZRUf5dWAeWdCqAyHWoZTdQt9FgsmfglLhNICk6hg_3voYYpcF8z8AOlnaLwljsBCY4INy-68r0lwH3emUP8hh2bMy-6xTAngt28BbfcHfpvUJlKC0MeRC0ZX4nPF-PNbq2S1D6dNz3vXBM9qYYtk9lq-YARyi1UEooXkB7emfRmIH4nLalA057oxDPwWWjvrLHWUP2GUTlD9JiXW5vA65oveP7yGI8V7PY1EJ0r7CgNpYqV3Qe5DklZEnjyI8I3wCir7S9LUrA_L2K4vw95Pwt1VXhdvP9nL_GWf-GAFyqM2MX7EHFqX9FpcPGTOxvJG688v4UzUhTKk5_dtcn8UkgcHpre1-3l-jYgQN4ltZJ_MaQSZTKTkM5VCMODNiHM6VpprzwVjmzoLwWWWT3Q&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
84705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 01:30:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 0A9B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV8nInYXODY-hXDuGYkGP94ZjyBhdZ4XFzwpyNWLUR3IGIKaw8Tm1d5BtD_Iw_YB33hBkaFHRr_owm3bjq-ZOAmDXHrr9BarMIfltqys-MiE3gtISuja2197PVh26TVZizbxW0fJynoR_izvzBns4dnmM_JOko5OFKvRgNYa7Jlkxc698&dbm_d=AKAmf-ATfhiKrISZlp9nbmfmB864FVrdQmArYStairLf1IA0twHZdrm6TVg0_wWS2ZOixPy3BnVcKmx6k8iWXFL68N3dvb5sfoyRk9U_O9qtbcfFHgM5WBWkdDelpS5qNjd5tAWHikgCdc3XXXYWxbfofsezOaSVQj6wPGIp6w7c_FwyJCQ6zsjEvNZ43fr435Q_mhcG4xi_M5QFcuC7WXU_ypMrYjzDyqj1xE8LIDWXhlgr_qr5xFw8z6YmT8YtiYVFMFL9J-aoBpvYXaq8oQJrQ4KW72unKuJPUtfMbOnJQCAE4elN-cLE0GpxvuG9g_QsFTSUVQN7OjL0EnF92eRcaw-S5cuMnsrvC8J_Xp7mK8ImriNz88PE3jX8v3m3t0tjt9G4t08KdRDq_L9wGfFEh8uji2D7FfFJRAToOixqPbirLcuvpTB6ERuIDSCU4_iJnJNuM7435SKMM1XSX6jcEhz4Ghihfd473Xe2ENXtVp4P-PDwqjlfm300o27vl_ErLlTA61eWUYuEYjpLoTFpAZ9KTEkP2laGmQMZEkSamKnwmJDyJZjzpZ3MLbiQyNdbY7wMqzDJXSyctZZhshxKDq9ZEtMKifzH-FKIrQr4qsnlzc3-llam0SBTGfbgahOKP4IONu6L9cwUvpnTO9kSdHGNJDf-8AIsKE81fFJup3ten6GGOtN5kp9JJ79TCAZprXapjNk-1Vxwpf6EJwRiZCkh3mRn9n6n_2PF9m2WVhLf3O869VSRwD1nPdef81XdSOYVl9DCGVTkV5CLEx-JzQxe10KyiLmNsg64ZvZkpRCpZt4h14okqrB758ks01xJj1G8yRkrBoSm4X2PwYMUCHMauw1tfzzqZhPVkJhwNfxQXvtUjd_vuxafeOUbOzs4uU7OhpJYu9HGY-fgb9ySqEgx64NydqqT8vU0AmM8fGUUykEbk0yTLnZj5dH2Q2w_P4ebmicPr3orLHpaYXrv2pwSkikWkFk9OMF0hLJAItRFU5uMb1BbUxHj96xbBmzOgtka11HuS-87I9MeBx2Ma4RmaDS7OrztUtlkaoN-0Mj71I1leq09cY51L-Ywz10Gp1zofCNTjEhOoHS0UbmR70W4WffXJgai3quRUdCiuC0r0FpBocMF4-i__zfipPs0VCiC9tFfjyA3NXsYCyiqcKn4kUq0_sQzt5MM4wTnbA1jP5l00I-FiGwD_j84C2-qIVeEawCAT7H5LrlT7GuQ8Qp1Dvsnm4CISHFY60eba6mcVEuemNvG4Dzs84xpuA9WM0PRszgQEcS0hY34koVav9x9nh51v3CumM3p73U4KNvd9tPkY25HYtwkvW6KGHobypIt2psWb-I_L2-zFNqlHrEfdBc3PTclne2c9orCx0blOn3WkiM7gvGBGW9mlsgOvP8DoRMcSiL2AjSWy2BxHCI3b0idddVK5wZas5yMeck3DwwPpnvyV9R_6luOw6bRgZ0QQh2maAGiBJhGHNP75vUudTSx2JJd-Uvhm_68_xhufTj1Mlh66b_ydJnY0Jw-YnO_7TmN1qmXz2pSAlH3yHsr9_kj70fOkNE2R8G1RymUEQUdgsrUsKehK4TRcc7dJanaSR1uB515VzcGrtwMnnnXq8rbA7J50_WdD6z0sUJJzUrRbB8N4LGCINI-tHAkxFJlLHORgbKKttlIEeVWasw186BSdSWVaYP60eSgy20k53Ic-G_NdHuXKxhsDE7ZOdq1aHKyjkEPh8iPIfRPTdKSDVv-y7akv2ZqltV9HcXyktiT7U-s70NFHL_CnS2mHWmdaj81bCqdhhBXbOajBuWVdt5ypBLzVAEqF6v3VkuExkW9KDyczjJDBuPvA41u41O0vUOe4p-6j5-oyDaA1emhhZkpJTVNs14nr9k54VGNQpWv9QPZuSVYtcQGcxtjOQ2QVgh7eBm3RK_hpxQyvFLUqTzGu4e_O2lzt2o3qsXHmHUGbA9muQTFO1D0Od5jFEEGpqK5RBqnvAhf-ux5Ed7DGVzH3TrHoJJeyYu-2glrSAgJqANj412GO7vPift4uvFtCuuRX1UboqxJBgtARhRqsdFnKHChRXZBYr2S_g--0B6yIpBtItgJo2DlSWSHKluhOH2ftxLvoMOxY173zyYOCBK5wntnduMx6jafga9rvAkrV5kfZWScgmqgo9VX2eXxHtZu9LgFOe3xMrsQf4GNAciKGTTWKo6jWYvnVDr-JjpVRAjyIfrehaEw_FTX_4VrDK15UELv96RAPOPB008YVysWmHiZKkaq10FVBxbGySduLBoET5sGi4Z-6b_P6ni_f3pLTQQe3iBY6jl8FFLMf15pMtvGnkReynyEHEcggtVkOjnsG6KAcb_FybBA2hjsP0r-4OIclGCFKRdjg4pG5pzggrPV8iiUVz1GEF4t5Lx2gAQUrVwh7eeYfMBGqr5uQpgS0H-Pm0DFWY7yHGjwKRgegsmaW_oa_dVpSvQNfah4kbZegPdPwuX5JZHuKoWF4HhqDDjYX9WVj4SvyexiirHW4SE3D4g2Fqmz_vYf_5mOecmrypxUaMxmzUX3aVr6p3W23ydhAz5MDL-yM8hFjdzu6rCRosFdILVn04YfuHJfbrry2A6lemeajIhjYbAgW9SfQL_2In6r8ABSFBPcXLqdSEb7KSyYdlj1OaC3FIpky83WdHOyU-CcIUIav0zxWr8a7hESVJEX3vjt2izh3IFMc6KjiYuoBCBjGkU0XoDa9S175rn_qxtJeXACN6oGQxLenUEbvSQJuOpOP__kghcuxvzceSWH06rwM40zt7sm6NO85L7_UXHAcaIFJMfCkK1bSSAxZmrkFnENvHVs0mpTngF-Sw0Ew-nAMN3wxtDAnyqsuCxaFmyrbaJRoMqec4gALALZRUf5dWAeWdCqAyHWoZTdQt9FgsmfglLhNICk6hg_3voYYpcF8z8AOlnaLwljsBCY4INy-68r0lwH3emUP8hh2bMy-6xTAngt28BbfcHfpvUJlKC0MeRC0ZX4nPF-PNbq2S1D6dNz3vXBM9qYYtk9lq-YARyi1UEooXkB7emfRmIH4nLalA057oxDPwWWjvrLHWUP2GUTlD9JiXW5vA65oveP7yGI8V7PY1EJ0r7CgNpYqV3Qe5DklZEnjyI8I3wCir7S9LUrA_L2K4vw95Pwt1VXhdvP9nL_GWf-GAFyqM2MX7EHFqX9FpcPGTOxvJG688v4UzUhTKk5_dtcn8UkgcHpre1-3l-jYgQN4ltZJ_MaQSZTKTkM5VCMODNiHM6VpprzwVjmzoLwWWWT3Q&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
8697
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:37:43 GMT
tap.php
pixel.rubiconproject.com/ Frame ED33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame ED33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPT30PN-1T-J9B5
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPT30PN-1T-J9B5
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:40 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F9332ED720D34745A799B41DD4CDECBD Ref B: SYD03EDGE1620 Ref C: 2022-12-16T01:02:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv54bE8+ATQlO6z2IO9g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBPT30PN-1T-J9B5
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame ED33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame ED33
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_1VIaBW6SZ6iMZFAcWPd0g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_1VIaBW6SZ6iMZFAcWPd0g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_1VIaBW6SZ6iMZFAcWPd0g
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PTYY90VPVE541417K2J7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_1VIaBW6SZ6iMZFAcWPd0g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame ED33
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=&expires=30
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame ED33 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ABFA08Q411BF36SHP4KH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame ED33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-s5MUcmbL4HpvBNlbLaDyMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-u9R9XrFE2oKFd3qMMp4wEu47AWAHmniKWC3DBw--~A
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-u9R9XrFE2oKFd3qMMp4wEu47AWAHmniKWC3DBw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-u9R9XrFE2oKFd3qMMp4wEu47AWAHmniKWC3DBw--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame ED33
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 469A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 10:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:22:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 03DD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
67941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 06:10:19 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 06:10:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 469A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa85a1148f1d73bf2403db63de285ff8fddb70fee7e382c818beb7ea8a568f73

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L... Frame 527E 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6kX_SzSOrn8QaDenfiXKg7RQOFeg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
c6e041b95a4b73a36f6b3f5db69c0ff1d7e6bdfe8f9754537c5a971f912dd05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:58:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45899
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 19:58:15 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L... Frame 527E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6kX_SzSOrn8QaDenfiXKg7RQOFeg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
fe98ce32828ef7d35e8bc5477487855460c4b0d1b6c172e1cf8b57bd528fcaac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7317
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 20:02:20 GMT
jsdiagnostic
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:10507&sessionId:a31e8919-0236-2142-4d33-bcd84ada9f76&err:responsetime%3A638%26probability%3A10
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
up_loader.1.1.0.js
js.adsrvr.org/ Frame 5197 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:23:45 GMT
Content-Encoding
gzip
Via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
28471
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
Mt6bYYQ3xto5OeqpjzSOhSJflmuT59ctudO0hHiGoDewwJcv4KkmVg==
uwt.js
static.ads-twitter.com/ Frame DF89 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.112.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-nrt-rjtf7700044-NRT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame DCD6 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
/
Resource Hash
3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 18:31:06 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=63031
accept-ranges
bytes
content-length
4654
js
www.googletagmanager.com/gtag/ Frame 87DC 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4ac3916e1a9c36de3692fd8efb47df76d61181b53abe3c4842fe28720e4f439a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53008
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 01:02:41 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame F7E1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 17:23:45 GMT
Content-Encoding
gzip
Via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
28471
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
r76L0u2JyG6J_NPS3k3iN3lAlRbZX825NPZsSgDMXurP63_hu0nzRg==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 7117 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
Mon, 31 Oct 2022 05:58:51 GMT
Date
Fri, 16 Dec 2022 01:02:41 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
68538
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21944-LGA, cache-syd10178-SYD
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1671152561.180176,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
672271, 11740
activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918
8228261.fls.doubleclick.net/ Frame CBE2
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=906723867765...
402 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
f4dc592dc5c6ef8b5aaa8a5ec8b68ee3be67c9fbd0e1a712d2fa08368b050e7a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:41 GMT
expires
Fri, 16 Dec 2022 01:02:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782
8228261.fls.doubleclick.net/ Frame 9372
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129...
403 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
888e0258d4d0d3ca733b93f230e6a761106ea103428823b6dbf7beda15f7b748
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
228
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:41 GMT
expires
Fri, 16 Dec 2022 01:02:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 9450 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
68f1e77a69313cb501bb6e02777d6f2bcc656e63973430ffb3079cbba24e1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53003
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Dec 2022 01:02:41 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 1381 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16824
x-xss-protection
0
server
cafe
etag
9000569688538989929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Dec 2022 01:02:41 GMT
sync
ups.analytics.yahoo.com/ups/55953/ Frame DC94
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-UuEMjyhE2uIGp.JOBxKD5MU4VMNjy2I-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=0&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.74.13.196 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&_origin=0&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
267
px
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
AN-X-Request-Uuid
0d5bf3c3-b6f0-432d-b06b-31857276f0f2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
AN-X-Request-Uuid
bd043f80-23f2-4b2c-ab18-e4fa0a74bf4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0A9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 10:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:22:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 62E2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
67941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 06:10:19 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 06:10:19 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0A9B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8e963ef893f2af1b54a1601c05ad0b2f9755357f5ebfd762d7e09bc8f91cba2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
base.js
cdn.inskinad.com/isfe/4.1/js/integration/ 		261 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/publishercode/1088716/default.js?autoload&id=ism_tag_86959548288253680
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
018adba7b90b8c9865b847519768f00e14664facdb16a83e752ae61b04f7f394

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
BjjAo3o_mHS_VmJMX2V3veierggj2hud
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:42 GMT
last-modified
Thu, 17 Nov 2022 09:59:25 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
etag
W/"9584964dec5a61725a9127a8f15551ba"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
WKl5pb2iCiHBgwW4pDjjT689HXuh62lRa9-f5FkeW4fvYWJqH9NI9g==
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8b5e69b88af0ba3fa45927e2ccd2dedadf2f8b7c74cbfe369e46acb5f88a785d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.23.93 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-23-93.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 01:02:41 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.23.93 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-23-93.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 16 Dec 2022 01:02:41 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usermatch
ssum-sec.casalemedia.com/ Frame 4893 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e25f59db6454ed5cc5c86bd209333107ab12d55fa86a108f2224c2dcee7a09a8

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a37eb219adaaf6-SYD
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 01:02:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lulqnNOujbevynVx6DdAR8iw4F8Q%2FtWcR7WEJtuemCpLawV9WLhvByIkhUloZTCz%2B9lTsCxIuLgEHWNIjo1%2FSdz6jXJ6s7C0xZllS%2Fkv8aUvqEk27geyp1qO61S6ozTc2kOrNloGnuT%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4539 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20365
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 16 Dec 2022 01:02:41 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
48, 31022
X-Served-By
cache-lga13626-LGA, cache-syd10168-SYD
X-Timer
S1671152561.087678,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 42D9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
507
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77a37eb3697aa7f9-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:41 GMT
expires
Fri, 16 Dec 2022 05:02:41 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C953 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=149202
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Dec 2022 18:29:23 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame EBA8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Dec 2022 01:02:41 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5255120626500132149
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=5255120626500132149
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
1ca2811e-585f-420a-be72-eeecfdbd97fd

Redirect headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6406ff07-dd99-4eed-a637-27e7889dcfd6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=5255120626500132149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AF2E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
42233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 13:18:48 GMT
expires
Fri, 15 Dec 2023 13:18:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 03DD
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDaOOpJ5VK4ffcaXUo3PBMw&google_cver=1&google_push=AavPq0NbkXRpdi7azhH5ohHTDqpTYVcWa7jkwOM89yTcaiX-QvACa7WYJdy7yXvPPTnenaWc40IhldoCDYFpGP-4V78GZ30a...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbkXRpdi7azhH5ohHTDqpTYVcWa7jkwOM89yTcaiX-QvACa7WYJdy7yXvPPTnenaWc40IhldoCDYFpGP-4V78GZ30ap4Qs7gelL9acO03feGoTlmdVL5GI78XNIZ1jMU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbkXRpdi7azhH5ohHTDqpTYVcWa7jkwOM89yTcaiX-QvACa7WYJdy7yXvPPTnenaWc40IhldoCDYFpGP-4V78GZ30ap4Qs7gelL9acO03feGoTlmdVL5GI78XNIZ1jMUSlt_IiEJPT
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AavPq0NbkXRpdi7azhH5ohHTDqpTYVcWa7jkwOM89yTcaiX-QvACa7WYJdy7yXvPPTnenaWc40IhldoCDYFpGP-4V78GZ30ap4Qs7gelL9acO03feGoTlmdVL5GI78XNIZ1jMUSlt_IiEJPT
Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 03DD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJNvD83lan3JcyA5-t1qBsI&google_cver=1&google_push=AavPq0NbQ88hc7CjW2eTKZpYtfg_g3Ud8MjRvPBTzLi32vNOc_nJoSZ6pQklkbP0StNcZKJteeaTgw7CvEY1y4kapYZlHUX...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NbQ88hc7CjW2eTKZpYtfg_g3Ud8MjRvPBTzLi32vNOc_nJoSZ6pQklkbP0StNcZKJteeaTgw7CvEY1y4kapYZlHUX3B-VCv8mPONSpQq-nVoWq5r_-Dg5dEX8lcbqex...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NbQ88hc7CjW2eTKZpYtfg_g3Ud8MjRvPBTzLi32vNOc_nJoSZ6pQklkbP0StNcZKJteeaTgw7CvEY1y4kapYZlHUX3B-VCv8mPONSpQq-nVoWq5r_-Dg5dEX8lcbqexGTfb3Jz2wk&google_hm=eS16SE05eGxCRTJwSFFPX1Z6NFh0Mzh4QWY1WWYzR1g2bn5B
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NbQ88hc7CjW2eTKZpYtfg_g3Ud8MjRvPBTzLi32vNOc_nJoSZ6pQklkbP0StNcZKJteeaTgw7CvEY1y4kapYZlHUX3B-VCv8mPONSpQq-nVoWq5r_-Dg5dEX8lcbqexGTfb3Jz2wk&google_hm=eS16SE05eGxCRTJwSFFPX1Z6NFh0Mzh4QWY1WWYzR1g2bn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 03DD
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAo95Iyqmfb9RsSY8e2VGSI&c_param1=AavPq0PAvD3PA1EJoXx9YzFN8IzgM2G0ilpp-q23fL039GloqEe41qOGVgaShqyhS33MWaQf641hk1Lq2d_2yyS760kpF4RlU_fsZObemO-QVeMAuaK...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PAvD3PA1EJoXx9YzFN8IzgM2G0ilpp-q23fL039GloqEe41qOGVgaShqyhS33MWaQf641hk1Lq2d_2yyS760kpF4RlU_fsZObemO-QVeMAuaKsmCXrAORHNdbNWaI4n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PAvD3PA1EJoXx9YzFN8IzgM2G0ilpp-q23fL039GloqEe41qOGVgaShqyhS33MWaQf641hk1Lq2d_2yyS760kpF4RlU_fsZObemO-QVeMAuaKsmCXrAORHNdbNWaI4nu2RDeGZXCoZ
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0PAvD3PA1EJoXx9YzFN8IzgM2G0ilpp-q23fL039GloqEe41qOGVgaShqyhS33MWaQf641hk1Lq2d_2yyS760kpF4RlU_fsZObemO-QVeMAuaKsmCXrAORHNdbNWaI4nu2RDeGZXCoZ
date
Fri, 16 Dec 2022 01:02:41 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 03DD
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEPmrp2QDWga4mkSG5Vqffe8&google_cver=1&google_push=AavPq0PuDiv0LdwcSOhsSY26K3tPVgZrxSgVcEVhGZUZuQoqk2uVm16fynbdebCKXhotjNlqb_Fkk4PGPzFYJMvyg...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0PuDiv0LdwcSOhsSY26K3tPVgZrxSgVcEVhGZUZuQoqk2uVm16fynbdebCKXhotjNlqb_Fkk4PGPzFYJMvygndGu9uFXCk6j9abggEOjT-MDJ2BDuAcRyrfLKO4Yzg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0PuDiv0LdwcSOhsSY26K3tPVgZrxSgVcEVhGZUZuQoqk2uVm16fynbdebCKXhotjNlqb_Fkk4PGPzFYJMvygndGu9uFXCk6j9abggEOjT-MDJ2BDuAcRyrfLKO4Yzg2_oUEkJF5gdU&google_hm=AT79y8cZBENXjqB9tbzBL-M
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AavPq0PuDiv0LdwcSOhsSY26K3tPVgZrxSgVcEVhGZUZuQoqk2uVm16fynbdebCKXhotjNlqb_Fkk4PGPzFYJMvygndGu9uFXCk6j9abggEOjT-MDJ2BDuAcRyrfLKO4Yzg2_oUEkJF5gdU&google_hm=AT79y8cZBENXjqB9tbzBL-M
Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
Apache
Connection
keep-alive
Content-Length
274
Content-Type
text/html; charset=utf-8
pub
cs.chocolateplatform.com/ Frame 03DD 		0
0
pixel
cm.g.doubleclick.net/ Frame 03DD
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENjoSGEDnE29WCbXFZo7tio&google_cver=1&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28E...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESENjoSGEDnE29WCbXFZo7tio%26google_cver%3D1%26google_push%3DAavPq0OYx-fFycaQIyN-mH...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A1633101085883266158&exchange=193&google_gid=CAESENjoSGEDnE29WCbXFZo7tio&google_cver=1&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKv...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE2MzMxMDEwODU4ODMyNjYxNTg&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE2MzMxMDEwODU4ODMyNjYxNTg&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28EHU3ktWCB5t_gzQEsNY79XmI3DcwiJjhMYH_h5grOTuMmU_tglX6yHBfWE-V1Ykp2EQ
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTE2MzMxMDEwODU4ODMyNjYxNTg&google_push=AavPq0OYx-fFycaQIyN-mHKxOU9ygrb1KuPdydkeKOWUWuPB6oKvrLUdKGorW-xgPcXJLa3W86NgB28EHU3ktWCB5t_gzQEsNY79XmI3DcwiJjhMYH_h5grOTuMmU_tglX6yHBfWE-V1Ykp2EQ
Date
Fri, 16 Dec 2022 01:02:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 03DD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOD9U2w5AxuimzYrh1G26kY&google_cver=1&google_push=AavPq0P_UZ6d70xDi...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D&google_gid=CAESEOD9U2w5AxuimzYrh1G26kY&google_cver=1&google_push=AavPq0P_UZ6d70xDi-Q4HnJ9mHaIELvCIr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D&google_gid=CAESEOD9U2w5AxuimzYrh1G26kY&google_cver=1&google_push=AavPq0P_UZ6d70xDi-Q4HnJ9mHaIELvCIruKZsYCELLrxFiKCrsA4CHqzlYYM9jzyudJW631oT-EgET5vukbDs_bE27kFFDuXtDLsxlIpui2Jc_Z6XIJU9KPQOG1ea4qRYFtbT6kdWw3i5xO5w
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b9943937-78ca-40e2-a2f1-6673cd743b0a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTI1NTEyMDYyNjUwMDEzMjE0OQ%3D%3D&google_gid=CAESEOD9U2w5AxuimzYrh1G26kY&google_cver=1&google_push=AavPq0P_UZ6d70xDi-Q4HnJ9mHaIELvCIruKZsYCELLrxFiKCrsA4CHqzlYYM9jzyudJW631oT-EgET5vukbDs_bE27kFFDuXtDLsxlIpui2Jc_Z6XIJU9KPQOG1ea4qRYFtbT6kdWw3i5xO5w
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 03DD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTVb89rx7ff6ZCJfPWq4mvmd5PCoDPTFYftaENjmd8y6dn3PZD-IlsfOjTzEEOLGGqhlfyy54
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
main.19.8.374.js
static.adsafeprotected.com/ Frame 8BF5 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=4857565153&chanId=171638111&placementId=5329951885&pubCreative=138306973687&pubOrder=2678049062&cb=1851874928&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-15.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
726676
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
zOQqk33HS6jqCyFyIxr8BILMDh3oyHvLeC5f2ERqoIu45Y9kd8PkvQ==
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 62E2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELSRdhy1wEf_692T1UAsKgM&google_cver=1&google_push=AavPq0NjUeY-LI4e2CoTmmvRcCZu4N2O0rivFY8EnDo-yBvKuhPq22p_5DlIB9Bf7lgupE9Z0QLKLuHytCLGNy0nHnTIKcRK6kIKF...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM1MDUxNDU5NjQ5MDE1NDk2MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELSRdhy1wEf_692T1UAsKgM&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELSRdhy1wEf_692T1UAsKgM&google_cver=1
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELSRdhy1wEf_692T1UAsKgM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 62E2
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEAhOEh6hcgdXVGK1-_dRwYM&google_cver=1&google_push=AavPq0OSf4raNJI0zgjIPK0hJhUlBsXyglLGrHEy-d_qrUIETuQ9vs6LRpkV1O00ekGBwxSfXVo8pMl...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0OSf4raNJI0zgjIPK0hJhUlBsXyglLGrHEy-d_qrUIETuQ9vs6LRpkV1O00ekGBwxSfXVo8pMlmaPV_3VhI4EH4XZJKnordUgyBjWP0Q4uKEHux3cuHnQJkyCQ9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0OSf4raNJI0zgjIPK0hJhUlBsXyglLGrHEy-d_qrUIETuQ9vs6LRpkV1O00ekGBwxSfXVo8pMlmaPV_3VhI4EH4XZJKnordUgyBjWP0Q4uKEHux3cuHnQJkyCQ9VCvT8zZUVvc1huHn3xSu_DqJJg&google_hm=jZuNT7yYQqWFg8R4t_1VLo4
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AavPq0OSf4raNJI0zgjIPK0hJhUlBsXyglLGrHEy-d_qrUIETuQ9vs6LRpkV1O00ekGBwxSfXVo8pMlmaPV_3VhI4EH4XZJKnordUgyBjWP0Q4uKEHux3cuHnQJkyCQ9VCvT8zZUVvc1huHn3xSu_DqJJg&google_hm=jZuNT7yYQqWFg8R4t_1VLo4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame 62E2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1&google_push=AavPq0McM12oDdPmWFeXqtLq-r7E5bze3kL-zU1mANlcUbZmmEVRCAitgMkufnr7_HdqR...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WTV2RHE4Q284WXNBQUN4U2d5a0FBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1
43 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
202.241.208.4 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:42 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.142","key":"Y5vDq8Co8YsAACxSgykAAAAA","privacy_sensitive":false,"uid":"Y5vDq8Co8YsAACxSgykAAAAA","upstream_id":"m-ad37"}
X-SO-Key
Y5vDq8Co8YsAACxSgykAAAAA
X-SO-Upstream-ID
m-ad37
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad37.dc4p.scaleout.jp
X-SO-UID
Y5vDq8Co8YsAACxSgykAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
173.245.209.142
X-SO-Cluster-ID
0
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
2
X-SO-LB-Hostname
a-ng40005.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEOd2jp1RtvV0XEWQvkiSTGk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 62E2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIx_J2mhuDleXCSjg0I5bM0&google_cver=1&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFP...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIx_J2mhuDleXCSjg0I5bM0&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFP...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFPyhhEkA3Sx0bEa2_elnkcW9WCxMui4rCEohwPwNMiOhBTQi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFPyhhEkA3Sx0bEa2_elnkcW9WCxMui4rCEohwPwNMiOhBTQio9QU1_F8tkkD7Fk8uKo_-3aU&google_hm=bHJpREd1OURMRHRJQ3JObUVTTGE=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0M-90lIu_uc0LXSK9WpcEnB0ConqYa0VQoxtMbsAb3fB7TfijRJ8adQONkgf-gJzNX6FMMp05LR45VFPyhhEkA3Sx0bEa2_elnkcW9WCxMui4rCEohwPwNMiOhBTQio9QU1_F8tkkD7Fk8uKo_-3aU&google_hm=bHJpREd1OURMRHRJQ3JObUVTTGE=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 62E2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJXFGpLslfllgW4Q5JZ5-Fk&google_cver=1&google_push=AavPq0NhozvnTLH4NHU0P3DCPUXuXDUVzQacPp_WKF1IC8SEFHKfgFW63cdpE5HFiGpkox580j4...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==&google_push=AavPq0NhozvnTLH4NHU0P3DCPUXuXDUVzQacPp_WKF1IC8SEFHKfgFW63cdpE5HFiGpkox580j4fxUGexFcObp_OQwfjmKQo1-PVz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==&google_push=AavPq0NhozvnTLH4NHU0P3DCPUXuXDUVzQacPp_WKF1IC8SEFHKfgFW63cdpE5HFiGpkox580j4fxUGexFcObp_OQwfjmKQo1-PVzQdDw67HSeOdnPkdBF1RRUD5eyhHZwGv3nPNT9nJ8U9kNTGeNR4V_94
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQVDMwUE4tMVQtSjlCNQ==&google_push=AavPq0NhozvnTLH4NHU0P3DCPUXuXDUVzQacPp_WKF1IC8SEFHKfgFW63cdpE5HFiGpkox580j4fxUGexFcObp_OQwfjmKQo1-PVzQdDw67HSeOdnPkdBF1RRUD5eyhHZwGv3nPNT9nJ8U9kNTGeNR4V_94
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
pixel
cm.g.doubleclick.net/ Frame 62E2
Redirect Chain
  • https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEBXZ6X7KO1uzULeEVfGHLIg&google_cver=1&google_push=AavPq0MGOpPQNMX7jQ8oLJP5IOCsu1nFUsUN7a5IbmtAcFrAx8qi_aDYGeqcINOIRtj2TKXf_Fep-NJfKeRDmy4H4wP5...
  • https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AavPq0MGOpPQNMX7jQ8oLJP5IOCsu1nFUsUN7a5IbmtAcFrAx8qi_aDYGeqcINOIRtj2TKXf_Fep-NJfKeRDmy4H4wP5t1SpP_ZTHtWCNKgmesjqGUlHlkgxjN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AavPq0MGOpPQNMX7jQ8oLJP5IOCsu1nFUsUN7a5IbmtAcFrAx8qi_aDYGeqcINOIRtj2TKXf_Fep-NJfKeRDmy4H4wP5t1SpP_ZTHtWCNKgmesjqGUlHlkgxjNa0whv9YhNBoBDCThZDg-tlR7WEPt6Dv5E
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AavPq0MGOpPQNMX7jQ8oLJP5IOCsu1nFUsUN7a5IbmtAcFrAx8qi_aDYGeqcINOIRtj2TKXf_Fep-NJfKeRDmy4H4wP5t1SpP_ZTHtWCNKgmesjqGUlHlkgxjNa0whv9YhNBoBDCThZDg-tlR7WEPt6Dv5E
date
Fri, 16 Dec 2022 01:02:41 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 62E2
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHn9vgGR4Er25oovAUYA05E&google_cver=1&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvA...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvAoqov_3NpwLGOlHPQkZf7l5YHgsYUAABXDYpfAc1zzkbmA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvAoqov_3NpwLGOlHPQkZf7l5YHgsYUAABXDYpfAc1zzkbmACQTdjLSF2rGxpao8dOK5U5qF4RVHRLOYw&google_hm=WTV2RHE4Q284WXNBQUN4U2d5a0FBQUFB
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEHn9vgGR4Er25oovAUYA05E&google_cver=1&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvAoqov_3NpwLGOlHPQkZf7l5YHgsYUAABXDYpfAc1zzkbmACQTdjLSF2rGxpao8dOK5U5qF4RVHRLOYw","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.142","key":"Y5vDq8Co8YsAACxSgykAAAAA","privacy_sensitive":false,"uid":"Y5vDq8Co8YsAACxSgykAAAAA","upstream_id":"m-ad37"}
X-SO-Key
Y5vDq8Co8YsAACxSgykAAAAA
X-SO-Upstream-ID
m-ad37
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad37.dc4p.scaleout.jp
X-SO-UID
Y5vDq8Co8YsAACxSgykAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.142
X-SO-Cluster-ID
0
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0N6Cv8v8iI32IveHbnuf-EOmKstQG_uU_cKG9OM_4pLY-myUlw6QLXzC1fqyB1EY2QUJMwvAoqov_3NpwLGOlHPQkZf7l5YHgsYUAABXDYpfAc1zzkbmACQTdjLSF2rGxpao8dOK5U5qF4RVHRLOYw&google_hm=WTV2RHE4Q284WXNBQUN4U2d5a0FBQUFB
Cache-Control
private
X-SO-Ads-Time
4
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
attr
cm.g.doubleclick.net/pixel/ Frame 62E2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILj2YCVN1SZrSfRpuYVpjz3LpF8WAyu0ccyHjcPVHHJuMj99sgCQbKB26KFBQ5t3PCqXHa
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5078 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
42233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 13:18:48 GMT
expires
Fri, 15 Dec 2023 13:18:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 4539 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
AN-X-Request-Uuid
4639f50e-9585-4b2b-94c5-1612301a57a3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame AF2E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:09:41 GMT
pixie
ib.adnxs.com/ Frame 7117 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1671152561232&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1671152561231&et=1671152561232&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame EBA8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1ab3eeac5d9c63708fa57a4dc53f3e7c3d2f94b3982f6bba9734cd43ff872a79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 22:10:44 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76027
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 22:09:48 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A8A2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac192e5c4b1d3aa6d48a214c074b3d83e1b228aab340c41cc49e78ea6737293

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a37eb43c01aaf6-SYD
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 01:02:41 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZXmc2Kipn8fwhmHSPv%2BxlY7jPTtXjkSLEdblemFzWf9NoXCGp4DREF05lfzk%2FKeNtL0Ezf1KEupulad710ZQQweXRXIMrQiRvvQVE9EC9SlpM016bj8kKP1%2BvWmWN%2FmOfBExof2rMB8xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5255120626500132149
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5255120626500132149
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
872c1d38-033d-4fc0-8035-120090b34fc3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5255120626500132149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4893 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGO3E7HN4cAACAxKPi5mA&expiration=1672362162
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGO3E7HN4cAACAxKPi5mA&expiration=1672362162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGO3E7HN4cAACAxKPi5mA&expiration=1672362162
Date
Fri, 16 Dec 2022 01:02:42 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae4639b-c3ae-4c00-94be-7376bf7903cd
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae4639b-c3ae-4c00-94be-7376bf7903cd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
MT3 254 34fcae8 master nrt-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae4639b-c3ae-4c00-94be-7376bf7903cd
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Dec 2022 01:02:40 GMT
rum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d0c349a4-caca-8d48-04016383
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d0c349a4-caca-8d48-04016383
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Dec 2022 01:02:41 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=d0c349a4-caca-8d48-04016383
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Y7LXHg8aTEM63OFOemkx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2WJXJRMEQ...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Y7LXHg8aTEM63OFOemkx
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Y7LXHg8aTEM63OFOemkx
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Y7LXHg8aTEM63OFOemkx
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4893
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=974533835F9D416FB00BF3A590E6F282
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=974533835F9D416FB00BF3A590E6F282
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=974533835F9D416FB00BF3A590E6F282
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 15 Dec 2022 01:02:41 GMT
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 4893 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y5vDrZW6IKsKO5fjEthZcwAA%265318
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1b-i-0757545b3579e2c69
activeview
pagead2.googlesyndication.com/pcs/ Frame ED94 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJX_W3q6TVKcTVojN8jmVk1iorzHoErwSbAcn9jIYQ9fKSsFQbHaxwfkw53ikGR9gHNczcuFqI1dgAhTAtQMSDNB_pgHU6GemFXDRtRJ18seDIWv3Q&sig=Cg0ArKJSzNSr4zUyXftqEAE&id=lidar2&mcvt=1008&p=3,310,303,1290&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1798527053&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671152559346&rpt=907&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 469A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.107 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-107.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
84850d50823ca8d77cb4c238356e9289dc59dc770f00829d7f3a70aed85c3f70

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:05:32 GMT
Server
Microsoft-IIS/10.0
ETag
W/"064f584fd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
index.html
s0.2mdn.net/sadbundle/3024365137707366032/MREC_300x250/ Frame 0210 		84 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3024365137707366032/MREC_300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
4d313b7d5e685f1c06fe386cd72bd0c87016958fa62dfd72451e895a6fd24225
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26447
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20878
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 17:41:54 GMT
expires
Fri, 15 Dec 2023 17:41:54 GMT
last-modified
Fri, 09 Dec 2022 08:45:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 469A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVDW2yxYGG6eLR1PXP9BYkpab9R3T3W0iY5UwLI9iimeyrsGN3eIySPkQO_4dhaIrw1UdNOC0ZpEXMk5oaHC9GSXwCFYsgIew1oO_WH12vIVauri9Vl9gibTAPFY8Gy03LN523BDNSptyHHspt1iyxDDwzIvYyrrN9zAjrgeB3YPB6I2fW1513WIC8f_k0siR89k_raDscUAmdaRWhKaTWwtiCErJ30cP2nIziHtxcehOmmqwi1RAchbKZDWE60Z-M5bRreY3fLpVlOIYLGrNJClvGTXUwbYAT3CDX-TttExTmL_dM5847uXjuF_jaJYgddY4g0FKtVOpBBFXz84ynU3-9HWJ_iOq4Hdm75yUfY2NrJfMPB967MdnXaVyzKP1_9EyMus-F4c7QqdjOUTEIOV7wAIh4v_yR1IUNDmAN2Bmw05Br1XA6faKa9mBuJVbzypHudVAshTR2k9dyd5nsacFgp3Hp-RCUSRqrtg5Yk8uyy8_1sOy0yWAkEcT3czdJLzRGR4WTeRP-FErIzDzLbUOzGHaLNdsWvzTmff_n6i3V-OzlJJngtl2D60v1p2-VzGG3xL8furbpb3MkhNbtjYKtzoo1l6DKpmAwl8M9wHLe2YL56xBFb2lrRWDAA1od589SDhFj-P1uK6JW_bUo9B3XapO6QbzUrOTZpAjfED9B-Ipx8Jp0NVjKlEJoFWoAIfsMohB72DQwrigrTkV3UOUTpDybyF6gwVpJdRgg8gp_0r8GEbWmeMPYX03RNpC7oZnJXZ3U9Ue8IIRppbcCk8N-udawZsEiV4J5hMSLZKc_YuzL-yCniMwTvroHJEypKALFkPUrVfSIGKuQkii7x3LaHQU8oBMtbaev0sfrRLgeRQQ4Zjzz25zAQMlEO8FcxaTwO-T6vbkMMNUXLHIR8Hhjq6XYYIfxAVBfJyyxuohKh7GZC4FHe7OXg-HtU-aBz9OO34vhczO4Jk1zejMYc-0a_fB-kMfgw4kxZ6aIKrYbnloA0z10xKgVWmNo6reqJTUjegnHoMRN2gWlVmlfgFWzj1ZeNREK9ewRnB6_f9JKz9iweDSytbONRaw5cvj5I0TAKx4lJdftJ8KUHehPtrtOOCcV9XAgldtw3FAxp5fnUBcwt4Pi4SboNRd2SSGcOczXZvfOZ09rU41DfAP8dnhKV8sggipjZpMCqXRI_LGNINCP-be9iQbQtgtlh4pZZfTJV05IbJnLlcTYXrJ1fdSIE3HyJNcj5v8qFbmt0UD_fznnVO0Rac6a&sai=AMfl-YQBko0BSgOb8otP8PyCgsnykwmF3073etWladBcZFqdfuTH6SIuaLoIRX26iLbSCr0GmlmFY4wL2LLZH_PATC9Ps_NMckiuJrvla3bOaDfpT9w0sThuY_SmxO82UGUVftGdawWEGifXgOVjyAriZx7WOOB1vsB_d2wX97WER3JPgcoRNxzkWhMu3lO2XBD4IDCYAIbKVasVOG5k0jqlv4_9fSRKFVm_VcqLGOuq0xSFlErTNSUIrvvcXpB1rUCYcndd9b5tDp3XHg&sig=Cg0ArKJSzHjRx-aodrXYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=928&cbvp=1&cstd=925&cisv=r20221207.42833&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:41 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L... Frame 527E 		1 KB
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6kX_SzSOrn8QaDenfiXKg7RQOFeg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
5f5bb77a056c5ef2c413be10a3e5dba9a2d006b1f7583bb0c5fd13c01efb176e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
720
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 20:02:20 GMT
index.html
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		54 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
660a8dc82214d5858e65e10bb41d39d905c7cca6773840de680ec31a85d61552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:41 GMT
expires
Sat, 16 Dec 2023 01:02:41 GMT
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0A9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv66y79Nh1pqF70-ABp5AaO5L9Nn9hTk4EbpaZgxS-C_G6tZndYGrH8ACcPMiX4b02Ca5KR6L4KmdGdfELWHVw3OXvqXHdXoehhZkETFOkb2i3JixgSSAYyYpenL6W13oAmwUZhDxnC9q3qkWytgEelHL9KO6YoVaAoEQdC2PAm6kjfkEsR4q7CHU24KzMFmk0mTC1djSFuMN0fsLMLQIIvwe1Azr2jRCkG-BODBboUe9zdhcMUCXdLDp14NO1sCQzAbRuRTBZP5r3Q3sE0Z7nng7gEpbqtMKlRgihECS9wPIOLsW6wJ0Thj2OYkYkS92Pd-WDZEB8OU6nMvATZRLa1_XrgdHqCsWb-npUOm87meb84FY3_4-8mxNdYmNbv9nXdB4Ou8uAmE3LyJTEuDm8k1fm1FMQpUA5f9RvTwIsLKJSelehBm9qWWwlPq6t-44xCyprpqXOGR3eyN91XNU9pc3Og7MOqshSkfzYOzEc4YuRaMD1JnqXwcYws6VirP2o_4jyP8HmzBRoGi2vQHJvZyzYmiJHoK-DljurpAQYP9P8p6Maig9FEGQjCCh05O7VEt1y6KM5Oj7UNbEKNezHKuhqAf7gO0KRCBCcmoCL3XYzm-LvGPi0Rur4-c4y4_diq1VHyNUyAl9zhXMChqeIKDARtG0vYnJcWjZjhgrcijCPS2C3y-17ceAxancOFVsQgu1dn0MXKEDZU66WZEi3Au0umPaT1aMjGXM6-ukYevovJ0kfQ09nN_BcYmcSmCpGVecUMD_xYjBuQrG_4YhU0E-LOWAfkow2sPOsee8Ex89ZJAKewIj9TSDKy3lhjGnlpNTKIKB-H5c-tg6c7eUQsd14vn4LzqXyQFgAPxX5e5Fm1vZWjhyBW_YEaQYuRw37-CmNLt-qp-lNKo7L2RpaFtv1TEFIVZFYlISZD0MerpX90YCYELeYFIkU1RiLi4AwzN0boh8IUggLk4NsjRYFypFPs6d_J1FaKQWzOSISqy0ATW-ebpOFClOuOprXbn_NnI5EOMwbJryvNoRDj1gBx9U-KEKrhPzTFOHjKGUaicBxNkRa_1Ijx2kajb2AuGuocFj2yWSQUMzftKqHB4ym2acyLEocK9K5QuV8Rj9N7z8SiBk6iubkw6Q_APxozDgI98wp7zKm_MLXzlIzqS_mWAqK2J_8omcrRydB5kGMDnBQOT5aFPhPttQBdDMaHFvE3WlBwWHTpBpoAOIWdQnqqCZyrjXj93RLNs_Q&sai=AMfl-YTlyOaqw2WS-DR22qodQ2GrgHjLewFB47PRJ8b0YarKt-8zUJkQ2pw-7MAlLOQELe9cXsOdCQaX8sSdK0VN8OjBY16dnVEbVOR___bzZuW77c3SQzk_kB5y5T_V9-JvlCGkL8LiOaxqkTpHPy7M7Y5_k_NNPUjh7QTa_ibwgCt7gxi2jub-ddmIqNZksfRboaXjPJcoqMVuz9kfzkrl15SWkfuytTsvpWAL9R9WyYQgW_cJLmxT1p8mqhfmcWg2mYz0j9KbAmJ7_A&sig=Cg0ArKJSzAcnsM66hlwPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=870&cbvp=1&cstd=864&cisv=r20221207.73816&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:41 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L... Frame 527E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6kX_SzSOrn8QaDenfiXKg7RQOFeg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
b032ed408addc320b41193f87997359459c055f376586c6afb87d032088f1d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:58:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4049
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 19:58:16 GMT
log
play.google.com/ Frame 527E 		131 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 01:02:41 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 5078 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:09:41 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 527E 		587 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-8699418273214755987&bl=boq_subscribewithgoogleclientserver_20221214.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=3762&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f102.1e100.net
Software
ESF /
Resource Hash
cc486c7f61b888b656b69b9ae14f8726a9164bef4cd0663b350549f9500e7b2c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame DCD6 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-67.sin5.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Dec 2022 00:51:22 GMT
content-encoding
gzip
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
680
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=17720
x-amz-cf-id
hpdvbLuIr80xeLOAixOCG39Y9F02pk8e4yEyo39funH8uXEJi895MA==
collect
px.ads.linkedin.com/ Frame DCD6
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671152561452%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 254CDF80D4AC423DAEDBEC45B965DDA3 Ref B: SYD03EDGE1620 Ref C: 2022-12-16T01:02:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv54bb0n3yLxxQrXOlrQ==

Redirect headers

content-security-policy
default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 16 Dec 2022 01:02:42 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXv54bXV5MauT5gKd6qUA==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 219A9B5643F5488E9DBC6F62064F3B12 Ref B: SYD03EDGE1620 Ref C: 2022-12-16T01:02:42Z
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671152561452&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-67.sin5.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
14793
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 15 Dec 2022 20:56:09 GMT
via
1.1 b95596d6887b20449c59c2fc9d141c4a.cloudfront.net (CloudFront)
x-amz-cf-id
-sWIc6mZnUufMRBb17j7pAstfklQ7Eu4NByTZihHH1ZSsnO-KIiL7A==
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 1381 		2 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1671152561521&cv=9&fst=1671152561521&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
c9475223d261be9fe8a3bde503acdc72b6f1c11e85a80a35967668a194009a67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
914
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame 2CA7 		0
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918
adservice.google.com/ddm/fls/z/ Frame CBE2 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPqAi7b4_PsCFQkmtwAdjRUNNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9067238677658.918?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782
adservice.google.com/ddm/fls/z/ Frame 9372 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CI-Hi7b4_PsCFenHcwEd1RkL2g;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=208051172129.13782?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A8A2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
18.142.1.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame A8A2
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=34rf44qKhLPEi4fn0dvLudiB1bbE2t-32oi9lEDG
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=34rf44qKhLPEi4fn0dvLudiB1bbE2t-32oi9lEDG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=34rf44qKhLPEi4fn0dvLudiB1bbE2t-32oi9lEDG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A8A2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0o4tx5321P5Z7A5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0o4tx5321P5Z7A5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:41 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-073b79ef04ecf1c9e@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=0o4tx5321P5Z7A5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame A8A2 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.63.116 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-63-116.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame A8A2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3350514596490154961
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A8A2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Bomd6Ptx1kVhja5_RY8u&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2QTPNVSDM...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Bomd6Ptx1kVhja5_RY8u
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Bomd6Ptx1kVhja5_RY8u
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=Bomd6Ptx1kVhja5_RY8u
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
dpm.demdex.net/ Frame A8A2 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0bd9283ab.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6/DJ0mU7TvI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame A8A2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE_xk7HN4cAACDFjDf7ZA&expiration=1672362162
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE_xk7HN4cAACDFjDf7ZA&expiration=1672362162
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAE_xk7HN4cAACDFjDf7ZA&expiration=1672362162
Date
Fri, 16 Dec 2022 01:02:42 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame A8A2 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5vDrZW6IKsKO5fjEthZcwAA%265318
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
9085
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77a37eb93926aad7-SYD
content-length
43
expires
Sat, 17 Dec 2022 01:02:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF2E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bm4JysMObY8_1BYSVrQGjiY3YAQAAAAA4AeAEAg&bg=!c3ClcDTNAAYgquz3AKo7ACkAdvg8WoIxY76lXoJuT7ufqI5ysok3BnsNFFtf5kgSFpDwxO-7Bs0KMgIAAACXUgAAAANoAQeZAy5WLQXXLZxoNGHRZU3T6RODrkr8PkD2wrSw196izqQ-aT-kWUMJu5Fs0SUn-DHqtvgmxsapm-xDKp5rAjdx6lqwqXC11hgg4s6tv9cOtfP930IKP_oUMRhn1wGc2nHXdfEuJdA8YwU8CNNgUffeTe7ZlMSW08-R0AQ4JkU-e-mvo6qqR_0IYGu8htzxak9ooZG_TRpKVrv64WRJV9T-jUID_Hw4b2YArqtSwvjmWLP3m-DCU3LpASATPtgo606e5beVNVC355OWxAlm188IWJI6zPK2ekjo_-sNNzYOBG6IGJikuuXyXgFxUfIenpJfk0QEA9sNDPc5r3XbzIslshd5xl6V7LgemdKMuTaUodq3Qtv_88-JDBnFfRWhctlFqBODOA6QNaPl0Q7f53sKQh5P-90-MiCdxCdOJFeNlE1NYPBm5eLSrlOpGi87wZaoBKbCqs8XZDQpAGifLO4S0d-xn_3dmwm8jA65GUdrJlsUAYnb3WUm3nMvcNC8mCgE06iEHfWuJTrBVTkz7hqcJCGBzSZR8C_9VtcLo8t3zzYTdp8zyZam1UlNfBPBX0Ka3RHwjgZfKwwOAElFS4JaFxxRdKHENDFs1SDS9qisAcnwdX_lepMnNF8kHk8TmOIp8iiu54J9XumD-ZOiKQCul2a8E0X1lZsjP07la2oByGH__SzlbDQQ0nP1TSWilZrgrZeNnsUxSyNWT9NHJFxGfyKUicprPRvuLtFNUmEi0mq9xsaOLH_08nJ_oKLvJ-t7Qk69ZVuEsQcyYPewjOSEarm51DlogUYyGf012W1ncOgWQJ5RZM07iKiFs_CRhFb5G8WgGbTDHYil_xHM6SIulVwdrfJZrw7eitVjqmKbdsezkI5weV_ShFBjpMJI_q8GRDEWWvgcdCKvhAndcRP6sOC5YBbQKExaHuJezgbXzeR-11ATgs6HbO1ZxI9SyW6xpPvxbddCkykfuRbCbIDBk6B0lrPAvsu1Ybrt82Sw5u2i6KCGMSprRFi0va9Gx7qbSa8oKex638GOG4_A7bA2I44wY9TIFWmkjtB1k9VuicOg9fRHc8RYod_bj1TH5zCc
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L... Frame 527E 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.jCimPxV4fxw.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6kX_SzSOrn8QaDenfiXKg7RQOFeg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
8414011837a539aaa74cad2dbddd587411887434b00d084740c0564639315b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:58:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44087
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 19:58:16 GMT
adsct
t.co/i/ Frame DF89 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f58b63a9-bee2-4c58-93a0-75b745720a56&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=66c26de9-6c06-4c45-8383-ffa9060dbac7&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
162
date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
6be923bec7365b7a
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
3c8a590f261054f0ee702d9be49cb73c376cfb25f23134ad60810cc1dab04656
content-length
43
adsct
analytics.twitter.com/i/ Frame DF89 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f58b63a9-bee2-4c58-93a0-75b745720a56&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=66c26de9-6c06-4c45-8383-ffa9060dbac7&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
145
date
Fri, 16 Dec 2022 01:02:41 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
c8773246b9b9730f
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
52ea6ec9737e0f5329a0c536b2240b751e03a5fcb1e60818d831b41a80ed6221
content-length
43
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
log
play.google.com/ Frame 527E 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:42 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 527E 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:42 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 527E 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:42 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 527E 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.wqDTgwtlgyU.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI46NsFLfmxLNRTzoI_Ij08bHgGfAw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:42 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A3BC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXmmrizEDjmB2cxyQOmzWrHYNM6o7tlfJ2sX-nGhA4nBHa5i99dNb16IZPp8wYDj99VdWD-OFNaDLjQZk-1xvPd0Lw6tCR50MZ4La95HOIsLBzqzQI0qK-wkwsGjekowEKu18&sai=AMfl-YRZDrNAriNVYLh9RvLp86ohWwO_T7Nrtc7Kv4tY9jTXI0--VogTar1opeCk0UjWHhd-jRLurVOccLH0tGSgMlXZV77rydzzqXbHVsd7K7AMpFgfXJbhiN0954eqeM0&sig=Cg0ArKJSzMg70Hj4VDCMEAE&cid=CAQSPADq26N9v8Nv7u6dpoPetehb_SKREIPDwkrOEAPppYnv-KUdDHkPmg_qqEhpIKQ9TgWAAMunwnQFirBhOBgBIBM&id=ampim&o=1123,622&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1025&mtos=0,0,1025,1025,1025&tos=0,0,1025,0,0&tfs=1224&tls=2249&g=96.33333086967468&h=96.33333086967468&tt=2249&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.221.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-221-153.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
/
www.google.com/pagead/1p-user-list/859754747/ Frame 1381 		42 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1671152561521&cv=9&fst=1671152400000&num=1&guid=ON&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=4055768472&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 1381 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1671152561521&cv=9&fst=1671152400000&num=1&guid=ON&eid=376635471%2C375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=4055768472&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5078 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-mrksMObY9u8B8HoyAOW95LYDQAAAAA4AeAEAg&bg=!jo2ljcnNAAYgquz3AKo7ACkAdvg8WrBmNuVElhJhV4-yg9z-SXu9pQyoCROy4t3KohVFFbcT3vsBKwIAAACBUgAAAAJoAQeZAyY3GxXYOxbSTB5jRg5ERKeKfKvBuj97IN-nxoyaNB_bb0nz5J2LnUgdGnrbVZ-nB3Qq4WMUhXeKaEhKBIx6FR_Qo9x0iWDpJUfx3czV0erO_KMMBnryjgRGilIN9RErwVQJzAjHQP1etihiiSjqo6zu_rqrE5ru0fbB3hJQhFZRbZhBGrO3om0sMe85iWMbDBdOBOPyiNIWqGkQ_8mCvZGhEjTWD-GEqVbozpPjyoepNgNxNMXjoKXZCJqLgS80LhsgCqs_Rii-8Xb9hQWc-PREVo2mpv5UMxQHyyV7L_SmG7Lw3Kpjuwu3OLI3x3zNHzxV7ADG-F_Jy5cBmjeZsVYnTmzcEmNC18cIldidKklWLVrGN4bP3Sxnkc6k9NpU4zaLg-2kEzLxqnEsVRC1aLIjdEPzjUjrHTuXbgPTHPa6XTfs290j8N5wr9f4ox2QiuKZeSzQe1yJ1R5Qq5rgs7Wl69eqqYhbsZLxC3XTdVVY6YN1Iznw1ZDRBlr1OGYxUCLzmEsCdFmNDCe56-Zq_CnyODLo8sD_WjxiLlibPw7GM2rafbnJJvmdyXD8C2Tas5oTvNBSKp6jMH0LxVmfF4-naW1zyyQwKErErQ9AVTVRuLUsBKi6klsipywq63Egs3Nnl8rTEI0iNdKTmsAzvhhVrqvGrajblTcOccZOsTQeXsU2SnkkBw6w61Gzi0u56Fpne1g20QyG-V2OeBLksDiJAihE-ilsOolJABgHHZ1aTIQAB6w_i_1Ypwl0DDeUQG9EPCL5YcdimVXWxGBj5NVbpygN-CXYECisqhi9sYbyOMgdFlZsk_zpn2TLJ7NSCk_3EwpKDh7EwEgJcMxceuqV3i796guvOFsaTClcZDUh2ETxb3r0QLzbO9_Z8R--XzytFVtDrFXNG-PpZRSzP91doa73KMrvbcEAvVQOIVJmuClOZClXIB2gExF_0mbgPaKtfWUe7df9Xo72VlF0jdZgsxPoqyVthg_OmVIYb6hHbWXH5pz8HIHf3SV_bYeeIlNPYCfZ_LNsCjpGYI_Mxp9zSCHhz-uE1fGRD9OjbpvmM7Ul1gFOeA
Requested by
Host: 3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
URL: https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame ACEC 		797 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2be62e5b385bc1125068a072d22b47073fe2ddf62a983d16fce5df7808fe309c

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 87DC 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1671152561812&cv=11&fst=1671152561812&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1650893494.1671152562&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
daf9c2ca70508348c1d7ba059a1206ccab4c8dcc59c864e5d2ac0684ddd0a515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
858
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame 9FA4 		797 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2be62e5b385bc1125068a072d22b47073fe2ddf62a983d16fce5df7808fe309c

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:42 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 0210 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3024365137707366032/MREC_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3024365137707366032/MREC_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 03:04:28 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 20:48:16 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6289
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
googbase_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 20:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 20:48:16 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3136
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame EA2F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:18:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 03:18:47 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4427
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1355
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1725
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2038
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1485
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 9450 		2 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1671152562097&cv=11&fst=1671152562097&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=1650893494.1671152562&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
c3ab4028d53f3f3c6e4303c9eaeb360c1b036bd755ce608216cb99539a1dee51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame ACEC 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 19:46:20 GMT
Via
1.1 9f7a987f61c1e9f7d25cd5462f22a14a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
20395
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
qLdB5Bddn-q3qHXiUJIZLp62Mvx8h8rA_xAT_kK142WPi-4UoWr1Ww==
sca.17.6.2.js
static.adsafeprotected.com/ Frame D70D 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-15.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
1539280
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ZTFU3GWC34aB-e3NGJ-FHlgMwTZDCWXtgC4f1hPSguhEASEc_jE17w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=4857565153&chanId=171638111&placementId=5329951885&pubCreative=138306973687&pubOrder=2678049062&cb=1851874928&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:590a351a-eff1-4331-9753-52a8bc78ea3f,c:wUVdxC,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-7kt66,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:310.3.980.300,am:i,cc:310.3.980.300,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1118,mot:0,app:0,maw:0,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1149,oid:56ff1eb8-7cdd-11ed-a860-16976116f8e3,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdxF,pingTime:-8,time:1151,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1151,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:310.3.980.300,am:i,cc:310.3.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B29~100%5D,as:%5B29~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
t.inskinad.com/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.inskinad.com/rec
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f121.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 01:02:42 GMT
via
1.1 google
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-length
0
content-type
text/html; charset=utf-8
rec
t.inskinad.com/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.inskinad.com/rec
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f121.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 01:02:42 GMT
via
1.1 google
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-length
0
content-type
text/html; charset=utf-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame B554 		529 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjnhgIQ18aUAhj3w4DSATAB&v=APEucNW-ZodWgCjf6x45QMPuyUc0lEN0JcYqSOEXLDnEKO-yRiRwp8dRB9vARl_b8M6WpDXUQ85Uw2ZqRDB-ZezpdznsHOmv3g
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
388a1ecf6a0486415083da26b9e5bb4c5550201a8d1a8a79667a9fd9d8933b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
206
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F519 		29 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUdDjzQnnpF-Q6eXOIdqkZg5QCjx3pfQ91s_zctT54vDXkLL72KORDvJhlzjYqa8GRs4ckBsbrNDRceg-wYTuw4g4Xy2Cv8wN20k7BQibg_W9rMMcdxyXEz_h8C5SdxRzWzwqXFAM1oUfS_ui95KAHc2QCY2gFhWy_VdcBm-8mkceApXE&cry=1&dbm_d=AKAmf-BjF_i1QcmOibAzM-9hDwm6_GVvA_TFujQrwTT1FAWHqMDi2i0jRod8inqWayTLmq7L1R3YnNB-NBhdvMrQyIv8sJHo4BlYnvXp1BytS8Q6rGIPRei6HTRK3g4sndhShQ6WTegFrGPzBPA9R5pQNDr-mefFQu_ByNvhYumdaDOdVcvwyvxQj5blt_ijum-7U8bCxwAUY1fi4No_q7mjRwEh3ndlKEwfMlLUsHvYICECQsbPb3_kKqdhVLFKAPK7Xd9Kuv15dWsMQjTk22OqfndezL4bPG8ikOScffz9ERW_oqd3-qbyJnZiPanCROiWzYAfQ1oxTy5PClxoUcV-mGZ9z0fYc0Kx41FgmpE0ICmtRgBr3IPjT0999Ds1UA01sDWmEDCxlFLfHIksD67MDXP35w1JK-Nr2pt4Kdq4TKgyXW-VIXLr71oL5Sw7oInStvW88Tt9YiVc0Sm93NQapna5uH_CNEVO7Kq9fVd15iAfvayq8dpjoZEGyiY7uNt2rsRwoE2AG_pJMLNJ6pNeW9JR7ZEyKRGWAt7hWPkDwZCjctO0s4RnSHgkzzZ-O-4FzFgVqS6FEJRiOHpqbXxmzADvhW7SsmCQvj0-VkL9pqDBSoNRWN0UR2M8qGWq5wjP5J95Ny5trFPNz9fs2Blx3nZfXb5UvL2-t7ilrCHYWyyHRI-92uS-le3KCPkVxVeAq88luGDKgDqsEGQbInZnd9Z7QP6rdIeoIoBp5Kc34tAjn0bNqitygX1p1Wu046ZtihmvVJT9-S8evkEZijxPWA241stZ-5etDHJa4yA3XmrULiB9nGdOSmbLbPcxK5V0cO16XnIBFe9-GbE_TFP7p5DUIJ0H2jhv61dluStHoSCCqaZP7pgQ6KnP63Jx7STAhbehr4Sv6KAFNpXuQOgpzm1VC4Rj82lrb0IS-i8y7Skny65_3a3sGTpO1FaJY188U4t5VkNoJQMPCsyXEBW-Ij4U1ql1ELoe67lgB7dgGdZLkbeJfrMZfONfyDhyVIU9NSIWncz1MUsJqZCbSiCjogm8lnYG5bFwEQVnPuS9wdxG3eIzrHMjKCl7mor4kCuP4VdDMJvp2DSeFRQqrW1PMboWDVQrVcW6Ezh5B7IX7m-809YBBYKAqmFatPPaotEtjIsfKyi2Jwzyhb7TjC1n7d5fhpuEd09XLA2UVs-1oGtjXRmiXeiXGBz6KKf9_5uNdPf_cHmU3Ol_BMtgxFO7qeb8ZwD035TnB9gkrXYaSjf-yjJAwN6jF603XYoJR3AIbwCc7YwXLU1n1NWaTdkCDSBdbsy0nSif9WLH2OSyHMQqGwjl92CiEK6b5Kr2CaOLUzdaArNcg00E9MW-PjmPUfiW3LceK_LM4xgYBBgo0j9Y4DsOM9tEZ4foAHzkxyITVfUvjySjnsmWRek4ZzQXEdpxNIcMHQLFAqnvke_aY8jPkWhHNZ-EOQOXszwv_Z5KXJMIbG3aHJM8sukI8cXvOVwXC3kaK8MBjFQcez3llFpTha3Flc1O_astiZOYTOg4mFf5LIRMdVDtqgX4xk64l6ZKuId22ZX6GVo5cxPUBqNiYfvdYSqVOemAubAWWRCEy6LEGyBoI2KMCNXShgGKdiBnzft2zQYBUgTCCWlbrXtlMrZq7PbSip4SD1bqr-zygKfWb2w1GKXLMT76O_7rN-_6JaN1O6I_2CvpN31kVTneDYkqS3aMPeVgSm0C_eFAWnE7zG442dUVYxnTQoak8hlNADivNhXnwj8CgvJCwN5lSQkR_1Y5eXu5JWGCQDw-2luAHz8r-WTt7_Toz8H2wL0bzeSpMp0BRoPPDEbCHYyngvHZsb_xMLbcu-L_fDyQeH5unjZLINDkNvqmvNZ9QttFQJvoIxe5uVac0m2uZ-Ge4HlU72ZVEP1M27nGtnRI5dcSqdjs9hJPrC2z-a0KfiW0Gi3Z-CTi5JH0flLosjqi25lE4yRQkBbPyAqqm3toOKOUCt0tXRX4w-Pzyu1EOg8LBmLnsJdGzg0unHkstjmBkvv0pg2oNWqQk30u36GPXHOwARRlBn9wRKgjLUSoBDz6ZRzWfrYQUeJPFwf0hwmW5C8TANzVnZYhmqtoIvVjApCrrl76CcL699n0ruggwNdyXLiAiGy4yxZXS_vGRSoGzJltbpasCbfM32XNuT3x66JqlqR6iz6Z5jEDn_GRrBAsMmGO2GZSP0sG8RthntViBELuC3mF8eI3_uv8vqlFLqfyRtgnd5fSNOpqGgKyXSaa9amgHm0pjdRc4hWDhn2KoZqZF03kANUvLBHUDSJEHAw-aEB9eB_NUSRvYE5cAgNOar_C6bne-ceMilMEMfZ5t1KuIwvfuAQE5RQ7i0QyULcpcx18popEVVnORq2hjTqv9ghg5lsUfyKRdCmCrKfLCY5RcKloeuQcATOY3MdZSLZVziP7LbBVhuy_waDwnv65yvvszzvnM1R-LdcmLLa-tGd2Ga1lTgu__Ocd1-2cZ08aIHctvZwPFBYjKnRKfhCy4he3qKaLbYYD4zjx0osRAbL5xdCzqTrcpXsLUJVkKrGSz3uQwCAPU_IOf78dUyprB4vG8pJdrCBxO5kPQX2z7F_xuddAJ32JwYRDfNfLtHvgQ4FWkQBS3QTZrF2mPKPJsQ29cbTh_wkoTAN6JIGjo06m2m6-gkuJTgjrYv3_1JzGfKEgDF1G5Nu6su1nI4grdA5RSfLuJfMolNZ8M9oHRTlZIg_j400uDRo4L-EhT-AdZNZnhOAR58L0i-6rtsoaQfsbIzHaC2M6LFGvHkaPjg8oQN1OMjueBFi2PcjoxyfLwv8BctjjJ_ZiA0C_wRfQZ5prU4zdkq4Wi-09bVRx7Q-8sEoIPOQY9gMg7x8JR_hgF21ORmv1F3N3z_SQr_tZSYxqTmw2NxVumBKArDcTGQmIjzIxXcj-EMldj7VUw00MWyduknXc9aM_MWdhaFbrxsW8nKNDtTI3b6A1sLxbZPI2KBIkus1NhJ-Sn4ut6S239t3Mo-fP72LkZXtdMK5j3KntRZgFUv4w0ajvQwu0oDecl7fE2-riZFvxLGt_M1WCfDEtvdYkpLQWIDmhIAXwo7ZgxeQEbgt46IPCtGkZf47BZ4wfaSFrpPRmRCRPVyWJBsGWdAnPqYWVg8Nmo5cQtkEUN1piE6XhyjovyY5egkb7mfewSZBMeLPQr0iPqxjjHcI4WlwmJQ0ls3kiCAsXk9QO-3UuPIKRfJC-O2sdy6QuMlt14OTRbHiPDMniulzd2iQuFzsrhBcAL8NDJFpNCnVHUhl0tJ5BOtZeB_oSNZLg2TGzZWeW_VcuYUH9Yuu2yWKtQaaONqF3cHsllDUeF8jpJPse7J_zi4W1BKz-u5tXsPYaZ3KJWy3h9j60rgTVjaeu_vKFXyWYKoizsnjA4TrBs5B7MYam_ge8QTiKa1_lmHSMqA23TlWL0F6sNhlBfZImLYMvVVqHG5hbfRbsXWqM3w&pr=13:Y5vDrQAAAADz30yx7sUQDigWqY6-0whCidj_7Q&cid=CAASBORo9SU&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9e77931f4d92b468ad54f75d0ba3dbfd1ef88df95025a2bc18e0478ffcd0d66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17535
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
a1627.casalemedia.com/impression/ Frame F519 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1627.casalemedia.com/impression/v1?bidID=629c71d5-99da-4c67-92d6-ee4e1aa90d52&traceID=ceds7bd5ntcfp9v3tfr0&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1671153157&ap=22.09&siteID=190133&creativeID=20876b1&pubID=184665&format=banner&channel=site
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.36.151 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F519 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjI5ApJe4VDHByi6CEK__ATSVamCgSzKtrpZdLTA8aEEr29tHfr1WTlWOmmOv_C_r7Vb5bc2GlDH0dqRCjqhO7vKGnDqs0ZTkkmKHTrKyzIi0zxU8
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pageskinexpress.js
cdn.inskinad.com/isfe/4.1/js/base/api/ 		285 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8d5f776e4123386b4b1154f341f4317b1165858ab1691ce6c03cf22fca7d1b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
EbJlCRmefJGl3PwBEH8g4_Rk.Y9sPkFJ
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:37 GMT
last-modified
Mon, 24 Oct 2022 08:57:55 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
6
x-amz-server-side-encryption
AES256
etag
W/"f530500915b4e2112f850ea32599c370"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
qae3hCfd52bvuAstBmOnK3YV-8xFI-gvsdEoTQQ26FI5NTt2YDvF4A==
async_usersync
ib.adnxs.com/ Frame 4539 		0
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:42 GMT
AN-X-Request-Uuid
a45f5348-67c8-4808-8b20-9db7d0d153d1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 9FA4 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.90.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-90-128.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 19:46:20 GMT
Via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P2
Age
20395
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
83316pZjef4W6dt3cxLvVtOiVm3U2OETE8vZZwYRga5vbm7Ra4655Q==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdzs,pingTime:0,time:1262,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1262,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:310.3.980.300,am:i,cc:310.3.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B140~100%5D,as:%5B140~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.google.com/pagead/1p-user-list/707564276/ Frame 87DC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1671152561812&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2798628652&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 87DC 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1671152561812&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2798628652&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdAa,pingTime:-2,time:1306,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:783,beZ:784,mfA:1901,cmA:1902,inA:1902,inZ:1908,prA:1908,prZ:1922,si:1932,poA:1934,poZ:1957,cmZ:1957,mfZ:1957,loA:2051,loZ:2055,ltA:2088,ltZ:2089,mdA:784,mdZ:1693%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:980.300,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1306,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:310.3.980.300,am:i,cc:310.3.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B184~100%5D,as:%5B184~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:154,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.google.com/pagead/1p-user-list/820018408/ Frame 9450 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1671152562097&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=778391738&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 9450 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1671152562097&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=778391738&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A9AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221e...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&google_gid=CAESELOBCLxxxmWDWb-Ru3bu8V8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
423
content-type
text/html
date
Fri, 16 Dec 2022 01:02:42 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
match
s.pubmine.com/ Frame 8802
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
43 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.52.14.45 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-52-14-45.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 16 Dec 2022 01:02:43 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 16 Dec 2022 01:02:42 GMT
Location
//s.pubmine.com/match?bidder_id=1&external_user_id=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp_data=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
Server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame 469A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVDW2yxYGG6eLR1PXP9BYkpab9R3T3W0iY5UwLI9iimeyrsGN3eIySPkQO_4dhaIrw1UdNOC0ZpEXMk5oaHC9GSXwCFYsgIew1oO_WH12vIVauri9Vl9gibTAPFY8Gy03LN523BDNSptyHHspt1iyxDDwzIvYyrrN9zAjrgeB3YPB6I2fW1513WIC8f_k0siR89k_raDscUAmdaRWhKaTWwtiCErJ30cP2nIziHtxcehOmmqwi1RAchbKZDWE60Z-M5bRreY3fLpVlOIYLGrNJClvGTXUwbYAT3CDX-TttExTmL_dM5847uXjuF_jaJYgddY4g0FKtVOpBBFXz84ynU3-9HWJ_iOq4Hdm75yUfY2NrJfMPB967MdnXaVyzKP1_9EyMus-F4c7QqdjOUTEIOV7wAIh4v_yR1IUNDmAN2Bmw05Br1XA6faKa9mBuJVbzypHudVAshTR2k9dyd5nsacFgp3Hp-RCUSRqrtg5Yk8uyy8_1sOy0yWAkEcT3czdJLzRGR4WTeRP-FErIzDzLbUOzGHaLNdsWvzTmff_n6i3V-OzlJJngtl2D60v1p2-VzGG3xL8furbpb3MkhNbtjYKtzoo1l6DKpmAwl8M9wHLe2YL56xBFb2lrRWDAA1od589SDhFj-P1uK6JW_bUo9B3XapO6QbzUrOTZpAjfED9B-Ipx8Jp0NVjKlEJoFWoAIfsMohB72DQwrigrTkV3UOUTpDybyF6gwVpJdRgg8gp_0r8GEbWmeMPYX03RNpC7oZnJXZ3U9Ue8IIRppbcCk8N-udawZsEiV4J5hMSLZKc_YuzL-yCniMwTvroHJEypKALFkPUrVfSIGKuQkii7x3LaHQU8oBMtbaev0sfrRLgeRQQ4Zjzz25zAQMlEO8FcxaTwO-T6vbkMMNUXLHIR8Hhjq6XYYIfxAVBfJyyxuohKh7GZC4FHe7OXg-HtU-aBz9OO34vhczO4Jk1zejMYc-0a_fB-kMfgw4kxZ6aIKrYbnloA0z10xKgVWmNo6reqJTUjegnHoMRN2gWlVmlfgFWzj1ZeNREK9ewRnB6_f9JKz9iweDSytbONRaw5cvj5I0TAKx4lJdftJ8KUHehPtrtOOCcV9XAgldtw3FAxp5fnUBcwt4Pi4SboNRd2SSGcOczXZvfOZ09rU41DfAP8dnhKV8sggipjZpMCqXRI_LGNINCP-be9iQbQtgtlh4pZZfTJV05IbJnLlcTYXrJ1fdSIE3HyJNcj5v8qFbmt0UD_fznnVO0Rac6a&sai=AMfl-YQBko0BSgOb8otP8PyCgsnykwmF3073etWladBcZFqdfuTH6SIuaLoIRX26iLbSCr0GmlmFY4wL2LLZH_PATC9Ps_NMckiuJrvla3bOaDfpT9w0sThuY_SmxO82UGUVftGdawWEGifXgOVjyAriZx7WOOB1vsB_d2wX97WER3JPgcoRNxzkWhMu3lO2XBD4IDCYAIbKVasVOG5k0jqlv4_9fSRKFVm_VcqLGOuq0xSFlErTNSUIrvvcXpB1rUCYcndd9b5tDp3XHg&sig=Cg0ArKJSzHjRx-aodrXYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1966&vt=11&dtpt=1038&dett=3&cstd=925&cisv=r20221207.42833&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:42 GMT
dv-measurements3326.js
cdn.doubleverify.com/ Frame 50EC 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3326.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.171.107 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-171-107.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e23d1ed62c982ac7ccbdbf25ce5289b23facf4631028e662b1b092f62332f4cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 01:02:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 08:24:20 GMT
Server
Microsoft-IIS/10.0
ETag
"052474ccced91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108149
SPug
simage4.pubmatic.com/AdServer/ Frame C946 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdBF,time:1399,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1399,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:310.3.980.300,am:i,cc:310.3.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B277~100%5D,as:%5B277~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cs
cs.lkqd.net/ Frame B554
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBKwrMpttXP94t4hKMJdBDQ&google_cver=1
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBKwrMpttXP94t4hKMJdBDQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjnhgIQ18aUAhj3w4DSATAB&v=APEucNW-ZodWgCjf6x45QMPuyUc0lEN0JcYqSOEXLDnEKO-yRiRwp8dRB9vARl_b8M6WpDXUQ85Uw2ZqRDB-ZezpdznsHOmv3g
Protocol
H2
Server
146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEBKwrMpttXP94t4hKMJdBDQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B554
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=aXhrckt2LW01WVE
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=aXhrckt2LW01WVE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjnhgIQ18aUAhj3w4DSATAB&v=APEucNW-ZodWgCjf6x45QMPuyUc0lEN0JcYqSOEXLDnEKO-yRiRwp8dRB9vARl_b8M6WpDXUQ85Uw2ZqRDB-ZezpdznsHOmv3g
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=aXhrckt2LW01WVE
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
tap.php
pixel.rubiconproject.com/ Frame B554
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjnhgIQ18aUAhj3w4DSATAB&v=APEucNW-ZodWgCjf6x45QMPuyUc0lEN0JcYqSOEXLDnEKO-yRiRwp8dRB9vARl_b8M6WpDXUQ85Uw2ZqRDB-ZezpdznsHOmv3g
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDa4WI_YuTY-UImQHPeeKY4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B554
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjnhgIQ18aUAhj3w4DSATAB&v=APEucNW-ZodWgCjf6x45QMPuyUc0lEN0JcYqSOEXLDnEKO-yRiRwp8dRB9vARl_b8M6WpDXUQ85Uw2ZqRDB-ZezpdznsHOmv3g
Protocol
H3
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjkzYmEzYzhhNmQzMjY2Nzc1OTE3MDIxZTI3YTkwZjEyYTFkMTEyZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame C6B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221e...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&google_gid=CAESELOBCLxxxmWDWb-Ru3bu8V8&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:42 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
423
content-type
text/html
date
Fri, 16 Dec 2022 01:02:42 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdhZmRkMmMtNjljYi00ZTNlLWFkMTEtMjIyMWViZmIyYjUx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
avd.innity.com/bounce/ Frame 7329
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://avd.innity.com/uidsync/mapuid/?pid=689&puuid=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
  • https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3Db7eee8ad-f3d4-4d07-83ce-68493bef1d3e
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://avd.innity.com/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3Db7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.81.192.134 , Singapore, ASN36351 (SOFTLAYER, US),
Reverse DNS
86.c0.5177.ip4.static.sl-reverse.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Dec 2022 01:02:47 GMT
Expires
Wed, 04 Aug 1985 12:59:00 GMT
Last-Modified
Fri, 16 Dec 2022 01:02:47 GMT
P3P
policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Pragma
no-cache
Server
Apache

Redirect headers

Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Dec 2022 01:02:47 GMT
Location
/bounce/?%2Fuidsync%2Fmapuid%2F%3Fpid%3D689%26puuid%3Db7eee8ad-f3d4-4d07-83ce-68493bef1d3e
Server
Apache
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F519 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUdDjzQnnpF-Q6eXOIdqkZg5QCjx3pfQ91s_zctT54vDXkLL72KORDvJhlzjYqa8GRs4ckBsbrNDRceg-wYTuw4g4Xy2Cv8wN20k7BQibg_W9rMMcdxyXEz_h8C5SdxRzWzwqXFAM1oUfS_ui95KAHc2QCY2gFhWy_VdcBm-8mkceApXE&cry=1&dbm_d=AKAmf-BjF_i1QcmOibAzM-9hDwm6_GVvA_TFujQrwTT1FAWHqMDi2i0jRod8inqWayTLmq7L1R3YnNB-NBhdvMrQyIv8sJHo4BlYnvXp1BytS8Q6rGIPRei6HTRK3g4sndhShQ6WTegFrGPzBPA9R5pQNDr-mefFQu_ByNvhYumdaDOdVcvwyvxQj5blt_ijum-7U8bCxwAUY1fi4No_q7mjRwEh3ndlKEwfMlLUsHvYICECQsbPb3_kKqdhVLFKAPK7Xd9Kuv15dWsMQjTk22OqfndezL4bPG8ikOScffz9ERW_oqd3-qbyJnZiPanCROiWzYAfQ1oxTy5PClxoUcV-mGZ9z0fYc0Kx41FgmpE0ICmtRgBr3IPjT0999Ds1UA01sDWmEDCxlFLfHIksD67MDXP35w1JK-Nr2pt4Kdq4TKgyXW-VIXLr71oL5Sw7oInStvW88Tt9YiVc0Sm93NQapna5uH_CNEVO7Kq9fVd15iAfvayq8dpjoZEGyiY7uNt2rsRwoE2AG_pJMLNJ6pNeW9JR7ZEyKRGWAt7hWPkDwZCjctO0s4RnSHgkzzZ-O-4FzFgVqS6FEJRiOHpqbXxmzADvhW7SsmCQvj0-VkL9pqDBSoNRWN0UR2M8qGWq5wjP5J95Ny5trFPNz9fs2Blx3nZfXb5UvL2-t7ilrCHYWyyHRI-92uS-le3KCPkVxVeAq88luGDKgDqsEGQbInZnd9Z7QP6rdIeoIoBp5Kc34tAjn0bNqitygX1p1Wu046ZtihmvVJT9-S8evkEZijxPWA241stZ-5etDHJa4yA3XmrULiB9nGdOSmbLbPcxK5V0cO16XnIBFe9-GbE_TFP7p5DUIJ0H2jhv61dluStHoSCCqaZP7pgQ6KnP63Jx7STAhbehr4Sv6KAFNpXuQOgpzm1VC4Rj82lrb0IS-i8y7Skny65_3a3sGTpO1FaJY188U4t5VkNoJQMPCsyXEBW-Ij4U1ql1ELoe67lgB7dgGdZLkbeJfrMZfONfyDhyVIU9NSIWncz1MUsJqZCbSiCjogm8lnYG5bFwEQVnPuS9wdxG3eIzrHMjKCl7mor4kCuP4VdDMJvp2DSeFRQqrW1PMboWDVQrVcW6Ezh5B7IX7m-809YBBYKAqmFatPPaotEtjIsfKyi2Jwzyhb7TjC1n7d5fhpuEd09XLA2UVs-1oGtjXRmiXeiXGBz6KKf9_5uNdPf_cHmU3Ol_BMtgxFO7qeb8ZwD035TnB9gkrXYaSjf-yjJAwN6jF603XYoJR3AIbwCc7YwXLU1n1NWaTdkCDSBdbsy0nSif9WLH2OSyHMQqGwjl92CiEK6b5Kr2CaOLUzdaArNcg00E9MW-PjmPUfiW3LceK_LM4xgYBBgo0j9Y4DsOM9tEZ4foAHzkxyITVfUvjySjnsmWRek4ZzQXEdpxNIcMHQLFAqnvke_aY8jPkWhHNZ-EOQOXszwv_Z5KXJMIbG3aHJM8sukI8cXvOVwXC3kaK8MBjFQcez3llFpTha3Flc1O_astiZOYTOg4mFf5LIRMdVDtqgX4xk64l6ZKuId22ZX6GVo5cxPUBqNiYfvdYSqVOemAubAWWRCEy6LEGyBoI2KMCNXShgGKdiBnzft2zQYBUgTCCWlbrXtlMrZq7PbSip4SD1bqr-zygKfWb2w1GKXLMT76O_7rN-_6JaN1O6I_2CvpN31kVTneDYkqS3aMPeVgSm0C_eFAWnE7zG442dUVYxnTQoak8hlNADivNhXnwj8CgvJCwN5lSQkR_1Y5eXu5JWGCQDw-2luAHz8r-WTt7_Toz8H2wL0bzeSpMp0BRoPPDEbCHYyngvHZsb_xMLbcu-L_fDyQeH5unjZLINDkNvqmvNZ9QttFQJvoIxe5uVac0m2uZ-Ge4HlU72ZVEP1M27nGtnRI5dcSqdjs9hJPrC2z-a0KfiW0Gi3Z-CTi5JH0flLosjqi25lE4yRQkBbPyAqqm3toOKOUCt0tXRX4w-Pzyu1EOg8LBmLnsJdGzg0unHkstjmBkvv0pg2oNWqQk30u36GPXHOwARRlBn9wRKgjLUSoBDz6ZRzWfrYQUeJPFwf0hwmW5C8TANzVnZYhmqtoIvVjApCrrl76CcL699n0ruggwNdyXLiAiGy4yxZXS_vGRSoGzJltbpasCbfM32XNuT3x66JqlqR6iz6Z5jEDn_GRrBAsMmGO2GZSP0sG8RthntViBELuC3mF8eI3_uv8vqlFLqfyRtgnd5fSNOpqGgKyXSaa9amgHm0pjdRc4hWDhn2KoZqZF03kANUvLBHUDSJEHAw-aEB9eB_NUSRvYE5cAgNOar_C6bne-ceMilMEMfZ5t1KuIwvfuAQE5RQ7i0QyULcpcx18popEVVnORq2hjTqv9ghg5lsUfyKRdCmCrKfLCY5RcKloeuQcATOY3MdZSLZVziP7LbBVhuy_waDwnv65yvvszzvnM1R-LdcmLLa-tGd2Ga1lTgu__Ocd1-2cZ08aIHctvZwPFBYjKnRKfhCy4he3qKaLbYYD4zjx0osRAbL5xdCzqTrcpXsLUJVkKrGSz3uQwCAPU_IOf78dUyprB4vG8pJdrCBxO5kPQX2z7F_xuddAJ32JwYRDfNfLtHvgQ4FWkQBS3QTZrF2mPKPJsQ29cbTh_wkoTAN6JIGjo06m2m6-gkuJTgjrYv3_1JzGfKEgDF1G5Nu6su1nI4grdA5RSfLuJfMolNZ8M9oHRTlZIg_j400uDRo4L-EhT-AdZNZnhOAR58L0i-6rtsoaQfsbIzHaC2M6LFGvHkaPjg8oQN1OMjueBFi2PcjoxyfLwv8BctjjJ_ZiA0C_wRfQZ5prU4zdkq4Wi-09bVRx7Q-8sEoIPOQY9gMg7x8JR_hgF21ORmv1F3N3z_SQr_tZSYxqTmw2NxVumBKArDcTGQmIjzIxXcj-EMldj7VUw00MWyduknXc9aM_MWdhaFbrxsW8nKNDtTI3b6A1sLxbZPI2KBIkus1NhJ-Sn4ut6S239t3Mo-fP72LkZXtdMK5j3KntRZgFUv4w0ajvQwu0oDecl7fE2-riZFvxLGt_M1WCfDEtvdYkpLQWIDmhIAXwo7ZgxeQEbgt46IPCtGkZf47BZ4wfaSFrpPRmRCRPVyWJBsGWdAnPqYWVg8Nmo5cQtkEUN1piE6XhyjovyY5egkb7mfewSZBMeLPQr0iPqxjjHcI4WlwmJQ0ls3kiCAsXk9QO-3UuPIKRfJC-O2sdy6QuMlt14OTRbHiPDMniulzd2iQuFzsrhBcAL8NDJFpNCnVHUhl0tJ5BOtZeB_oSNZLg2TGzZWeW_VcuYUH9Yuu2yWKtQaaONqF3cHsllDUeF8jpJPse7J_zi4W1BKz-u5tXsPYaZ3KJWy3h9j60rgTVjaeu_vKFXyWYKoizsnjA4TrBs5B7MYam_ge8QTiKa1_lmHSMqA23TlWL0F6sNhlBfZImLYMvVVqHG5hbfRbsXWqM3w&pr=13:Y5vDrQAAAADz30yx7sUQDigWqY6-0whCidj_7Q&cid=CAASBORo9SU&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 22:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
8699
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 22:37:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F519 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUdDjzQnnpF-Q6eXOIdqkZg5QCjx3pfQ91s_zctT54vDXkLL72KORDvJhlzjYqa8GRs4ckBsbrNDRceg-wYTuw4g4Xy2Cv8wN20k7BQibg_W9rMMcdxyXEz_h8C5SdxRzWzwqXFAM1oUfS_ui95KAHc2QCY2gFhWy_VdcBm-8mkceApXE&cry=1&dbm_d=AKAmf-BjF_i1QcmOibAzM-9hDwm6_GVvA_TFujQrwTT1FAWHqMDi2i0jRod8inqWayTLmq7L1R3YnNB-NBhdvMrQyIv8sJHo4BlYnvXp1BytS8Q6rGIPRei6HTRK3g4sndhShQ6WTegFrGPzBPA9R5pQNDr-mefFQu_ByNvhYumdaDOdVcvwyvxQj5blt_ijum-7U8bCxwAUY1fi4No_q7mjRwEh3ndlKEwfMlLUsHvYICECQsbPb3_kKqdhVLFKAPK7Xd9Kuv15dWsMQjTk22OqfndezL4bPG8ikOScffz9ERW_oqd3-qbyJnZiPanCROiWzYAfQ1oxTy5PClxoUcV-mGZ9z0fYc0Kx41FgmpE0ICmtRgBr3IPjT0999Ds1UA01sDWmEDCxlFLfHIksD67MDXP35w1JK-Nr2pt4Kdq4TKgyXW-VIXLr71oL5Sw7oInStvW88Tt9YiVc0Sm93NQapna5uH_CNEVO7Kq9fVd15iAfvayq8dpjoZEGyiY7uNt2rsRwoE2AG_pJMLNJ6pNeW9JR7ZEyKRGWAt7hWPkDwZCjctO0s4RnSHgkzzZ-O-4FzFgVqS6FEJRiOHpqbXxmzADvhW7SsmCQvj0-VkL9pqDBSoNRWN0UR2M8qGWq5wjP5J95Ny5trFPNz9fs2Blx3nZfXb5UvL2-t7ilrCHYWyyHRI-92uS-le3KCPkVxVeAq88luGDKgDqsEGQbInZnd9Z7QP6rdIeoIoBp5Kc34tAjn0bNqitygX1p1Wu046ZtihmvVJT9-S8evkEZijxPWA241stZ-5etDHJa4yA3XmrULiB9nGdOSmbLbPcxK5V0cO16XnIBFe9-GbE_TFP7p5DUIJ0H2jhv61dluStHoSCCqaZP7pgQ6KnP63Jx7STAhbehr4Sv6KAFNpXuQOgpzm1VC4Rj82lrb0IS-i8y7Skny65_3a3sGTpO1FaJY188U4t5VkNoJQMPCsyXEBW-Ij4U1ql1ELoe67lgB7dgGdZLkbeJfrMZfONfyDhyVIU9NSIWncz1MUsJqZCbSiCjogm8lnYG5bFwEQVnPuS9wdxG3eIzrHMjKCl7mor4kCuP4VdDMJvp2DSeFRQqrW1PMboWDVQrVcW6Ezh5B7IX7m-809YBBYKAqmFatPPaotEtjIsfKyi2Jwzyhb7TjC1n7d5fhpuEd09XLA2UVs-1oGtjXRmiXeiXGBz6KKf9_5uNdPf_cHmU3Ol_BMtgxFO7qeb8ZwD035TnB9gkrXYaSjf-yjJAwN6jF603XYoJR3AIbwCc7YwXLU1n1NWaTdkCDSBdbsy0nSif9WLH2OSyHMQqGwjl92CiEK6b5Kr2CaOLUzdaArNcg00E9MW-PjmPUfiW3LceK_LM4xgYBBgo0j9Y4DsOM9tEZ4foAHzkxyITVfUvjySjnsmWRek4ZzQXEdpxNIcMHQLFAqnvke_aY8jPkWhHNZ-EOQOXszwv_Z5KXJMIbG3aHJM8sukI8cXvOVwXC3kaK8MBjFQcez3llFpTha3Flc1O_astiZOYTOg4mFf5LIRMdVDtqgX4xk64l6ZKuId22ZX6GVo5cxPUBqNiYfvdYSqVOemAubAWWRCEy6LEGyBoI2KMCNXShgGKdiBnzft2zQYBUgTCCWlbrXtlMrZq7PbSip4SD1bqr-zygKfWb2w1GKXLMT76O_7rN-_6JaN1O6I_2CvpN31kVTneDYkqS3aMPeVgSm0C_eFAWnE7zG442dUVYxnTQoak8hlNADivNhXnwj8CgvJCwN5lSQkR_1Y5eXu5JWGCQDw-2luAHz8r-WTt7_Toz8H2wL0bzeSpMp0BRoPPDEbCHYyngvHZsb_xMLbcu-L_fDyQeH5unjZLINDkNvqmvNZ9QttFQJvoIxe5uVac0m2uZ-Ge4HlU72ZVEP1M27nGtnRI5dcSqdjs9hJPrC2z-a0KfiW0Gi3Z-CTi5JH0flLosjqi25lE4yRQkBbPyAqqm3toOKOUCt0tXRX4w-Pzyu1EOg8LBmLnsJdGzg0unHkstjmBkvv0pg2oNWqQk30u36GPXHOwARRlBn9wRKgjLUSoBDz6ZRzWfrYQUeJPFwf0hwmW5C8TANzVnZYhmqtoIvVjApCrrl76CcL699n0ruggwNdyXLiAiGy4yxZXS_vGRSoGzJltbpasCbfM32XNuT3x66JqlqR6iz6Z5jEDn_GRrBAsMmGO2GZSP0sG8RthntViBELuC3mF8eI3_uv8vqlFLqfyRtgnd5fSNOpqGgKyXSaa9amgHm0pjdRc4hWDhn2KoZqZF03kANUvLBHUDSJEHAw-aEB9eB_NUSRvYE5cAgNOar_C6bne-ceMilMEMfZ5t1KuIwvfuAQE5RQ7i0QyULcpcx18popEVVnORq2hjTqv9ghg5lsUfyKRdCmCrKfLCY5RcKloeuQcATOY3MdZSLZVziP7LbBVhuy_waDwnv65yvvszzvnM1R-LdcmLLa-tGd2Ga1lTgu__Ocd1-2cZ08aIHctvZwPFBYjKnRKfhCy4he3qKaLbYYD4zjx0osRAbL5xdCzqTrcpXsLUJVkKrGSz3uQwCAPU_IOf78dUyprB4vG8pJdrCBxO5kPQX2z7F_xuddAJ32JwYRDfNfLtHvgQ4FWkQBS3QTZrF2mPKPJsQ29cbTh_wkoTAN6JIGjo06m2m6-gkuJTgjrYv3_1JzGfKEgDF1G5Nu6su1nI4grdA5RSfLuJfMolNZ8M9oHRTlZIg_j400uDRo4L-EhT-AdZNZnhOAR58L0i-6rtsoaQfsbIzHaC2M6LFGvHkaPjg8oQN1OMjueBFi2PcjoxyfLwv8BctjjJ_ZiA0C_wRfQZ5prU4zdkq4Wi-09bVRx7Q-8sEoIPOQY9gMg7x8JR_hgF21ORmv1F3N3z_SQr_tZSYxqTmw2NxVumBKArDcTGQmIjzIxXcj-EMldj7VUw00MWyduknXc9aM_MWdhaFbrxsW8nKNDtTI3b6A1sLxbZPI2KBIkus1NhJ-Sn4ut6S239t3Mo-fP72LkZXtdMK5j3KntRZgFUv4w0ajvQwu0oDecl7fE2-riZFvxLGt_M1WCfDEtvdYkpLQWIDmhIAXwo7ZgxeQEbgt46IPCtGkZf47BZ4wfaSFrpPRmRCRPVyWJBsGWdAnPqYWVg8Nmo5cQtkEUN1piE6XhyjovyY5egkb7mfewSZBMeLPQr0iPqxjjHcI4WlwmJQ0ls3kiCAsXk9QO-3UuPIKRfJC-O2sdy6QuMlt14OTRbHiPDMniulzd2iQuFzsrhBcAL8NDJFpNCnVHUhl0tJ5BOtZeB_oSNZLg2TGzZWeW_VcuYUH9Yuu2yWKtQaaONqF3cHsllDUeF8jpJPse7J_zi4W1BKz-u5tXsPYaZ3KJWy3h9j60rgTVjaeu_vKFXyWYKoizsnjA4TrBs5B7MYam_ge8QTiKa1_lmHSMqA23TlWL0F6sNhlBfZImLYMvVVqHG5hbfRbsXWqM3w&pr=13:Y5vDrQAAAADz30yx7sUQDigWqY6-0whCidj_7Q&cid=CAASBORo9SU&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:02:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F519 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUdDjzQnnpF-Q6eXOIdqkZg5QCjx3pfQ91s_zctT54vDXkLL72KORDvJhlzjYqa8GRs4ckBsbrNDRceg-wYTuw4g4Xy2Cv8wN20k7BQibg_W9rMMcdxyXEz_h8C5SdxRzWzwqXFAM1oUfS_ui95KAHc2QCY2gFhWy_VdcBm-8mkceApXE&cry=1&dbm_d=AKAmf-BjF_i1QcmOibAzM-9hDwm6_GVvA_TFujQrwTT1FAWHqMDi2i0jRod8inqWayTLmq7L1R3YnNB-NBhdvMrQyIv8sJHo4BlYnvXp1BytS8Q6rGIPRei6HTRK3g4sndhShQ6WTegFrGPzBPA9R5pQNDr-mefFQu_ByNvhYumdaDOdVcvwyvxQj5blt_ijum-7U8bCxwAUY1fi4No_q7mjRwEh3ndlKEwfMlLUsHvYICECQsbPb3_kKqdhVLFKAPK7Xd9Kuv15dWsMQjTk22OqfndezL4bPG8ikOScffz9ERW_oqd3-qbyJnZiPanCROiWzYAfQ1oxTy5PClxoUcV-mGZ9z0fYc0Kx41FgmpE0ICmtRgBr3IPjT0999Ds1UA01sDWmEDCxlFLfHIksD67MDXP35w1JK-Nr2pt4Kdq4TKgyXW-VIXLr71oL5Sw7oInStvW88Tt9YiVc0Sm93NQapna5uH_CNEVO7Kq9fVd15iAfvayq8dpjoZEGyiY7uNt2rsRwoE2AG_pJMLNJ6pNeW9JR7ZEyKRGWAt7hWPkDwZCjctO0s4RnSHgkzzZ-O-4FzFgVqS6FEJRiOHpqbXxmzADvhW7SsmCQvj0-VkL9pqDBSoNRWN0UR2M8qGWq5wjP5J95Ny5trFPNz9fs2Blx3nZfXb5UvL2-t7ilrCHYWyyHRI-92uS-le3KCPkVxVeAq88luGDKgDqsEGQbInZnd9Z7QP6rdIeoIoBp5Kc34tAjn0bNqitygX1p1Wu046ZtihmvVJT9-S8evkEZijxPWA241stZ-5etDHJa4yA3XmrULiB9nGdOSmbLbPcxK5V0cO16XnIBFe9-GbE_TFP7p5DUIJ0H2jhv61dluStHoSCCqaZP7pgQ6KnP63Jx7STAhbehr4Sv6KAFNpXuQOgpzm1VC4Rj82lrb0IS-i8y7Skny65_3a3sGTpO1FaJY188U4t5VkNoJQMPCsyXEBW-Ij4U1ql1ELoe67lgB7dgGdZLkbeJfrMZfONfyDhyVIU9NSIWncz1MUsJqZCbSiCjogm8lnYG5bFwEQVnPuS9wdxG3eIzrHMjKCl7mor4kCuP4VdDMJvp2DSeFRQqrW1PMboWDVQrVcW6Ezh5B7IX7m-809YBBYKAqmFatPPaotEtjIsfKyi2Jwzyhb7TjC1n7d5fhpuEd09XLA2UVs-1oGtjXRmiXeiXGBz6KKf9_5uNdPf_cHmU3Ol_BMtgxFO7qeb8ZwD035TnB9gkrXYaSjf-yjJAwN6jF603XYoJR3AIbwCc7YwXLU1n1NWaTdkCDSBdbsy0nSif9WLH2OSyHMQqGwjl92CiEK6b5Kr2CaOLUzdaArNcg00E9MW-PjmPUfiW3LceK_LM4xgYBBgo0j9Y4DsOM9tEZ4foAHzkxyITVfUvjySjnsmWRek4ZzQXEdpxNIcMHQLFAqnvke_aY8jPkWhHNZ-EOQOXszwv_Z5KXJMIbG3aHJM8sukI8cXvOVwXC3kaK8MBjFQcez3llFpTha3Flc1O_astiZOYTOg4mFf5LIRMdVDtqgX4xk64l6ZKuId22ZX6GVo5cxPUBqNiYfvdYSqVOemAubAWWRCEy6LEGyBoI2KMCNXShgGKdiBnzft2zQYBUgTCCWlbrXtlMrZq7PbSip4SD1bqr-zygKfWb2w1GKXLMT76O_7rN-_6JaN1O6I_2CvpN31kVTneDYkqS3aMPeVgSm0C_eFAWnE7zG442dUVYxnTQoak8hlNADivNhXnwj8CgvJCwN5lSQkR_1Y5eXu5JWGCQDw-2luAHz8r-WTt7_Toz8H2wL0bzeSpMp0BRoPPDEbCHYyngvHZsb_xMLbcu-L_fDyQeH5unjZLINDkNvqmvNZ9QttFQJvoIxe5uVac0m2uZ-Ge4HlU72ZVEP1M27nGtnRI5dcSqdjs9hJPrC2z-a0KfiW0Gi3Z-CTi5JH0flLosjqi25lE4yRQkBbPyAqqm3toOKOUCt0tXRX4w-Pzyu1EOg8LBmLnsJdGzg0unHkstjmBkvv0pg2oNWqQk30u36GPXHOwARRlBn9wRKgjLUSoBDz6ZRzWfrYQUeJPFwf0hwmW5C8TANzVnZYhmqtoIvVjApCrrl76CcL699n0ruggwNdyXLiAiGy4yxZXS_vGRSoGzJltbpasCbfM32XNuT3x66JqlqR6iz6Z5jEDn_GRrBAsMmGO2GZSP0sG8RthntViBELuC3mF8eI3_uv8vqlFLqfyRtgnd5fSNOpqGgKyXSaa9amgHm0pjdRc4hWDhn2KoZqZF03kANUvLBHUDSJEHAw-aEB9eB_NUSRvYE5cAgNOar_C6bne-ceMilMEMfZ5t1KuIwvfuAQE5RQ7i0QyULcpcx18popEVVnORq2hjTqv9ghg5lsUfyKRdCmCrKfLCY5RcKloeuQcATOY3MdZSLZVziP7LbBVhuy_waDwnv65yvvszzvnM1R-LdcmLLa-tGd2Ga1lTgu__Ocd1-2cZ08aIHctvZwPFBYjKnRKfhCy4he3qKaLbYYD4zjx0osRAbL5xdCzqTrcpXsLUJVkKrGSz3uQwCAPU_IOf78dUyprB4vG8pJdrCBxO5kPQX2z7F_xuddAJ32JwYRDfNfLtHvgQ4FWkQBS3QTZrF2mPKPJsQ29cbTh_wkoTAN6JIGjo06m2m6-gkuJTgjrYv3_1JzGfKEgDF1G5Nu6su1nI4grdA5RSfLuJfMolNZ8M9oHRTlZIg_j400uDRo4L-EhT-AdZNZnhOAR58L0i-6rtsoaQfsbIzHaC2M6LFGvHkaPjg8oQN1OMjueBFi2PcjoxyfLwv8BctjjJ_ZiA0C_wRfQZ5prU4zdkq4Wi-09bVRx7Q-8sEoIPOQY9gMg7x8JR_hgF21ORmv1F3N3z_SQr_tZSYxqTmw2NxVumBKArDcTGQmIjzIxXcj-EMldj7VUw00MWyduknXc9aM_MWdhaFbrxsW8nKNDtTI3b6A1sLxbZPI2KBIkus1NhJ-Sn4ut6S239t3Mo-fP72LkZXtdMK5j3KntRZgFUv4w0ajvQwu0oDecl7fE2-riZFvxLGt_M1WCfDEtvdYkpLQWIDmhIAXwo7ZgxeQEbgt46IPCtGkZf47BZ4wfaSFrpPRmRCRPVyWJBsGWdAnPqYWVg8Nmo5cQtkEUN1piE6XhyjovyY5egkb7mfewSZBMeLPQr0iPqxjjHcI4WlwmJQ0ls3kiCAsXk9QO-3UuPIKRfJC-O2sdy6QuMlt14OTRbHiPDMniulzd2iQuFzsrhBcAL8NDJFpNCnVHUhl0tJ5BOtZeB_oSNZLg2TGzZWeW_VcuYUH9Yuu2yWKtQaaONqF3cHsllDUeF8jpJPse7J_zi4W1BKz-u5tXsPYaZ3KJWy3h9j60rgTVjaeu_vKFXyWYKoizsnjA4TrBs5B7MYam_ge8QTiKa1_lmHSMqA23TlWL0F6sNhlBfZImLYMvVVqHG5hbfRbsXWqM3w&pr=13:Y5vDrQAAAADz30yx7sUQDigWqY6-0whCidj_7Q&cid=CAASBORo9SU&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 10:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:22:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0A9B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv66y79Nh1pqF70-ABp5AaO5L9Nn9hTk4EbpaZgxS-C_G6tZndYGrH8ACcPMiX4b02Ca5KR6L4KmdGdfELWHVw3OXvqXHdXoehhZkETFOkb2i3JixgSSAYyYpenL6W13oAmwUZhDxnC9q3qkWytgEelHL9KO6YoVaAoEQdC2PAm6kjfkEsR4q7CHU24KzMFmk0mTC1djSFuMN0fsLMLQIIvwe1Azr2jRCkG-BODBboUe9zdhcMUCXdLDp14NO1sCQzAbRuRTBZP5r3Q3sE0Z7nng7gEpbqtMKlRgihECS9wPIOLsW6wJ0Thj2OYkYkS92Pd-WDZEB8OU6nMvATZRLa1_XrgdHqCsWb-npUOm87meb84FY3_4-8mxNdYmNbv9nXdB4Ou8uAmE3LyJTEuDm8k1fm1FMQpUA5f9RvTwIsLKJSelehBm9qWWwlPq6t-44xCyprpqXOGR3eyN91XNU9pc3Og7MOqshSkfzYOzEc4YuRaMD1JnqXwcYws6VirP2o_4jyP8HmzBRoGi2vQHJvZyzYmiJHoK-DljurpAQYP9P8p6Maig9FEGQjCCh05O7VEt1y6KM5Oj7UNbEKNezHKuhqAf7gO0KRCBCcmoCL3XYzm-LvGPi0Rur4-c4y4_diq1VHyNUyAl9zhXMChqeIKDARtG0vYnJcWjZjhgrcijCPS2C3y-17ceAxancOFVsQgu1dn0MXKEDZU66WZEi3Au0umPaT1aMjGXM6-ukYevovJ0kfQ09nN_BcYmcSmCpGVecUMD_xYjBuQrG_4YhU0E-LOWAfkow2sPOsee8Ex89ZJAKewIj9TSDKy3lhjGnlpNTKIKB-H5c-tg6c7eUQsd14vn4LzqXyQFgAPxX5e5Fm1vZWjhyBW_YEaQYuRw37-CmNLt-qp-lNKo7L2RpaFtv1TEFIVZFYlISZD0MerpX90YCYELeYFIkU1RiLi4AwzN0boh8IUggLk4NsjRYFypFPs6d_J1FaKQWzOSISqy0ATW-ebpOFClOuOprXbn_NnI5EOMwbJryvNoRDj1gBx9U-KEKrhPzTFOHjKGUaicBxNkRa_1Ijx2kajb2AuGuocFj2yWSQUMzftKqHB4ym2acyLEocK9K5QuV8Rj9N7z8SiBk6iubkw6Q_APxozDgI98wp7zKm_MLXzlIzqS_mWAqK2J_8omcrRydB5kGMDnBQOT5aFPhPttQBdDMaHFvE3WlBwWHTpBpoAOIWdQnqqCZyrjXj93RLNs_Q&sai=AMfl-YTlyOaqw2WS-DR22qodQ2GrgHjLewFB47PRJ8b0YarKt-8zUJkQ2pw-7MAlLOQELe9cXsOdCQaX8sSdK0VN8OjBY16dnVEbVOR___bzZuW77c3SQzk_kB5y5T_V9-JvlCGkL8LiOaxqkTpHPy7M7Y5_k_NNPUjh7QTa_ibwgCt7gxi2jub-ddmIqNZksfRboaXjPJcoqMVuz9kfzkrl15SWkfuytTsvpWAL9R9WyYQgW_cJLmxT1p8mqhfmcWg2mYz0j9KbAmJ7_A&sig=Cg0ArKJSzAcnsM66hlwPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2075&vt=11&dtpt=1205&dett=3&cstd=864&cisv=r20221207.73816&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=df7430288ff097c3ca5286f62c6e5efa-1671152545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Dec 2022 01:02:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EA2F 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
fffd7fc5ebaaa365061e242a63f7821daa6df68fea7970ca207f6ff2e2e7d503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5607
x-xss-protection
0
UTS_Logo_Vertical_Lockup_RGB_REV.png
s0.2mdn.net/sadbundle/5929211667122450905/ Frame EA2F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5929211667122450905/UTS_Logo_Vertical_Lockup_RGB_REV.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
9f89275e424109ea6a0404f385c6336c578dd78286b00f42694ff3b04e097f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:53:21 GMT
x-content-type-options
nosniff
age
76161
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11639
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Dec 2023 03:53:21 GMT
43898352_20221006202457172_40214%20PG%20Convert%20Autumn%2023_Background_728x90_2.png
s0.2mdn.net/ads/richmedia/studio/43898352/ Frame EA2F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/43898352/43898352_20221006202457172_40214%20PG%20Convert%20Autumn%2023_Background_728x90_2.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
d784d0651630fc713354c969ee338d657b78180c64316f788c073cfe09fd9407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 23:44:12 GMT
x-content-type-options
nosniff
age
4710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16440
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 03:24:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 23:44:12 GMT
43898352_20221006202451717_40214%20PG%20Convert%20Autumn%2023_Background_728x90_1.png
s0.2mdn.net/ads/richmedia/studio/43898352/ Frame EA2F 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/43898352/43898352_20221006202451717_40214%20PG%20Convert%20Autumn%2023_Background_728x90_1.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
sffe /
Resource Hash
726a1418ebed5a5a821de18bad244877836dd34574c59465e29326d5dc18f270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5929211667122450905/index.html?e=69&leftOffset=0&topOffset=0&c=CLA6hv8giI&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 23:44:12 GMT
x-content-type-options
nosniff
age
4710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16648
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 03:24:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Dec 2022 23:44:12 GMT
base.css
cdn.inskinad.com/isfe/4.1/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/4.1/css/base.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44388858009cfb0ba580feb459ed8e6d67ea03796ee617fd0e2a8d3c6456f034

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
rWa9i3jMrvV_JADV2TYF_TseXdhSGO5L
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:04 GMT
last-modified
Tue, 19 Apr 2022 07:39:52 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
47
x-amz-server-side-encryption
AES256
etag
W/"c29bdfba9d14aee4f74c0afe5c12c039"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=60
x-amz-cf-id
dusnhHNpQz0fcKemdumN3eDoIUZhxnH3fm0maY0lLkaLEobFlcTRsA==
rec
t.inskinad.com/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.inskinad.com/rec
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f121.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 01:02:43 GMT
via
1.1 google
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-length
0
content-type
text/html; charset=utf-8
index.html
cdn.inskinad.com/redirect/ Frame D05F 		900 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN1035863.3595311DV360-BRAND%2FB28348495.344055411%3Bdc_trk_aid%3D535481222%3Bdc_trk_cid%3D176332357%3Bord%3D1671152562746%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D0%3Bgdpr_consent%3D%3Bltd%3D%3F&tracker=true
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
58582
content-length
900
content-type
text/html
date
Thu, 15 Dec 2022 08:46:21 GMT
etag
"be5f029aae431ed80ad45333a334787f"
last-modified
Sun, 17 Apr 2022 07:29:28 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
3833eRcvLDUWxhJimdQ-wMRF_UxG38xwtyYSx54Zo1Fw2n41dKK6Eg==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
fITiEYLDPturBwy3385F2UlNlxWCb3T9
x-cache
Hit from cloudfront
index.html
cdn.inskinad.com/redirect/ Frame 3A47 		900 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/redirect/index.html?url=https%3A%2F%2Fmfad.inskinad.com%2Fe.gif%3Fe%3DeyJ2IjoiMS4xMSIsImF2IjoxNTM5NTUsImF0IjoyMTYzLCJidCI6MCwiY20iOjg3MDIxODg2LCJjaCI6MjM5NjIsImNrIjp7fSwiY3IiOjEwNDA0Nzc4NSwiZGkiOiJiNDU2NDY2OGM3MDA0ODM2YTVhNjhmZjA2MTczYzQwOCIsImRqIjowLCJpaSI6IjhjYWE1MmU2ZTZlMTQzNTNiMGZlNWYzOWFjOGU5ZjJiIiwiZG0iOjMsImZjIjoyNzAyNTYwMjQsImZsIjoyNjE1MjQ4MzksImlwIjoiMTczLjI0NS4yMDkuMTQyIiwibnciOjk4NzQsInBjIjoyMi4xLCJvcCI6MjIuMSwiZHAiOjIyLjA5LCJkbiI6OS45NDA0OTk5OTk5OTk5OTgsImRnIjoyMi4wOSwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicnAiOjEsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6IjE0Iiwic2IiOiJpLTAwM2YyMWI0NTA0YTg4ODQ3Iiwic3AiOjU5MTUwMSwic3QiOjEwODg3MTYsInVrIjoidWUxLTAyY2YxYWY3MzlkNTQ5YzdhZTYzODMyZmFlNWU0ZTE5IiwidHMiOjE2NzExNTI1NTczODIsImJmIjp0cnVlLCJwbiI6Ijk1OTI1NmNjNTkyY2NkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6NDB9%26s%3DmOheQMxEZbixFU5ti5OCM8tgDYU%26property%3Apubcpm%3D10.3&tracker=true
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
58582
content-length
900
content-type
text/html
date
Thu, 15 Dec 2022 08:46:21 GMT
etag
"be5f029aae431ed80ad45333a334787f"
last-modified
Sun, 17 Apr 2022 07:29:28 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
-VV_B9T49hiKjEiO1sn7cQA7SNFne6G3z8F8SdKk_51FNe_2PDACNw==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
fITiEYLDPturBwy3385F2UlNlxWCb3T9
x-cache
Hit from cloudfront
top.html
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 2032 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7832ebd6f5f5d0cf4edf2f59fecde879d5ff96ecc867382369f5b54c9bb3b6f

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
84263
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 01:38:20 GMT
etag
W/"57c4f9ef5a05a9a6e3d760be8eb3d390"
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
fUvJLIlJM9Rz-D7NKgSG8jkgk91pdWhKTeLfDrIrFUXbaqtdbFu3Vg==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
MsqhEjDFAizJo5.8o.jMqC37iFG.YztQ
x-cache
Hit from cloudfront
right.html
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame B9D2 		3 KB
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2eca9e148c898b2a99567087e448cfe4752b88cb2df3762f2e8aa586fe1b7102

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1175
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 00:43:08 GMT
etag
W/"eb3848da6edb4e10a276c9929530c199"
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
Qabzcn6bsElK9mi7-5bBTos0DVe4qn_KwS3yDFomfpt8MQNnHpB3zw==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
AwSxHBIcKfVontIDSK6.YmnFpYC3PsZI
x-cache
Hit from cloudfront
bottom.html
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame C991 		822 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6906b7e4c49da9f6cb5953fdf8ba7ab0012c7ca3cf898e75d0ffb3978bbe7bf2

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1174
content-length
822
content-type
text/html
date
Fri, 16 Dec 2022 00:43:09 GMT
etag
"c01ae00a969c6e1350b8de09d19728bb"
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
EFAy6G4atq0JARZbdJrBhuoGIKW6agVv-IooG-LTpndAt9qkDUXHGQ==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
KJcci9ljyE7OBlNPmuJhooD0PK34PC_B
x-cache
Hit from cloudfront
left.html
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 71ED 		3 KB
873 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
622d33c57dbb9c8b700d74b51cb51c67324b21b91eadb10b4ff60a55d1912dc0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1174
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 00:43:09 GMT
etag
W/"f49b3d8905e89035301e68accf5bffb0"
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-id
49wD5b2SstNh0edSLndAqjJYl7KWWwF156DvFOMaZZMQj99XTvkv9A==
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
brMOypKGJOijBgsMi8LZOlZ4teIAUPL_
x-cache
Hit from cloudfront
ados.js
mfad.inskinad.com/ Frame F519 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/ados.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c88b748226e610c650313f48af58dac4f3c0d4b75a5364efabc3119648771f3f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 11:42:34 GMT
server
nginx
etag
W/"6399b6aa-927f"
content-type
application/javascript
usermatch
ssum-sec.casalemedia.com/ Frame DF22 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da92990f76e53dc9937e5ba84e1b0b9efefc42cc4d3498a0c7179cc547d968bc

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a37ebde802aaf6-SYD
content-encoding
br
content-type
text/html
date
Fri, 16 Dec 2022 01:02:43 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=af93mbU4Hhci9ZoYx8My77pjTmsyqRh%2FPLGA35A%2BySDdDqjkH9No8VPSw7DDxyZnav2boEFKT7MmUbhbo%2FRYrSGOIwBX3VmvzORud1%2FtJOr%2FNyZdHvdD35iC%2FP%2FtFBS0dG8by8KXiPSw%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4351 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
42234
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 13:18:48 GMT
expires
Fri, 15 Dec 2023 13:18:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EA2F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:02:42 GMT
lib1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 2032 		194 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/lib1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
auYpBv4PFZhR3mOe1nA5ZSJH5h8jMeFF
content-encoding
br
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
etag
W/"fe55653da07bba9f2259550a21b3fca1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
82409
x-amz-cf-id
W7Z0l4QvfV5zW_OiI52vnrbsqazMyHO9-E98AbGVyuBm2OyvAy9nIA==
base.js
cdn.inskinad.com/isfe/creative/1/ Frame 2032 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5Ckyhs5FFQaRQ8BqB0ZI55lYem39GP_L
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:32 GMT
last-modified
Tue, 19 Apr 2022 07:39:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
W/"09dbbd6a4c0cbed4bc0c34ed5a3fe2f9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
u03GP1Q__2g7gE5ebAJUH8XbRTsD9VbeFuxogBXkOcvpnE5TnKe9Vg==
global1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame 2032 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/global1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6db94afe0a1449792d113b322bea941b8c64ee74fce98c6d7937aa1605dc801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JwVb1Ppjl6yzXmFobkqFJ6BPXl2q1E2J
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:43:09 GMT
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
W/"db6f076289183427a93d580fe5e523dd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CdmeDsPGrb7RhG5nH61g63xH9hryYDUmAFJxms1j_4MMZtKj7nM0Sw==
global1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 2032 		470 B
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/global1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59414a8c519fb7b6d296b9010c3e7a4199e71dbe58cb1325398c9e8b698db12f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jDvGuB0g.1Z6c0gVX2jtB5kapNto.jQH
date
Fri, 16 Dec 2022 00:43:09 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
"13abde0cc17c6ac0c74632f5695f4b5a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
470
x-amz-cf-id
p2KdBDLkJJdx-vVpTL6atIzqbv5vDRNSzSBKTMQg65hCbp2hNvYKlg==
top1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame 2032 		303 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/top1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b68c2445bf689895759a2707304ec53b54958a7878298a0916ff1dbc55f575d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Ndd76tpOT.Ejo3cwvtd4sxF.narpzOVw
date
Fri, 16 Dec 2022 00:43:09 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
"8bf9574258bbfe4be3da2c454d19bbf7"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
303
x-amz-cf-id
XfEhDJIrpwIfEKhLUzaFCcGHzHLpvYxIxq4MYiJGvhIdq9L0ewsysw==
top1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 2032 		271 B
676 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7119ef3bb90afc38ec3bfdfb86583aff2bfd03bb84d58fac47dd417d6f812cb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
LXuBWQJrOVHZamFO85v.G2zo4T0QiErF
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"8030d1bdfa4564811c472fc718498d45"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
271
x-amz-cf-id
pQWN7YEt-w7o52hZxMj0yoFHcBUnrrOi6fFNPEXNE7GlzoRIVAVAPQ==
top_bg.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 2032 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/top_bg.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df163752b4d8bc41baf135afbe06f717396422d9ea0863fcdcaca6d8a66bce27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
KHpNH3L0K53cZLbDfJHOFnofem_ca.Jv
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"db86c1a3c5741f4db59e38cd856bfb35"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
77728
x-amz-cf-id
4dGUsJT5_FQTfYupn9PD8f9RKxKUfzPa9y-zPgZZa0aoVJvmxFqtSg==
top_logo.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 2032 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/top_logo.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2379bb72d646467424f96ba9ee613e095cbcb2548533d5614d58ba3d9fc68b2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
.ME97rBw82JuX5lBeZY0HqTmnPKBCA0z
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"330c2d8a66d8e1df3159b7913782e7d2"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12208
x-amz-cf-id
YpmTSkwX8W6uiaTYmdIFOKxD8fWLmHl6qpzpIDUcR4z03z_m2MAXhg==
top_tt2.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 2032 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/top_tt2.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c826a107af5b970f909a4f22e72471eccdebfb0037941efd65832b9e1194510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
3syQ5gduK.LMSdxVNh.BH24M2vMEfNiK
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"4ed3065c0dffb3abe7aa85f0a4f9259d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
25637
x-amz-cf-id
Q6jhgRDcV5szQOT6WBfXE19ZDCm--pll32O4ErEsv0_iLZbvv3QNuA==
top_tt1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 2032 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/top_tt1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b239ae7efacc5732fa4ab49d6d1c45d8a5c06bdb182ad91ff2c75810f4ce6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
pITWuUzTVEW6ZMtUPtQ92KTXyHPnA4Ga
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"85a6dbcb6def060e7f0ca2cfb62d3e71"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12408
x-amz-cf-id
youqrows528tB2UMM_q4ONlp2whVahoGvZGv2UMlaJhQGwRTb7IDcQ==
top_cta.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 2032 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/top_cta.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f651a74a43587bb3459e2cadc705606e818c5d538a8101d5fe46603a837a5de0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/top.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6605&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
uwE7aCbARIM0SoYUI1gBVkRpQ4.uCCcD
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"8fd4cb5f1ca3788c17dbf1ae36a5d74d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2142
x-amz-cf-id
kAsuot8b2tFgRX-c-qzhhHKYNXKfWBdxd3MogLr7SrTnofhgAvKomQ==
lib1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame B9D2 		194 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/lib1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
auYpBv4PFZhR3mOe1nA5ZSJH5h8jMeFF
content-encoding
br
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
etag
W/"fe55653da07bba9f2259550a21b3fca1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
82409
x-amz-cf-id
IxxeWZNaaiap-AXsRXxFpd7JrXgzX7kK4Uk_BO780WWoYvfYqo2kzw==
base.js
cdn.inskinad.com/isfe/creative/1/ Frame B9D2 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5Ckyhs5FFQaRQ8BqB0ZI55lYem39GP_L
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:32 GMT
last-modified
Tue, 19 Apr 2022 07:39:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
W/"09dbbd6a4c0cbed4bc0c34ed5a3fe2f9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
GWoyCfsKYwXTLFbevxwkrnFcf1uh2t7FEYorrQ1Rq8zTIzuT3mr5XA==
global1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame B9D2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/global1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6db94afe0a1449792d113b322bea941b8c64ee74fce98c6d7937aa1605dc801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JwVb1Ppjl6yzXmFobkqFJ6BPXl2q1E2J
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:43:09 GMT
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
W/"db6f076289183427a93d580fe5e523dd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
N5rMgoxztvSnb8edXk3DkDlCQZ4depvE68zSRBhazgD-q6-qiRcU3g==
global1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame B9D2 		470 B
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/global1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59414a8c519fb7b6d296b9010c3e7a4199e71dbe58cb1325398c9e8b698db12f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jDvGuB0g.1Z6c0gVX2jtB5kapNto.jQH
date
Fri, 16 Dec 2022 00:43:09 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
"13abde0cc17c6ac0c74632f5695f4b5a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
470
x-amz-cf-id
B6HMs-dge8Ot10o32_RS6TFJ7rXjh3-pPZ7rzD5qpWDxNqket4xVtw==
right1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame B9D2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/right1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cdc753e5ba7e2c5d13c1cb95796dedc7f55299c3bd7ba3468b3f818f1548542

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
uIA3Wuzr5WWF2atPTqAlz6c5QKFLw9j5
content-encoding
br
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
etag
W/"a26ce21aea7c04f630814f5a5b4469f1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
82409
x-amz-cf-id
LrdRigzu4axoF18UoSI3IKzXqqmrXpfevWYI7rmDHOxgUnoqUM7tfA==
right1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame B9D2 		200 B
604 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9570357a40091ba3ffbb2696a24cfaeb6cfcb8279446427f554c824f39b7d8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
Zb5HEdL4YGaCa.9rkmSY9zcgqZ1lCQ2X
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"96cec960ed7effe4cb2a920ceaa3870e"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
200
x-amz-cf-id
7QiVVth7D9QZhuLyRb7ZKB-GPIpSjodt7XFGm5tdzrjR6LE8GsVwUw==
side_img1.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img1.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64cace7201cfab02b7717e0bc40d7fb7753a7a50d6a8f12eb3beaab778c1e8be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
pR0tlk._JeHJQdUrvfHJTY3UZPG7WxxE
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"db1b77530fab5f3de569da48ab94bd93"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
46730
x-amz-cf-id
jQslRiYI5F9ywe4Yxin3_KuipaM3RnRp9eNWdB34e-lCVB7qUqtUWA==
side_tt1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b660474ccc1f92a7110a037b4ea952b0b1237a676144c0442aa26783d8913efd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
2e5008iR6q9GKNksdJVC8.NEhRZpIvF5
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"6c879dbe3300153c2c19eed3884697a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
51635
x-amz-cf-id
MgJgw5MKVN78iM0D4FAxzoMLnZ7ODVvWQqo4pcvhYOdUfLiDF0PCxQ==
side_code1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eab819d44d4e31f5a146fbb6c57b2e12b1785592debaa76055024807e7c41c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
WokPb6fzgleAqpuQRq2csPLKSNODZecq
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"2a11c4624c4bb29362adf9856237391d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3702
x-amz-cf-id
CR_HBMtQRIPk7-O43zWAjUgTHICJwPpP5iWItSJVFNpIfnMxEyVvtA==
small_copy1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d886e5f06db2b28f635338901155e3f2514b0344754eb0b19b41c66e41b6f1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
EPEv_hPPaduKZty8HFsUytUelx_kcFhG
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"4c134ac4f7d93598ff888769d8407488"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
13844
x-amz-cf-id
Ua8kNsfAb_nlK3cPxXotsTBaR-2VzA-CJHsM6Bjv4-IVAkEujrWo4g==
side_cta1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1baca839c6fdcc5a0ce535651f0cbebd16d277c8db35bdb0e795d1bd70b14660

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
nczdRFDRjU_PG8Jj3foXMCfuuB5G76MR
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"c5f63110117c14f85fcf63ce086a8062"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2576
x-amz-cf-id
MHBfbBvdyCGAVkHj1MdUgYgsC7fxy7z51VdR36ZXRPkqQjt5K5JcTw==
side_img2.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img2.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
019562112a5138057062066d2f9e9b17780d149d5240e9c852b96464dc074c28

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
a6tFynwteuNcwBX9btbtzQYVkLuViVlN
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"0f3fca7eb0f560b7f7b69fd47122ab27"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
62874
x-amz-cf-id
WK6Qhwnsp-qkdan1IWUlwujRmGRcy_VlCKae_UlGGeLIgMozoqdqkw==
side_img3.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img3.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c422fa92e1b9ce95b859aaa8626d4785d774a350703e7cbcdc5538ab65fc444f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
QmCoprZYKpSLgjLHk4W.L.w24i0FL3vv
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"9d387b4f99d6f1339a28fb4fc9f4c561"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
73734
x-amz-cf-id
aXZltL8x4kTR5RvWDJDXEseHTVygHzDtGTthy_xzb_7L2LX1xtfTCQ==
side_tt3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a95d6ae70c98c49ecef7806386969c99bc126703c161600ebc410d22f1797a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
P_S5yTpgGnsLTS2SmaK_3QiG7fCpWdgz
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"ff3dfcc01d4afa8db6fbe54c5cfdbd54"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
62182
x-amz-cf-id
By-litsjW8kWLjB34Ura4RssrnSg0q4SersmdyamarF-6EiO6wnXbA==
side_code3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c3b4bd03e0e84bc979664bfac9e6ac5428d74672f328bcb7c4a9d965dfe9fca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jdEOE6f2F8KlvUGGRHkPDA1zN5I.yFEp
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"3348c0279f189b48e123c8bb2f9f15e6"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3702
x-amz-cf-id
Tu8euq5wFYKPer5vec9RroRbx8nlsNcVEvSqmpWDrddjRNI7oJC_Rg==
small_copy3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
277ff656120a3c04b8a24084aa4263083d465e32b6a038666ba4cb6f53ee7390

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
qtlMt0w2J029aMurY4AuHgAHiZ_6VKZT
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"7c814fe8d7fb0a799ae2d4d5d5ce2494"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17688
x-amz-cf-id
CvS9rJdsZ5zAuIp6qUdEl5nYCVepe2aYMLQO98JNAb5GIC7I9CZlcQ==
side_cta3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c17e4071ae3a93240ef40c4020dd872ff003bc7a08d17ff6c1ac19b3279ff1ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
uWY6MMI3AMMsJ7Jp1ZL0wBo_NJRcqciE
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"72d9099430b8ddf04b441d87db95ac0e"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2566
x-amz-cf-id
MnJ62-UskGMzFcBQ6HtPjPkWBDprlD0xnKqVlIyIMZJ3VjoPlJ-62A==
side_img4.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img4.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaca769dd10d9165c778b7cc84e5c084febb77bcf38e32d468285684018673da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
TvshFmmvlH1_pF__x0Q9zYdRfOXU1MKd
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"6b7a9144f4f93fbbe038126c6bbd10ae"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
65152
x-amz-cf-id
9ueSM7LBr56Fgs6Gc7-pL6MrOHPbjtfuuA2ngGVzTGsDI-1yn6KZxA==
side_tt4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6463a547b897063edcbfb12724c1ea548a260822b6b4f080549bb0b62b5a0513

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
tE1WGsJOL37PJ7csgpWiDNOw5sMu5xab
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"fd27a1e4ba881d872f9c88e85490a834"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
53874
x-amz-cf-id
yFn8AiLOUaNSnUW0YuzXxt-w9eDpl2x19uzSNpbQ3NZFDtW-HTStRQ==
side_code4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5f3a48566b4e4ae542abdb7eb092921cc44c8579431f28a6576135d061b40f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
H4.k5fZZSx84UoMTd1i4Si.kcKjPBL3H
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"a6a486ae93b99277d7267c4dbed12efc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3701
x-amz-cf-id
H5oAB2NJUfcwVnoKCMigd3H_C5lI2EBLp1I-w15-02aexYv9wLkbEw==
small_copy4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fb803428b6af4182864c0f594e0cd5659cca57d977fdc437a6799e3dfdfe2de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
k7wVl.qR0o7Da7FwRJHJHA2snQ_GOyA7
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"1e20570a5ca39cc79939f16a30a82836"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15420
x-amz-cf-id
s1gvIxa0EU6pedWLjZ2IBNiFMacTmgI_oHtP5PF9v-I71ZQEA2DgxA==
side_cta4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
380855ebf275daba0e22eca58aa784acb23f44fa4b5e3739e601a7c274e7faf0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
aDfuXCAUGVYUbjEMDrd7pgf1QBYBLs7L
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"ef50f7997ef8f7c81f7bb68b364480af"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2644
x-amz-cf-id
EyeKPfYN1EigtrUmJjF6_8Ikj9lwo7Jh5fOMQUlT2ZDi2vNEwCPwFg==
side_logo1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_logo1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1576451ff5c704e49810af7c9579a3889540e25eb8d81b200ab1ee7f1c37ed93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
CR0FKyiKiPNpJLbVDjHLmHscx1HBIFYG
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"55a0eaba831e13db072c7a9d02436897"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14442
x-amz-cf-id
o3_HF7xXLdmZ756O_wp8Wmhjxi0C7jMjuYCfekzYM79_Qh-DTt3wHg==
lib1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame C991 		194 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/lib1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
auYpBv4PFZhR3mOe1nA5ZSJH5h8jMeFF
content-encoding
br
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
etag
W/"fe55653da07bba9f2259550a21b3fca1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
82409
x-amz-cf-id
u8d8VzOdO8DXgxV8eV16txejlkiCGC4DJH5T-zhE1vc2LwaaYU5xVA==
base.js
cdn.inskinad.com/isfe/creative/1/ Frame C991 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5Ckyhs5FFQaRQ8BqB0ZI55lYem39GP_L
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:32 GMT
last-modified
Tue, 19 Apr 2022 07:39:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
W/"09dbbd6a4c0cbed4bc0c34ed5a3fe2f9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
qwSgwzbO46wBdV43nU4eb-5gHBkiQJznmc9hlqkFXtuEqnPU9mbX0w==
global1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame C991 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/global1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6db94afe0a1449792d113b322bea941b8c64ee74fce98c6d7937aa1605dc801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JwVb1Ppjl6yzXmFobkqFJ6BPXl2q1E2J
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:43:09 GMT
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
W/"db6f076289183427a93d580fe5e523dd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6hQZ2QjROn3QEr3Ckndgkpo0jIsvUU2JDTYb_o5VTXRqbk9-tePbeg==
global1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame C991 		470 B
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/global1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59414a8c519fb7b6d296b9010c3e7a4199e71dbe58cb1325398c9e8b698db12f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jDvGuB0g.1Z6c0gVX2jtB5kapNto.jQH
date
Fri, 16 Dec 2022 00:43:09 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
"13abde0cc17c6ac0c74632f5695f4b5a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
470
x-amz-cf-id
qZ4qlWRjcKcr94HbWXbbGzKMEvh0pefJFH437-HVPo_mdJFxnP_s7w==
bottom1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame C991 		51 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/bottom1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cbc0db8eb2b1b5ed89444964300b413c4c9bd1a01cd51bb04a2c44b6bf77639

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
bFVACrJ0tInlqnHQFEKRbQ8YeMRa7oho
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"c00388e098a73d3d8c1095c4dff856f3"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
51
x-amz-cf-id
z4t-nMT0osHmclD_FruKp7o5GVLpAOMOsVDa290sxDiEyOVUqTT19A==
bottom1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame C991 		130 B
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77c14b6fbc2de9907439d34fc718570d4dde1cc5ee8225f761ba5d2ccd1f9afa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/bottom.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6607&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
.QVttdMmimGZdmjGF86bwOl.KY4NYKW9
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"932fdb4005ec932d04c14cc7df569a4a"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
130
x-amz-cf-id
ubL4jeZ_G1K-AiP3IGkMu2DRACFzbGzw6VvbjUJT1afwJ9z8MkkJkA==
lib1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 71ED 		194 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/lib1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
auYpBv4PFZhR3mOe1nA5ZSJH5h8jMeFF
content-encoding
br
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
etag
W/"fe55653da07bba9f2259550a21b3fca1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
82409
x-amz-cf-id
Q14AKElyzaCiEK-VC7tmVBMHMyhzCvI-9MbOUjdio228PYI_WPq_1g==
base.js
cdn.inskinad.com/isfe/creative/1/ Frame 71ED 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/isfe/creative/1/base.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5Ckyhs5FFQaRQ8BqB0ZI55lYem39GP_L
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 01:02:32 GMT
last-modified
Tue, 19 Apr 2022 07:39:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
12
x-amz-server-side-encryption
AES256
etag
W/"09dbbd6a4c0cbed4bc0c34ed5a3fe2f9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=60
x-amz-cf-id
MHqG9ah4s1gI8OzWtLQkdEI_lA-Gmbnj6jfcAtxhmggePoayc_gMcA==
global1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame 71ED 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/global1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6db94afe0a1449792d113b322bea941b8c64ee74fce98c6d7937aa1605dc801

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JwVb1Ppjl6yzXmFobkqFJ6BPXl2q1E2J
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:43:09 GMT
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
W/"db6f076289183427a93d580fe5e523dd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
C5VW09JLWr-HQOOjOGcYqmkIto32TmtwrJiin9BfVXZI9tG9FEe3nQ==
global1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 71ED 		470 B
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/global1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59414a8c519fb7b6d296b9010c3e7a4199e71dbe58cb1325398c9e8b698db12f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jDvGuB0g.1Z6c0gVX2jtB5kapNto.jQH
date
Fri, 16 Dec 2022 00:43:09 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1175
x-amz-server-side-encryption
AES256
etag
"13abde0cc17c6ac0c74632f5695f4b5a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
470
x-amz-cf-id
oSzEjMchY48md2SbkG9kgJCqiTA0rZM8rbAhmMKKgWu2dxmPHPV9Pw==
left1636603696251.js
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/ Frame 71ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/js/left1636603696251.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2af039f6e022a063d1c540d4bd6dd75d2a5ac3f622b735855611eafe37fcaaca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
fqFqxL25Hd8v3_K9mlcDrVBaY92MKlv1
content-encoding
br
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
date
Fri, 16 Dec 2022 00:45:50 GMT
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
W/"b0c5d4826cebb3649f3c98e7feb789ed"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hPaXFsunNK4aYW_jRVYIY-3PWjh-9sgdUkA_S6hbm7XAciqhnCBMGw==
left1636603696251.css
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/ Frame 71ED 		202 B
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left1636603696251.css
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c97bf9f445c187c1969234b63918560d519b9c88581620457efec0b4ee8bc9d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Y_Su4Bn2i0hwWNN9wTlyFq_PAM6wuHzx
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"18cb9e900bff4a536b455baa825bed18"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
202
x-amz-cf-id
E15dYqy3UYWlYV5YR7vhov1b0L3zpfOESkrZMmHrXFN-ZirxqA8x4Q==
side_img1.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img1.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64cace7201cfab02b7717e0bc40d7fb7753a7a50d6a8f12eb3beaab778c1e8be

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
pR0tlk._JeHJQdUrvfHJTY3UZPG7WxxE
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"db1b77530fab5f3de569da48ab94bd93"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
46730
x-amz-cf-id
E6NF_LxIz0Xsf9uytrVH8iemfbAGh2JwPT-HHbP-CKHSEtP80A1pgA==
side_tt1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b660474ccc1f92a7110a037b4ea952b0b1237a676144c0442aa26783d8913efd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
2e5008iR6q9GKNksdJVC8.NEhRZpIvF5
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"6c879dbe3300153c2c19eed3884697a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
51635
x-amz-cf-id
FQTZl_Q_naTeYBJNksUFWXBeWIz3TLfvK57ofeB5yDb4kOMB8NGXvw==
side_code1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eab819d44d4e31f5a146fbb6c57b2e12b1785592debaa76055024807e7c41c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
WokPb6fzgleAqpuQRq2csPLKSNODZecq
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"2a11c4624c4bb29362adf9856237391d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3702
x-amz-cf-id
5BU_IMdEhnb3Gf6Du9SuX2uGhS79_6hvFG0i86h2pFlVkYBiO8XeXA==
small_copy1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d886e5f06db2b28f635338901155e3f2514b0344754eb0b19b41c66e41b6f1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
EPEv_hPPaduKZty8HFsUytUelx_kcFhG
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"4c134ac4f7d93598ff888769d8407488"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
13844
x-amz-cf-id
4R3z4lpoC1noo9b-v99CoC-KLhMgbve2-PGizXv8o-ShdJQgpzE9iw==
side_cta1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1baca839c6fdcc5a0ce535651f0cbebd16d277c8db35bdb0e795d1bd70b14660

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
nczdRFDRjU_PG8Jj3foXMCfuuB5G76MR
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"c5f63110117c14f85fcf63ce086a8062"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2576
x-amz-cf-id
liPZNy-pbGJEAlOt-p_DiSn0EW8AOsfudGQsI03XUE8twYfx7EnXxA==
side_img2.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img2.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
019562112a5138057062066d2f9e9b17780d149d5240e9c852b96464dc074c28

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
a6tFynwteuNcwBX9btbtzQYVkLuViVlN
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"0f3fca7eb0f560b7f7b69fd47122ab27"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
62874
x-amz-cf-id
wQQpbMhfN7dALzBehhwhbNOiQQOG5pEKBC7ka0H1g9-zGMSrLZyNqw==
side_img3.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img3.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c422fa92e1b9ce95b859aaa8626d4785d774a350703e7cbcdc5538ab65fc444f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
QmCoprZYKpSLgjLHk4W.L.w24i0FL3vv
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"9d387b4f99d6f1339a28fb4fc9f4c561"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
73734
x-amz-cf-id
74FzxyHUcQ_Kf-Pn-BxmM9XrwPk9bFj1LsL1elYjGna2_j5aNflhvA==
side_tt3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a95d6ae70c98c49ecef7806386969c99bc126703c161600ebc410d22f1797a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
P_S5yTpgGnsLTS2SmaK_3QiG7fCpWdgz
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"ff3dfcc01d4afa8db6fbe54c5cfdbd54"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
62182
x-amz-cf-id
MkTXc3HnR3XHH9LS2WLCdCjvXksV9iUAnhcTpCyrTeCgflfnly2YLA==
side_code3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c3b4bd03e0e84bc979664bfac9e6ac5428d74672f328bcb7c4a9d965dfe9fca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jdEOE6f2F8KlvUGGRHkPDA1zN5I.yFEp
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"3348c0279f189b48e123c8bb2f9f15e6"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3702
x-amz-cf-id
tL0bCj_uQ0yz0fZiS4-MXdUk3HLwMViaxXv7aWZFZ1opER108qDI-w==
small_copy3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
277ff656120a3c04b8a24084aa4263083d465e32b6a038666ba4cb6f53ee7390

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
qtlMt0w2J029aMurY4AuHgAHiZ_6VKZT
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"7c814fe8d7fb0a799ae2d4d5d5ce2494"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17688
x-amz-cf-id
2UbbMvSBNxC__Dv8qYBr3ceM5lgb6BA4mmfozUHoiybBu7rBJmeijw==
side_cta3.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta3.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c17e4071ae3a93240ef40c4020dd872ff003bc7a08d17ff6c1ac19b3279ff1ad

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
uWY6MMI3AMMsJ7Jp1ZL0wBo_NJRcqciE
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"72d9099430b8ddf04b441d87db95ac0e"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2566
x-amz-cf-id
vEVghoA290lq2fFodHoNZRQ57dIyQt3ddTCH3cD8HcxvEk0JUDj7mg==
side_img4.jpg
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_img4.jpg
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aaca769dd10d9165c778b7cc84e5c084febb77bcf38e32d468285684018673da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
TvshFmmvlH1_pF__x0Q9zYdRfOXU1MKd
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"6b7a9144f4f93fbbe038126c6bbd10ae"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
65152
x-amz-cf-id
cv1x0ImYCmM02ECZ4C48e1hF4asmXJdKiTJU6ANTvl-vLHIKquVgnQ==
side_tt4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6463a547b897063edcbfb12724c1ea548a260822b6b4f080549bb0b62b5a0513

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
tE1WGsJOL37PJ7csgpWiDNOw5sMu5xab
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"fd27a1e4ba881d872f9c88e85490a834"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
53874
x-amz-cf-id
lpeRdScI6XdamK2UQfH1QxsiLiddP0wIo-3kAvavCtFheyP4ZfW4GA==
side_code4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5f3a48566b4e4ae542abdb7eb092921cc44c8579431f28a6576135d061b40f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
H4.k5fZZSx84UoMTd1i4Si.kcKjPBL3H
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"a6a486ae93b99277d7267c4dbed12efc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3701
x-amz-cf-id
osnQDsN1EU93pDb37e-6QiQ1ulGD9l7SnWfyPZJXd-Y2J9m71dSDhQ==
small_copy4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fb803428b6af4182864c0f594e0cd5659cca57d977fdc437a6799e3dfdfe2de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
k7wVl.qR0o7Da7FwRJHJHA2snQ_GOyA7
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"1e20570a5ca39cc79939f16a30a82836"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15420
x-amz-cf-id
GQ1-1edubx_WPlBD6JU4diwWnxU_4ltwRVY_KVv18AaC-ukxGT4dGg==
side_cta4.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta4.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
380855ebf275daba0e22eca58aa784acb23f44fa4b5e3739e601a7c274e7faf0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
aDfuXCAUGVYUbjEMDrd7pgf1QBYBLs7L
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"ef50f7997ef8f7c81f7bb68b364480af"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2644
x-amz-cf-id
Zkb1AaB_mYLFvOV3tOaN9cvmwl0gpunRYhna-ZJmJN62j4DLJyJVWQ==
side_logo1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_logo1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1576451ff5c704e49810af7c9579a3889540e25eb8d81b200ab1ee7f1c37ed93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:09:15 GMT
x-amz-version-id
CR0FKyiKiPNpJLbVDjHLmHscx1HBIFYG
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
82409
etag
"55a0eaba831e13db072c7a9d02436897"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14442
x-amz-cf-id
axiRHNsL6P9h5dFQyWRUYYGhEXEAo9hlZHryG8fgaU-7q4pzZJclNg==
B28348495.344055411;dc_pre=CL3ipLf4_PsCFWS_SwUdQrAG5g;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/ Frame D05F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/B28348495.344055411;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/B28348495.344055411;dc_pre=CL3ipLf4_PsCFWS_SwUdQrAG5g;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/B28348495.344055411;dc_pre=CL3ipLf4_PsCFWS_SwUdQrAG5g;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1035863.3595311DV360-BRAND/B28348495.344055411;dc_pre=CL3ipLf4_PsCFWS_SwUdQrAG5g;dc_trk_aid=535481222;dc_trk_cid=176332357;ord=1671152562746;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.gif
mfad.inskinad.com/ Frame 3A47 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/e.gif?e=eyJ2IjoiMS4xMSIsImF2IjoxNTM5NTUsImF0IjoyMTYzLCJidCI6MCwiY20iOjg3MDIxODg2LCJjaCI6MjM5NjIsImNrIjp7fSwiY3IiOjEwNDA0Nzc4NSwiZGkiOiJiNDU2NDY2OGM3MDA0ODM2YTVhNjhmZjA2MTczYzQwOCIsImRqIjowLCJpaSI6IjhjYWE1MmU2ZTZlMTQzNTNiMGZlNWYzOWFjOGU5ZjJiIiwiZG0iOjMsImZjIjoyNzAyNTYwMjQsImZsIjoyNjE1MjQ4MzksImlwIjoiMTczLjI0NS4yMDkuMTQyIiwibnciOjk4NzQsInBjIjoyMi4xLCJvcCI6MjIuMSwiZHAiOjIyLjA5LCJkbiI6OS45NDA0OTk5OTk5OTk5OTgsImRnIjoyMi4wOSwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicnAiOjEsInByIjoxNDcwODIsInJ0IjoyLCJycyI6NTAwLCJzYSI6IjE0Iiwic2IiOiJpLTAwM2YyMWI0NTA0YTg4ODQ3Iiwic3AiOjU5MTUwMSwic3QiOjEwODg3MTYsInVrIjoidWUxLTAyY2YxYWY3MzlkNTQ5YzdhZTYzODMyZmFlNWU0ZTE5IiwidHMiOjE2NzExNTI1NTczODIsImJmIjp0cnVlLCJwbiI6Ijk1OTI1NmNjNTkyY2NkIiwiZ2MiOnRydWUsImdDIjp0cnVlLCJncyI6Im5vbmUiLCJ0eiI6IlVUQyIsImFnIjoxLCJldCI6NDB9&s=mOheQMxEZbixFU5ti5OCM8tgDYU&property:pubcpm=10.3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1e-i-0faf78da65fb9e7dd
visit.js
tps.doubleverify.com/ Frame 50EC 		694 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=697&ttfrms=40&brid=3&brver=108.0.5359.124&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D96C2%3D5DF%3F%5D4%40%3E%5D2FTar9EEADTbpTauTaub6e%60744efee_f_444h72a4hd742daa4_%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1896&ddur=1011&uid=1671152563117702&jsCallback=dvCallback_1671152563117845&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3326&tgjsver=3326&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=36&brh=2&sdf=2&dvp_epl=235&noc=4&nav_pltfrm=Win32&ctx=27546878&cmp=28865066&sid=8448220&plc=354557298&crt=183881700&btreg=545410571&btadsrv=doubleclick&adsrv=1&advid=12567418&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=295781551.5126528&dvp_tukv=14913099296.8657&dvp_uuid=39864.72093202588&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1268880364272&jurtd=2264171347
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3326.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d36e7e1bc34ce156418cb394e647511105f17a00d0487cf80a8efd22a0da3b03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
12/15/2022 01:02:43
crum
dsum.casalemedia.com/ Frame DF22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5255120626500132149
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5255120626500132149
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygc7ZWPuSOZ6XfkxGM%2BBDBn0JYHI8CESOduHLC5INi3TJMwRfjQZZrnaK2moUMDJ48lwHvBuyKTnMpvqJ6hDWNrA%2F5%2FjCw0SuiCC%2FPzWTmfsvW3G%2BtZ9aFhLFmiSfZIDNF6%2BWeKy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a37ec47bf754f7-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 16 Dec 2022 01:02:43 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8601939c-e670-449e-9d49-c89fefb0c499
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5255120626500132149
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DF22
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_639bc3b4257c9&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639bc3b4257c9
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639bc3b4257c9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Fri, 16 Dec 2022 01:02:44 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639bc3b4257c9
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DF22
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Server
18.142.1.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
date
Fri, 16 Dec 2022 01:02:43 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame DF22 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:43 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0XEW9JXATFHA1H91ENDR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DF22 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.142.1.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-142-1-26.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame DF22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5vDrZW6IKsKO5fjEthZcwAAFMYAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYjdl%2FAtMfe1FmlAnZGslNTIG2XQLJmELUEYGsRGCRS8vVT5JkHu%2FgH1csEypLEHef3ml75HuyMpPArL5PnTsCZ%2BW3KSjNVGJaGOI4k%2FiEOI17UhdERCNUEouPiuqeSH7CBLuLupWuxuVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a37ec2dd94aaf6-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENBoYwjzqhA2TbWp_OBJuBI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318
dpm.demdex.net/ Frame DF22 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5vDrZW6IKsKO5fjEthZcwAA%265318?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.196.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-196-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0a5c37adc.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jVx2POECT3s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame DF22
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=lriDGu9DLDtICrNmESLa&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD23DSNFCEO...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=lriDGu9DLDtICrNmESLa
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=lriDGu9DLDtICrNmESLa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:44 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=lriDGu9DLDtICrNmESLa
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame DF22 		43 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Y5vDrZW6IKsKO5fjEthZcwAA%265318
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184665&us_privacy=&gdpr_consent=&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:43 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
917
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
77a37ec18ac5a7f9-SYD
content-length
43
expires
Fri, 16 Dec 2022 05:02:43 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdQC,pingTime:1,time:2326,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2326,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:0.0.980.300,am:i,cc:0.0.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1204~100%5D,as:%5B1204~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1037,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdQD,pingTime:1,time:2327,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2327,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:0.0.980.300,am:i,cc:0.0.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1205~100%5D,as:%5B1205~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1037,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdQD,pingTime:1,time:2327,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2327,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:0.0.980.300,am:i,cc:0.0.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1205~100%5D,as:%5B1205~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1037,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdQE,pingTime:1,time:2328,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2328,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:0.0.980.300,am:i,cc:0.0.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1206~100%5D,as:%5B1206~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1037,fm:tq8xQ1e+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 4351 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:09:41 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame D9B0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:09:41 GMT
ados
mfad.inskinad.com/ Frame F519 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/ados?t=1671152563416&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A9874%2C%22S%22%3A681017%2C%22D%22%3A%22ism-rtb-companion%22%2C%22AT%22%3A2163%2C%22RedirectUrl%22%3A%22https%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%253Fsa%253DL%2526ai%253DCcE9GrcObY637CNPnnwTJzLPICZLg68dt3s__w60Q696lhqwyEAEgt-WEIWClgICAkAGgAY3p4-ACyAEJqQKQ17N5SmqmPqgDAaoEogJP0GgajrE-9XyNJMrFeeSsb4DH49t4tZTMGvof-hALRzAB1K53_IBxK4vIDNZzLkWSSi1VgcNOv5bH5gmwNN_sDOcOtenst5zt8F2EUyhlLxjQu9HD1_tjgxMapJz1PQOXOINdvz3B5uB1AQqFGpI6Wh-CjpyM2PlGJxS2wDiynNV0vPdqFq1fMAfWZUn00F8wAKuc3RKVYcCHeLuQsok9yx-E5yXjbdyYlDlmeKhGQCb8XBuD6eaHMo8MRmCajq3rtq9HKLq_5R_t8batHu8I3MRAXiVF_QAx_OPCjHEtW0kbmcFiXPwVou7rFsRoMsgm3TTeqr5edfL_DXDV0yLakl6bNsLIAB5cvOz3BJQOtItT3wHh0JgEJjkeICTvAQX1EsAE7eOIwYUE4AQDkAYBoAZNgAfblpyfAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgGEQARhfMgKKAjoCgEDyCA1iaWRkZXItMTkwMTMzgAoEmAsByAsBgAwBsBOh3bIQ0BMA2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASBORo9SU%2526sig%253DAOD64_394E6q-iO7xFjDqqp_MdUwu9FiYg%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-BWJPAWK2lsu9ZJT106UDMhbA8wjqKzH3lkiBVbOxARFD8iO02KICxipeKs6MuFwK-IhgsxU3s86zhCtSxOkdqDjXrjSphtKazakpdeu133YMbSl62xhVE1iWU4Tp6E_1KE-NjvRVB9yOS-TjpqeE4s0GJeu8kSh89QkaM2GYitCFtibLs%2526cry%253D1%2526dbm_d%253DAKAmf-ARpN4GICwA6IRjR0xjyW_1cGEK-BYauiC4vyK1qW4yWjaWPaq4wKJeF_WGy-IZ12NJh-40n9XSBO0pIG5WFCHzOeOhVIfpe7-jNPig69ECo_B_4l0iDkvWwXMHWIwz58LrrYexlBV262EtdPUjYwubKIDNgOL8haJymrMly8JW57zhyxECK61CLCx1KdrfSIVUxZl3dn2e7SywE8mYgnPlvIsD0rDwCWyF4LoHd1Ekou_o-ACi-XTBs3vVrjDalo4io9FgjoKCqlS3N-tCttDxOkAjB0I_11FwouIInv4ttNZf7sCO4GGJTCKFbysvficM4SCB7w1C5Kvy7WxS53x-1seGnQ4nf_mV0TELhWy5PPzQk-fLg8TtqhpCliiiI3dLx6Bn7mfIXSuLcwwdHtO7eCVd8RWzgp4mCpXiGziUWL_CgzHVXPnXxjcGE-h5B7cRhITo-merXA76uncjcDCGqAiXZ4VF7ydFKVkEskSa_CVVJIxkpFpbkZU1wwcyC0y9rYOisN5nfxGPxQxFx1sJceyRxmbstyzSFPRKqV4sDc7uHMY%2526adurl%253D%22%7D%5D%2C%22Keywords%22%3A%22macquarie22%22%2C%22Referrer%22%3A%22https%253A%252F%252Fwww.heraldsun.com.au%252F%22%2C%22IsAsync%22%3Atrue%7D
Requested by
Host: mfad.inskinad.com
URL: https://mfad.inskinad.com/ados.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
5d0be58980c3766431f0c9cb3d59213b6bea54384a72f23e041126e8d7e78257

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
content-encoding
gzip
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"127d-u62LoU85AASLyyajdjgQGC9lfvE"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by
bifrost-production-shard001-us-east-1e-i-003f21b4504a88847
side_tt1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b660474ccc1f92a7110a037b4ea952b0b1237a676144c0442aa26783d8913efd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
2e5008iR6q9GKNksdJVC8.NEhRZpIvF5
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"6c879dbe3300153c2c19eed3884697a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
51635
x-amz-cf-id
BZBFNBUvwnqUUZbINdS4fEcLP1yVgMnxhZv8AKUmNnTQu6-FdSfuUg==
side_code1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eab819d44d4e31f5a146fbb6c57b2e12b1785592debaa76055024807e7c41c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
WokPb6fzgleAqpuQRq2csPLKSNODZecq
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"2a11c4624c4bb29362adf9856237391d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3702
x-amz-cf-id
jvHRCP6OUIvfutw5g1j2EzhWrD9rRYr3v6BZI_a92xCh2ixuwacQ3g==
small_copy1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d886e5f06db2b28f635338901155e3f2514b0344754eb0b19b41c66e41b6f1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
EPEv_hPPaduKZty8HFsUytUelx_kcFhG
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"4c134ac4f7d93598ff888769d8407488"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
13844
x-amz-cf-id
2pNlxdD1kbPTQZB4MIkuUSKAz-eg9E-VmJJ1WBwvM3tSUSlsgQxCAg==
side_cta1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame B9D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1baca839c6fdcc5a0ce535651f0cbebd16d277c8db35bdb0e795d1bd70b14660

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/right.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6606&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
nczdRFDRjU_PG8Jj3foXMCfuuB5G76MR
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"c5f63110117c14f85fcf63ce086a8062"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2576
x-amz-cf-id
CRBkzG4KDJALCE9NhHCKH0rUuFSNX8L4zOPfh5dxHWFD2CVdzlg5Ig==
side_tt1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_tt1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b660474ccc1f92a7110a037b4ea952b0b1237a676144c0442aa26783d8913efd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
2e5008iR6q9GKNksdJVC8.NEhRZpIvF5
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"6c879dbe3300153c2c19eed3884697a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
51635
x-amz-cf-id
POQS9fWjgAIXNCM55qtRWSi53LYkctH0DyAql_S_fMcYhiiVa1bJuw==
side_code1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_code1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eab819d44d4e31f5a146fbb6c57b2e12b1785592debaa76055024807e7c41c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
WokPb6fzgleAqpuQRq2csPLKSNODZecq
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"2a11c4624c4bb29362adf9856237391d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3702
x-amz-cf-id
rvh_5rjdN6tdkIBKYT40YdsXtEbxN5PQZY1CumSRvCb_hRaaCMMMwA==
small_copy1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/small_copy1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d886e5f06db2b28f635338901155e3f2514b0344754eb0b19b41c66e41b6f1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
EPEv_hPPaduKZty8HFsUytUelx_kcFhG
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:07 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"4c134ac4f7d93598ff888769d8407488"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
13844
x-amz-cf-id
NCqxiKjmlLh_z1WmpJYce9WfoKh09GkwKy2Y-QlfMABsI7uZx9xlTw==
side_cta1.png
cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/ Frame 71ED 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/assets/side_cta1.png
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-22.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1baca839c6fdcc5a0ce535651f0cbebd16d277c8db35bdb0e795d1bd70b14660

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.inskinad.com/CreativeStore/ps/2021-11/617b2f978b37cc3d304c5672_1/left.html?xdm_e=https%3A%2F%2Fwww.heraldsun.com.au&xdm_c=default6608&xdm_p=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
nczdRFDRjU_PG8Jj3foXMCfuuB5G76MR
date
Fri, 16 Dec 2022 00:45:50 GMT
via
1.1 70fdfa773982aee8e5e56c054ca0a9cc.cloudfront.net (CloudFront)
last-modified
Mon, 18 Apr 2022 05:56:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
age
1174
x-amz-server-side-encryption
AES256
etag
"c5f63110117c14f85fcf63ce086a8062"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2576
x-amz-cf-id
oW6tCaLUdtnewuNrbJM_SjMCP-gWUEvFmbpS5LkOWZJ3VhxWPHuavA==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVdWF,pingTime:-10,time:2701,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671152563745%7C%7Ccc153ecd7fe370745ef51a889f0bc37c%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C9214c546d4502445eae8c36107fcbd68%7C%7C4be90f916d35ba3efbfd57bbd02c0692%7C%7Cf7f70cc835a46c96da61acbf2c0b35c3%7C%7Cd18cc916087192485be5d3eb8f5548fb%7C%7C16cb2ceecc4fe57c3da5cfa8ec117a74%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
c6cee913298540c4b8048b583c54c846.jpg
cdn.mfad.inskinad.com/Advertisers/ Frame F519 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mfad.inskinad.com/Advertisers/c6cee913298540c4b8048b583c54c846.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-50.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28ec36f2aed7bc17d9734577035828c8ae2fd8a6d0e66e61bf9258aa13397626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 23:35:33 GMT
x-amz-version-id
h4leE5Jm9u3HQVyu2ihwxAWqNILdaVqp
via
1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-P1
age
4930031
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
166003
last-modified
Thu, 25 Aug 2022 15:45:05 GMT
server
AmazonS3
etag
"8275a4fd98aae657e4ba10a1cd1c4ef0"
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
x-amz-cf-id
mzyJr0rD0BoRwWLyqux2vIJB0St2wb_fpsIvBfUeyrUu1u-J0mapOQ==
expires
Wed, 25 Aug 2032 15:45:04 GMT
i.gif
mfad.inskinad.com/ Frame F519 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/i.gif?e=eyJ2IjoiMS4xMSIsImF2IjoxMzM2NjEsImF0IjoyMTYzLCJidCI6MCwiY20iOjYxOTY1ODUxLCJjaCI6MjM5NjIsImNrIjp7fSwiY3IiOjEwMjkxNzUyMiwiZGkiOiIyOWJiNjU0ZmI0MzQ0ZmM0OWFmMmE1NTZiOGI1ZmI3MCIsImRqIjowLCJpaSI6IjllNjA2NGQ4YTU2MzRkZWE4OWU5NThhNmI4ZDgwOTk0IiwiZG0iOjEsImZjIjoyNjYzODY3NTQsImZsIjoyNTc5Nzg3MDQsImlwIjoiMTczLjI0NS4yMDkuMTQyIiwibnciOjk4NzQsInBjIjowLCJvcCI6MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjg5MzgxLCJydCI6MiwicmYiOiJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1LyIsInJzIjo1MDAsInNhIjoiMTQiLCJzYiI6ImktMDAzZjIxYjQ1MDRhODg4NDciLCJzcCI6NDcwODU3LCJzdCI6NjgxMDE3LCJ1ayI6InVlMS0wMmNmMWFmNzM5ZDU0OWM3YWU2MzgzMmZhZTVlNGUxOSIsInRzIjoxNjcxMTUyNTYzNTk3LCJiZiI6dHJ1ZSwicG4iOiJpc20tcnRiLWNvbXBhbmlvbiIsImdjIjp0cnVlLCJnQyI6dHJ1ZSwiZ3MiOiJub25lIiwidHoiOiJVVEMiLCJiYSI6MSwiZnEiOjB9&s=CW_gxNxfoymQxxLUtVq6wXl30L0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.162.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-162-146.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1b-i-09de673f55784f33d
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4351 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY_GassObY6-4GI3yvQTyroWoAQAAAAA4AeAEAg&bg=!cHOlczfNAAYgquz3AKo7ACkAdvg8WqZWPS3jsSPwbz3yd55xSvEO26D0aDrYzvLW-imQCypx7vtcnAIAAAE2UgAAAANoAQcKAGIeHbTAS_VsUShoBDQ6Nm6zJi2nz6_MYJWwfFIagSAZPwXbqtzG4rDbiKUuY-uIfJ5XBvZv36L1zAEqCI4kHR-ujC7kERmf0tXZlQPyUIRhVp4EEEu5uJnfCTgvnntjpWTdJJkC-2qHVE_ZCH3BVQt6DvDoump-5YbzXp-HPHkvSY7McgLixyP_7XlM0PUW2xclB9GZCC4TJKNQdMbsNm21I1p7x9ENsn-zmgOlhr7nQS0RjUeo0YnEFFj6apC-NMTvccK7SffBbZfsBwXHw10Hrj0TeD8kccMcixho2AaCfREkERPbu-IDn4il_n1z8r73dEB1Xu43BE7nuMbWgP-zx8Ui9OPS_HL6yLFoS7b7a68DhJMsxesJNC_q0cabLyOEXgIFnoZO3Q3DJinTOTR5bVpNFn-uhqDRhXkbHzYlP8nKTyh-jj--CsrSGqdOchemRFKEeYA8R7XhHlJQ9WYSKMdeFF9qyYda-sP_TZ1kM-95Krbq3v3urdcYajlwCLiuT_4MZ9fxH2Y5MaCU9lyLbzOAchUScxwL25zVt1dterrvXxVyfczQMJ2AplOzn9_7aUGXXOO6PJyK2conqIWqncxzdrM09qo6p4j_nxQdxiWvSs5e0UKoxaS3RjDcb_J4iNLcRvLqhBztCZB_Qw8d7LtG342875u-7fazxJZniVMk6mpLAN7lktjpzdJmwCgj4enZKYW2wJ37E-MH_uJojjFwyXZSVl9wgpL4j8fnm8y0QPQ5mAr4h06bXV937f5xFKwSz8fzS6yrhMNAYWGiKQEUFwhhkicPiHLtc5OhpW_ZL8hEXVZZII06nDafE1vnG4KsRODX4kDsIfImO8rMzZO09eBnviUe1MxrJiTHwLkakvxGt-zhldVkQdXzQHSXcjYeFxvVSuc-OyedXwpfKDqnkLoJdxayCEGkotaqVeWzfrp1YtGdNbv4lARtZOfoDH6vCPciesXSZI9NzBghPhaSCWVI7mHLEkG1YmWDOk8tb4kEVyTQ7Po5sacc53DtslSoCPX1Tl_twieADD1BFvrTcTs8mQ5axgSRXaPOEIYTOZYBU6vTMfTIJWGSefkBlGZ_W8wFnknzQ4BNKVNb7ZzPlmmon5BMheHG7lnk_VEpKBViurpdeyzMjvlY7dI
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatad.js
z.moatads.com/inskinmedia689754970364/ 		322 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/inskinmedia689754970364/moatad.js
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4df4233f21825d84ad4acf0e1d96589a4246e9efc030d40c609e3f3ff70b629f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:44 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:02:52 GMT
server
AmazonS3
x-amz-request-id
5V41NVBPYMZ47ESR
etag
"8164f33cacab1cfd32e3c3cf05b19d3c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=52418
accept-ranges
bytes
content-length
111531
x-amz-id-2
pnOMXrww7w1agV2B4Tsy2x9So5/JUK5/adMui96aBEAJ6hRwvopACat1QdPblT4YwIbR2RaUDNc=
skeleton.js
pixel.adsafeprotected.com/rjss/st/796404/57922638/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/796404/57922638/skeleton.js?ias_adpath=%23ISMViewability
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/base/api/pageskinexpress.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.90.192 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-90-192.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
4936baaddfab9fb35479bf4316d1adc0b85e01ec00cf3e8e2cdd96af3b03083b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rec
t.inskinad.com/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.inskinad.com/rec
Requested by
Host: cdn.inskinad.com
URL: https://cdn.inskinad.com/isfe/4.1/js/integration/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f121.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 16 Dec 2022 01:02:44 GMT
via
1.1 google
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
content-length
0
content-type
text/html; charset=utf-8
main.19.8.374.js
static.adsafeprotected.com/ 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/796404/57922638/skeleton.js?ias_adpath=%23ISMViewability
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-15.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
726679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
z-poDudBzaEEEkuNpPTlxHaz06IyhOsrGIxChQoTqKosGwfmoJOuAA==
PugMaster
image6.pubmatic.com/AdServer/ Frame C953 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30485804&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7d6d6a2814aef9b2ba67051906d4fe6b9c503543f94159d73ca482c0e03b7b47

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 16 Dec 2022 01:02:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame D491 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 16 Dec 2022 01:02:44 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2FEF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQADwQunQAAe&gdpr=0&gdpr_consent=
1 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQADwQunQAAe&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 16 Dec 2022 01:02:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5vDrQADwQunQAAe&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10175-SYD
x-timer
S1671152565.592803,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame C441
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y7bdxpggfsy
1 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y7bdxpggfsy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 16 Dec 2022 01:02:45 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y7bdxpggfsy
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame A9B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5255120626500132149&gdpr=0&gdpr_consent=
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5255120626500132149&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
896afe4e-9c12-4097-94e2-e9523774ab49
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Dec 2022 01:02:44 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5255120626500132149&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.142; 173.245.209.142; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame E960
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu
42 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 16 Dec 2022 01:02:44 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 107E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:43 GMT
expires
Fri, 16 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1451810
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 871A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4zrUV83eRg5cK_t5-Jg7Oq310Y4
42 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4zrUV83eRg5cK_t5-Jg7Oq310Y4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Dec 2022 01:02:45 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=4zrUV83eRg5cK_t5-Jg7Oq310Y4
SPug
image4.pubmatic.com/AdServer/ Frame C953
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae4639b-c3ae-4c00-94be-7376bf7903cd
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae4639b-c3ae-4c00-94be-7376bf7903cd
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 16 Dec 2022 01:02:44 GMT
Server
MT3 254 34fcae8 master nrt-pixel-x14 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ae4639b-c3ae-4c00-94be-7376bf7903cd
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Dec 2022 01:02:43 GMT
458249.gif
idsync.rlcdn.com/ Frame C953
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=868C18B6-C4A5-4198-AA13-94B96ED44ADF
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDg2OEMxOEI2LUM0QTUtNDE5OC1BQTEzLTk0Qjk2RUQ0NEFERhAAGg0ItIfvnAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=3d48afea784b7b20742ea9248e393064219d2ddc503d3fe27f8794a743bb38ee791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAzZDQ4YWZlYTc4NGI3YjIwNzQyZWE5MjQ4ZTM5MzA2NDIxOWQyZGRjNTAzZDNmZTI3Zjg3OTRhNzQzYmIzOGVlNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAzZDQ4YWZlYTc4NGI3YjIwNzQyZWE5MjQ4ZTM5MzA2NDIxOWQyZGRjNTAzZDNmZTI3Zjg3OTRhNzQzYmIzOGVlNzkxNDI2YjU0MTdkY2UyMRAAGgwItYfvnAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=fac5b1aa-0f37-4cc7-8b4c-195ba7d6dada
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=fac5b1aa-0f37-4cc7-8b4c-195ba7d6dada
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:47 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=fac5b1aa-0f37-4cc7-8b4c-195ba7d6dada
date
Fri, 16 Dec 2022 01:02:47 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame C953
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=868C18B6-C4A5-4198-AA13-94B96ED44ADF&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gzOTyDZE2uXeLhI3j6iS8H7P8GPcaD0-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gzOTyDZE2uXeLhI3j6iS8H7P8GPcaD0-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gzOTyDZE2uXeLhI3j6iS8H7P8GPcaD0-~A&gdpr=0&gdpr_consent=
date
Fri, 16 Dec 2022 01:02:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C953
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522871640278562624&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=98634a23-b404-4601-b8ae-f5ddb66f6c8e&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10522871640278562624&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=207530804367000430548&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10522871640278562624&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b7eee8ad-f3d4-4d07-83ce-68493bef1d3e&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Fri, 16 Dec 2022 01:02:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C953
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8750192507165236982
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8750192507165236982
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 16 Dec 2022 01:02:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8750192507165236982
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C953
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3350514596490154961&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3350514596490154961&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 16 Dec 2022 01:02:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3350514596490154961&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
skeleton.js
static.adsafeprotected.com/
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/796404/57922638/skeleton.js?ias_adpath=%23ISMViewability&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:e388208d-3fac-...
  • https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.226.175.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-15.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 02:33:19 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
1031367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
1Xbvz7iaR7IEvJ0D9LZTlxG9nlVlqNQLJr0EMuztpLqjzTMzfUB6zA==

Redirect headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?ias_adpath=%23ISMViewability
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 34AC 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.175.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-175-15.mxp64.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 53b16207cced8b28d8091c1ff91ffc3e.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C3
age
1539282
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
4g88Ux1FgBCOsnLZFFy00eXYXQvQAhU2Xlz8rv9klv-R0aX9Muq2FA==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVedX,pingTime:-2,time:639,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:21506,bdZ:21707,beA:21709,beZ:21710,mfA:22241,cmA:22242,inA:22242,inZ:22243,prA:22243,prZ:22260,si:22306,poA:22307,poZ:22316,cmZ:22316,mfZ:22316,loA:22341,loZ:22342,ltA:22347,ltZ:22347,mdA:21711,mdZ:22216%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:88,h:500,t:597%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:639,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~88.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:598,slid:%5B%5D,sinceFw:39,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:44 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVenz,time:1235,type:e,im:%7Bimprf:%7Bttecl:1413,ecd:611,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:1235,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B701~0%5D,as:%5B701~88.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:283,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:0,renddet:na,siq:598,sis:1210%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:45 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
n.js
geo.moatads.com/ 		112 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INSKINMEDIA1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1671152565546&de=114135335109&m=0&ar=67fa5e2a4e8-clean&iw=86d80b5&q=2&cb=0&ym=0&cu=1671152565546&ll=2&lm=0&ln=0&em=0&en=0&d=129805%3A87021886%3A104047785%3Aundefined&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=-&zMoatPT=-&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&bo=heraldsun.com.au&bd=heraldsun.com.au&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=inskinmedia689754970364&fd=1&it=500&ti=0&ih=2&pe=1%3A5817%3A5817%3A0%3A7309&jk=-1&jm=-1&fs=201243&na=248633327&cs=0&ord=1671152565546&jv=137686407&callback=DOMlessLLDcallback_44504524
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/inskinmedia689754970364/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.217.106 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-217-106.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
39b23d11b1d1e5d73a3731a4ff8d1b51c0eab5ce82eaf81c0b812ce8d61bdb4f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:46 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"a336b5c1ecd761d2755b3b99c90bb23f8dea9f84"
content-length
112
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ 		141 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.heraldsun.com.au%2F&pcode=inskinmedia689754970364&ord=1671152565546&jv=213286227&callback=BrandSafetyNadoscallback_44504524
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/inskinmedia689754970364/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.156.235 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-156-235.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
0245ba3569f3b55d21d288cc0d71949dc3bf0b557f7e4944b3e97b06cf7d8629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:46 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"0cd0a3b8b7f6a9047ef7fa92e8a09bb6a0c48d96"
content-length
141
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=INSKINMEDIA1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1671152565546&de=114135335109&m=0&ar=67fa5e2a4e8-clean&iw=86d80b5&q=3&cb=0&ym=0&cu=1671152565546&ll=2&lm=0&ln=0&em=0&en=0&d=129805%3A87021886%3A104047785%3Aundefined&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=-&zMoatPT=-&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&bo=heraldsun.com.au&bd=heraldsun.com.au&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=inskinmedia689754970364&fd=1&it=500&ti=0&ih=2&pe=1%3A5817%3A5817%3A0%3A7309&jk=-1&jm=-1&fs=201243&na=2004793241&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:45 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.heraldsun.com.au%2F-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=500&w=88&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1425&gp=32&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1671152565546&de=114135335109&cu=1671152565546&m=86&ar=67fa5e2a4e8-clean&iw=86d80b5&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=32&lb=11824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A5817%3A5817%3A0%3A7309&as=0&ag=32&an=0&gf=32&gg=0&ix=32&ic=32&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=32&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=63&cd=0&ah=63&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=129805%3A87021886%3A104047785%3Aundefined&bo=heraldsun.com.au&bd=heraldsun.com.au&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=COMPOSITE_ADS&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=201243&na=633781075&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVew2,time:1760,type:e,env:%7Bnr_p:1,nr_publ1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:1760,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1226~0%5D,as:%5B1226~88.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:267,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:0,renddet:na,siq:598,sis:1210%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVewZ,pingTime:-10,time:1819,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671152563745%7C%7Ccc153ecd7fe370745ef51a889f0bc37c%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C9214c546d4502445eae8c36107fcbd68%7C%7C4be90f916d35ba3efbfd57bbd02c0692%7C%7Cf7f70cc835a46c96da61acbf2c0b35c3%7C%7Cd18cc916087192485be5d3eb8f5548fb%7C%7C16cb2ceecc4fe57c3da5cfa8ec117a74%7C%7C1663701684,sca:%7Bspg:590a351a-eff1-4331-9753-52a8bc78ea3f%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=32&fi=1&apd=63&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=heraldsun.com.au&L1id=129805&L2id=87021886&L3id=104047785&L4id=0&S1id=heraldsun.com.au&S2id=heraldsun.com.au&ord=1671152565546&r=114135335109&t=meas&zMoatIMP=&zMoatPT=&zMoatLII=261524839&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=32&fi=1&apd=63&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=heraldsun.com.au&L1id=129805&L2id=87021886&L3id=104047785&L4id=0&S1id=heraldsun.com.au&S2id=heraldsun.com.au&ord=1671152565546&r=114135335109&t=fv&zMoatIMP=&zMoatPT=&zMoatLII=261524839&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=32&fi=1&apd=63&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=heraldsun.com.au&L1id=129805&L2id=87021886&L3id=104047785&L4id=0&S1id=heraldsun.com.au&S2id=heraldsun.com.au&ord=1671152565546&r=114135335109&t=bs&zMoatIMP=&zMoatPT=&zMoatLII=261524839&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=162&fi=1&apd=193&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=heraldsun.com.au&L1id=129805&L2id=87021886&L3id=104047785&L4id=0&S1id=heraldsun.com.au&S2id=heraldsun.com.au&ord=1671152565546&r=114135335109&t=hdn&zMoatIMP=&zMoatPT=&zMoatLII=261524839&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=806&fi=1&apd=837&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=heraldsun.com.au&L1id=129805&L2id=87021886&L3id=104047785&L4id=0&S1id=heraldsun.com.au&S2id=heraldsun.com.au&ord=1671152565546&r=114135335109&t=nht&zMoatIMP=&zMoatPT=&zMoatLII=261524839&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C953 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=500&w=88&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1425&gp=32&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1671152565546&de=114135335109&cu=1671152565546&m=1055&ar=67fa5e2a4e8-clean&iw=86d80b5&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=32&lb=11824&le=1&lf=621&lg=1&lh=31&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5817%3A5817%3A0%3A7309&as=1&ag=1008&an=32&gi=1&gf=1008&gg=32&ix=1008&ic=1008&ez=1&ck=1008&kw=837&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1008&bx=32&ci=1008&jz=837&dj=1&aa=0&ad=911&cn=0&gk=911&gl=0&ik=911&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=837&cd=63&ah=837&am=63&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=129805%3A87021886%3A104047785%3Aundefined&bo=heraldsun.com.au&bd=heraldsun.com.au&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=201243&na=1113450398&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
pixel.gif
inskinmedia689754970364.s.moatpixel.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inskinmedia689754970364.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=837&tet=1008&fi=1&apd=1039&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=heraldsun.com.au&L1id=129805&L2id=87021886&L3id=104047785&L4id=0&S1id=heraldsun.com.au&S2id=heraldsun.com.au&ord=1671152565546&r=114135335109&t=iv&zMoatIMP=&zMoatPT=&zMoatLII=261524839&bedc=1&q=6&BSD=safe&BSC=moat_unsure&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.253.206 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-253-206.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
event.png
tpsc-ae1.doubleverify.com/ Frame 50EC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ae1.doubleverify.com/event.png?impid=2ce4ad087ffa4827936db67a462adc03&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=474&eoid=14&msrjs=3326&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=1011&tetms=12&msltms=611&vltms=474&sei=290&vetms=77&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=50&isumms=50&nvr=2&isgmmims=50&isgmv4mims=50&elmtp=1&isbxdms=2651&b0=2910&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&lftb=2910&sftb=2910&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=48&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3590&cbust=1671152566672891
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3326.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
113.43.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 16 Dec 2022 01:02:47 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
12/15/2022 01:02:47
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=500&w=88&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1425&gp=32&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1671152565546&de=114135335109&cu=1671152565546&m=1055&ar=67fa5e2a4e8-clean&iw=86d80b5&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=32&lb=11824&le=1&lf=621&lg=1&lh=31&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5817%3A5817%3A0%3A7309&as=1&ag=1008&an=1008&gi=1&gf=1008&gg=1008&ix=1008&ic=1008&ez=1&ck=1008&kw=837&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1008&bx=1008&ci=1008&jz=837&dj=1&aa=0&ad=911&cn=911&gk=911&gl=911&ik=911&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=837&cd=837&ah=837&am=837&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=129805%3A87021886%3A104047785%3Aundefined&bo=heraldsun.com.au&bd=heraldsun.com.au&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=201243&na=1391629568&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:46 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=500&w=88&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1425&gp=32&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1671152565546&de=114135335109&cu=1671152565546&m=1056&ar=67fa5e2a4e8-clean&iw=86d80b5&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=32&lb=11824&le=1&lf=621&lg=1&lh=31&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5817%3A5817%3A0%3A7309&as=1&ag=1008&an=1008&gi=1&gf=1008&gg=1008&ix=1008&ic=1008&ez=1&ck=1008&kw=837&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1008&bx=1008&ci=1008&jz=837&dj=1&aa=0&ad=911&cn=911&gk=911&gl=911&ik=911&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=837&cd=837&ah=837&am=837&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=129805%3A87021886%3A104047785%3Aundefined&bo=heraldsun.com.au&bd=heraldsun.com.au&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=201243&na=1855000064&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:47 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVeSi,pingTime:5,time:6274,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6274,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:0.0.980.300,am:i,cc:0.0.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5152~100%5D,as:%5B5152~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:300,fm:tq8xQ1e+1.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:47 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=590a351a-eff1-4331-9753-52a8bc78ea3f&tv=%7Bc:wUVeSi,pingTime:5,time:6274,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:980,h:300,t:1148%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6274,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1148,wc:0.0.1600.1200,ac:0.0.980.300,am:i,cc:0.0.980.300,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5152~100%5D,as:%5B5152~980.300%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:300,fm:tq8xQ1e+1.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a*.10507%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f1%7C1g%7C1h%7C1i%7C1j1%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1150,sis:1377%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:47 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=500&w=88&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1425&gp=32&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1671152565546&de=114135335109&cu=1671152565546&m=1258&ar=67fa5e2a4e8-clean&iw=86d80b5&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=32&lb=11824&le=1&lf=621&lg=1&lh=31&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5817%3A5817%3A0%3A7309&as=1&ag=1211&an=1008&gi=1&gf=1211&gg=1008&ix=1211&ic=1211&ez=1&ck=1008&kw=837&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1211&bx=1008&ci=1008&jz=837&dj=1&aa=1&ad=1114&cn=911&gn=1&gk=1114&gl=911&ik=1114&co=1114&cp=1039&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1039&cd=837&ah=1039&am=837&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=129805%3A87021886%3A104047785%3Aundefined&bo=heraldsun.com.au&bd=heraldsun.com.au&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=201243&na=1553615858&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:47 GMT
generic1667795052595.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		488 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1667795052595.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jCGTQi4_RFbdnA8OewUtWZX0YOSF.4hd
content-encoding
gzip
via
1.1 varnish
date
Fri, 16 Dec 2022 01:02:47 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ1RF8RBE8ZAY78
x-cache
HIT
content-length
87773
x-amz-id-2
+bdNMokYQM7Z5lM99eQR8hNT6ycg17weoWj1Z0nSQfq3CnP+x/2zLqG/PGgU9+rGtl9gXIdGPNs=
x-served-by
cache-syd10122-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671152568.734123,VS0,VE0
etag
"dc42a6bc14439dd64332b6ca8f523136"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
8945
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e27e857900032d7dd09d063512b33a40e674d1051074b1892557c0d3ba49f651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11085
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 5412 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:47 GMT
server
Kestrel
server-processing-duration-in-ticks
1237963
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
160e9720a5839019f39e2dcf1640ccd5
content.api.news/v3/images/bin/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/160e9720a5839019f39e2dcf1640ccd5?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f14d591cc46e758d150bfa8852702eb90c83fdd5ccf2141e192d64313e7ec7f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:47 GMT
x-check-cacheable
YES
edge-cache-tag
160e9720a5839019f39e2dcf1640ccd5
content-length
8543
last-modified
Wed, 14 Dec 2022 01:06:27 GMT
server
Akamai Image Manager
x-serial
142
etag
4e4ea60799d33074f6bac892c0922b10-160e9720a5839019f39e2dcf1640ccd5-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5011312
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 01:04:39 GMT
5ec0a4611d16e20efa6d590cec622a21
content.api.news/v3/images/bin/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/5ec0a4611d16e20efa6d590cec622a21?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5c35e6a951bdd6b279ae8aeb53fd9465b0a82eb55f9f2e67370a1ffefeb45a41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:47 GMT
last-modified
Thu, 15 Dec 2022 22:05:59 GMT
server
Akamai Image Manager
etag
f3083ab0f39ca390ffb123bb71d55a15-5ec0a4611d16e20efa6d590cec622a21-320
edge-cache-tag
5ec0a4611d16e20efa6d590cec622a21
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5173411
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
17487
expires
Mon, 13 Feb 2023 22:06:18 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVeYY,time:3554,type:e,im:%7Bpci:%7Btdr:2955%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:3554,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3020~0%5D,as:%5B3020~88.500%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:267,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:598,sis:1210%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:47 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
03a445051a77f0199efc18195406afa4
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/03a445051a77f0199efc18195406afa4?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
65b83649b68da75a1a302be488b889ef853b9c8b819dca3ba4acc7b58c412652

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:47 GMT
x-check-cacheable
YES
edge-cache-tag
03a445051a77f0199efc18195406afa4
content-length
12009
last-modified
Fri, 16 Dec 2022 00:55:41 GMT
server
Akamai Image Manager
x-serial
1128
etag
62aa5182c83e51ae3812221cff36aec7-03a445051a77f0199efc18195406afa4-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183409
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 14 Feb 2023 00:52:56 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Dec 2022 01:02:48 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuMTI0IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJIZXJhbGQgU3VuIHwgQnJlYWtpbmcgTmV3cyBhbmQgSGVhZGxpbmVzIGZyb20gTWVsYm91cm5lIGFuZCBWaWN0b3JpYSB8IEhlcmFsZCBTdW4iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1LyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjcxMTUyNTY4MDk2IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODUxODc0ODcxNWYxLTAxOWUxMTBjODllMzU2LTY3MzI1YzUwLTFkNGMwMC0xODUxODc0ODcxNmZiNyIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC1zeWQxIiwiYWNjb3VudElkIjogMTMyMjIyLCJ1cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJ3ZWJzaXRlSWQiOiAxMzIyMjQsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjI3NzgtY2U3Yy1jYjA3LTRmYjktMDU2Yi1kZTdmLTI2YmQtNWIxMyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjcxMTUyNTY4MDkyIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDQzMDUsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ4LjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ4LjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzExNTI1NjgwOTYsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-nks6
date
Fri, 16 Dec 2022 01:02:48 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B935 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
17550
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 20:10:18 GMT
expires
Fri, 15 Dec 2023 20:10:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 76E0 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
GSE /
Resource Hash
109aff5a61da3ba9016663420bb360e372f1d51711760689cbbc4ef3cdc2911b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MTpR9BuwUSG1NQywK9-4FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-MTpR9BuwUSG1NQywK9-4FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Dec 2022 01:02:48 GMT
expires
Fri, 16 Dec 2022 01:02:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CZVJGVCrLAEnW8pS5&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11824&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=4&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=10985&t=CYXUZ0CTcU7HBTHy8gD4UzeGDjIqtm&V=139&tz=0&_acct=anon&sn=3&sv=OknGoCX7M7ytDcxFDVx2H4C9K0eh&sd=1&im=062b0732&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.87.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-87-237.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 16 Dec 2022 01:02:48 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 76E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=3891412402154402&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame B935 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 21:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 21:09:41 GMT
json
gum.criteo.com/sid/ Frame 5412 		446 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=www.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3b0b8d793c0c815d849f7b5cbe8aa06ae102332c1fe2ed78ecb072ee5a836bd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1437413
expires
0
generate_204
tpc.googlesyndication.com/ Frame B935 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6nl3eQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 01:02:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVfhR,pingTime:1,time:4725,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:88,h:500,t:597%7D,%7Bpiv:100,vs:i,r:,t:3717%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1008,o:3717,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3183~0,0~100%5D,as:%5B3183~88.500%5D%7D%7D,%7Bsl:i,t:3717,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1008~100%5D,as:%5B1008~88.500%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:267,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:598,sis:1210%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:49 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVfhS,pingTime:1,time:4726,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:88,h:500,t:597%7D,%7Bpiv:100,vs:i,r:,t:3717%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1009,o:3717,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3183~0,0~100%5D,as:%5B3183~88.500%5D%7D%7D,%7Bsl:i,t:3717,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1009~100%5D,as:%5B1009~88.500%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:267,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:598,sis:1210%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:49 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVfhS,pingTime:1,time:4726,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:88,h:500,t:597%7D,%7Bpiv:100,vs:i,r:,t:3717%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1009,o:3717,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3183~0,0~100%5D,as:%5B3183~88.500%5D%7D%7D,%7Bsl:i,t:3717,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1009~100%5D,as:%5B1009~88.500%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:267,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:598,sis:1210,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:49 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=3891412402154402&bg=!DwylDEjNAAYgquz3AKo7ACkAdvg8WpGdsOY-XLUHgoUCmpmuNA_TcVxWG4iGclZksq_tqmfkAchfcgIAAABkUgAAAANoAQeZAwha6g7Y2B-WVngFVYfmaECF1xzkWmbH4D5fXQUd3y9M5ctA1nQZ7t-HiOlGDgFq6l4dzxCctP7a1SLfrllK1Pw2Didgqc6l-GuDEjhM-ukvBO2hx_Z-C_K_LrbxhY3N0Bztggnbo0Lk674cN88OVykc-KWS4roEZvbcJIztefFfN4w_DZ8o_2VennlYk4c_jnb-wliaTYuMB-PM6w0faPera6dgqUPDbpkkd0k3GFuLOAtz6vMpNQUoMEIEaRLmOafTYZtaYmJiupcvr46FmwGTHARaxORcAbwz9fLkmJ1VNGeBvHyz7HOYMnps5WJOt2kpFRDD7Hd4UgpnwrI_z9P1ffR_ODRPcUkR-fQ1HX3-nDIcn0bgvWctHya9FRYU0NCvET19s9DrlueMeRFDwq1oTpWQ04cQe5mZKDhj5A8S--cQq-4PBpFxH0J6FKHK4aX_OSwEUG25W6pmyFS3RTpiCoPJ-wZVLZK4_4v4ajCCbwQ0EBzndM4uXx-5qO9A2jYbD9iqAzT4a1o14aNGFTAZ575vO-Ffn4j0CkRURN3A7AtakaojvK3PgWz3AvoUCRLRCaLe043R6IVgFnw4VUaClia2tOh2phgHVVE2jARjt1uXq3yX3s_S4SH5XCDGLQrftXeIBXZeuivKmruml8sB3dF9nNnO0maglqu8_kwNQonwC6-GV24hID1Jy9RvfNm0MkgC4oO1-zdQvgU9ZVM19OGWeEUFKe-ya5mfVyu3m_d1r4B8awWRwZyXJn2tASQEZz3O3vPErKvzQ8i1IyT6zM1ODaPeMEIWJMkZg7SrmnYQOpYlZZJNNFdcTaxNwRRRv-L5cGaI6HY_-EyQc_QsQHfjh72xf-2vmDwfCD6vq3Dv0Hu2qkBXOUhJ1IvFL5iVn9dizWSQwU86XH2rIw6dEBriuAMApIfdxXrNnW1at0TeDyTS0koR1p1XxIWDzQq5vRQBkarexBwO2HwfO5h4n5w4Zg0ZZCaDEM7b2du2qVG5jtV1GCG7O9L3l-geN80BNA9V0DSlYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INSKINMEDIA1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-iwC8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-G8FnRoeeeVpMDA%3D%3D&sc=1&os=1-rg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=500&w=88&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=1425&gp=32&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1671152565546&de=114135335109&cu=1671152565546&m=5083&ar=67fa5e2a4e8-clean&iw=86d80b5&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=32&lb=11824&le=1&lf=621&lg=1&lh=31&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A5817%3A5817%3A25231%3A7309&as=1&ag=5034&an=1211&gi=1&gf=5034&gg=1211&ix=5034&ic=5034&ez=1&ck=1008&kw=837&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5034&bx=1211&ci=1008&jz=837&dj=1&aa=1&ad=4937&cn=1114&gn=1&gk=4937&gl=1114&ik=4937&co=1114&cp=1039&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4864&cd=1039&ah=4864&am=1039&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=129805%3A87021886%3A104047785%3Aundefined&bo=heraldsun.com.au&bd=heraldsun.com.au&gw=inskinmedia689754970364&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatIMP=-&zMoatLII=261524839&zMoatFT=Superwide&zMoatDV=Desktop&zMoatTMT=-&zMoatJS=3%3A-&zMoatPT=-&hv=Creative%20API%20-%20Composite&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=201243&na=596341083&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.45.156 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-45-156.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 16 Dec 2022 01:02:50 GMT
dc_oe=ChMI29TYtfj8-wIVQTRyCh2WuwTbEAAYACC06dZVQhMI9972tPj8-wIVVFkrCh015Am_;met=1;&timestamp=1671152572664;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0A9B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI29TYtfj8-wIVQTRyCh2WuwTbEAAYACC06dZVQhMI9972tPj8-wIVVFkrCh015Am_;met=1;&timestamp=1671152572664;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVgkg,pingTime:5,time:8718,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:88,h:500,t:597%7D,%7Bpiv:100,vs:i,r:,t:3717%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5001,o:3717,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3183~0,0~100%5D,as:%5B3183~88.500%5D%7D%7D,%7Bsl:i,t:3717,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~88.500%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:268,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:598,sis:1210%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:53 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=796404&asId=e388208d-3fac-a111-1fd2-b05174dff5d6&tv=%7Bc:wUVgkh,pingTime:5,time:8719,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:88,h:500,t:597%7D,%7Bpiv:100,vs:i,r:,t:3717%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:5002,o:3717,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:597,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B3183~0,0~100%5D,as:%5B3183~88.500%5D%7D%7D,%7Bsl:i,t:3717,wc:0.0.1600.1200,ac:1425.32.88.500,am:sp,cc:0.0.1600.11756,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~88.500%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:rjss,dtt:268,fm:tq8xQ1e+1*.796404-57922638%7C11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C16%7C17%7C18%7C19%7C1a.10507%7C1a1%7C1a2%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1c6%7C1c7%7C1c8%7C1c9%7C1ca%7C1cb%7C1cc%7C1cd%7C1ce%7C1cf%7C1cg%7C1ch%7C1ci%7C1cj%7C1d1%7C1d2%7C1d3%7C1d41%7C1e%7C1f11%7C1f12%7C1g%7C1h%7C1i%7C1j11%7C1j12%7C1k%7C1l1%7C1m1%7C1n%7C1o1%7C1p%7C1q%7C1r1%7C1s1%7C1s2%7C1s3%7C1s4%7C1s5%7C1s6%7C1s7%7C1t%7C1u1%7C1u2%7C1u3%7C1v%7C1w%7C1x%7C1y%7C1z%7C110,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:598,sis:1210%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.37.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-37-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:53 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dc_oe=ChMIz43Xtfj8-wIVhEorCh2jRAMbEAAYACDkn9dXQhMI9t72tPj8-wIVVFkrCh015Am_;met=1;&timestamp=1671152573729;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 469A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIz43Xtfj8-wIVhEorCh2jRAMbEAAYACDkn9dXQhMI9t72tPj8-wIVVFkrCh015Am_;met=1;&timestamp=1671152573729;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 01:02:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/27213587
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/mtGhi0OCHx/jM/rPt09xMY/pOL3rmrcuVaw/bUw8AQ/QDN/BXzEPMh4B
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22238c33a3024a31%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%223f751eb7dd5dd%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%2248f2e5a8179d87%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%225691d7c22c5e38%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=c64c7273-8cea-4277-ae60-29a2c90b3918&pv=d1663c79-5749-4554-a39a-f4082830437f&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEKqnAb3iAgQZY4kIRuaPBOs&google_cver=1&google_push=AavPq0PlWVWjDqBhH5uRDtecU37UzlOU8tq_bwAJ3cSRqrxIheycP3KsFUkxcXOmMH_KVAuVJvEHwOXEhuDVeXQzL2aAb0zucq9UxkXdn9UHM2kMM2StuFQq4LL-if6WefoXOHG1vgUgCaE

Verdicts & Comments Add Verdict or Comment

388 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| oncontentvisibilityautostatechange object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore undefined| $ function| jQuery function| admiral object| googletag object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| loadjs boolean| isLoadedIndiesJs function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer function| 4dm1r11545242527 function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| placementData string| urhehlevkedkilrobacf object| lazySizes object| ads_api function| algoliasearch object| COMSCORE function| udm_ object| ns_p function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg string| nam object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| app object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| m function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| KAMPYLE_EMBED object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| npt function| setImmediate function| clearImmediate object| ID5 number| interval object| indieApps object| brandmetrics function| __assign object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore function| __spreadArrays object| _brandmetrics object| vidora_ns object| atsenvelopemodule object| ats function| GeaLoader function| pbjsChunk object| _pbjsGlobals object| apsUnits object| nca_ipsos object| dm object| ggeac boolean| apstagLOADED boolean| isAlloyConfigured string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global undefined| google_measure_js_timing object| Criteo boolean| hasApsUnits object| ads_ready function| omrhp function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| diagPixSentCodes object| __iasAdRefreshConfig object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| DotMetricsInitScript object| UrlCache object| SUBSCRIPTIONS object| SWG object| DotMetricsSettings object| ism_tag_86959548288253680 object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| oneTagObj function| ebDecode object| bsResponseObj object| InSkin object| ismWindow object| tbopt object| categoryData object| __IntegralASExec object| InSkinParams undefined| easyXDM object| InSkinUtil object| jQuery17201979639211163291 number| tag function| __IntegralASDiagnosticCall object| __IntegralASConfig function| mainScriptAppender object| __IASScope boolean| isDomless object| __IASOmidVerificationClient function| __IntegralASEventLoadHandler_e388208d3faca1111fd2b05174dff5d6 undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| DOMlessLLDcallback_44504524 object| BrandSafetyNadoscallback_44504524 string| keyName object| GoogleGcLKhOms object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| google_image_requests

231 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_d73c1019abc1b44ca7c695bf52bb5738_f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926_1671152550_1671152550_CIi3jgYQgPNHGLGE0cPRMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGjvhs2V9cu1kixwAQ
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: df7430288ff097c3ca5286f62c6e5efa
.heraldsun.com.au/ Name: nk
Value: df7430288ff097c3ca5286f62c6e5efa
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1671152545
www.heraldsun.com.au/ Name: lux_uid
Value: 167115254962932332
.taboola.com/ Name: t_gid
Value: f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Df298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.heraldsun.com.au/ Name: utag_main
Value: v_id:0185187446df0009bcf56c3412c903074001d06c00b08$_sn:1$_se:1$_ss:1$_st:1671154351648$ses_id:1671152551648%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.6120859779210361
www.heraldsun.com.au/ Name: AWSALB
Value: Ady7e/7KyEbergEvWu4H3IJhdzt5Eo9iG1PAS6ME5f0ibMhEHZnwVTarYG3hJZVUDTQff+ZxvS9H1gXj1pLHqvt2rmZJluQdgwZjyD3Fqc5/eVYym0X1MuJOzORh
.heraldsun.com.au/ Name: ak_bmsc
Value: DFBB5488F40EA18618C5D0B2EAE07235~000000000000000000000000000000~YAAQ0l8yuBSbjAaFAQAArEZ0GBJdnVBouQCzxUSIDQonPugyyrL15MxDLVbih2yalUQiaW4CQKW17WwukSH6L+e6oH09ubsp6vOwKQh8DIVBNdZqlHp0srL9MfCyrupqkOJnZD17CwX5FILQCwCArbqByzMjhDSDsdXxwBwtO3iMcwrQ8Bixu5mIRgP0NWJmPOUbj820a1Bfa1OJLsAHo57hMNr++SG3HeuK5p7XZFthMEvC7EKpEq1aoxSvuR5kR4hk97ghZ5mhQwWTxq3e1Uc+ZfsR1/dtEWHceU9XpWabZkTPPjJRkGVEuUX6hsMzOeATM0zE+BT07v9Q8WoBAxYn3oYFezOYUDTs4CbjXrZ7HIhXgn++k+Nmi+63RiExQ6jaJ5spxWLhTGXxT0XFZbpDvnnui12FzRpwloCsAxpFu+mp9hPPpGdcTlN9x0UA/VQYU2HUF9Zbr7O4OqwqlEnQ8kE75xL2KSTypVJCaC9XjDbsO4i5+n1wzUvks4J3Q52q
www.heraldsun.com.au/ Name: AWSALBCORS
Value: Ady7e/7KyEbergEvWu4H3IJhdzt5Eo9iG1PAS6ME5f0ibMhEHZnwVTarYG3hJZVUDTQff+ZxvS9H1gXj1pLHqvt2rmZJluQdgwZjyD3Fqc5/eVYym0X1MuJOzORh
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A51c3da80-7cdd-11ed-8232-09b139c8ac12.lmuoCowhqrAQP3z%2BjUAzOag5FY6zbbncRdcD6G6waEg
.scorecardresearch.com/ Name: UID
Value: 185d87198e3ed913ac75ace1671152552
.heraldsun.com.au/ Name: _awl
Value: 3.1671152552.5-0efa7a6f71789f0a06eb477150187a93-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: _cb
Value: CZVJGVCrLAEnW8pS5
.heraldsun.com.au/ Name: _chartbeat2
Value: .1671152553441.1671152553441.1.OknGoCX7M7ytDcxFDVx2H4C9K0eh.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncid
Value: 7be7723fd9fa1906888c05dc9ff8e922
.demdex.net/ Name: demdex
Value: 73956692102159585471605233320435453892
.heraldsun.com.au/ Name: _chartbeat5
Value: 176|2456|%2F|https%3A%2F%2Fwww.heraldsun.com.au%2Ftopics%2Fthe-royals|nQszJgvuX9BnsNYcB7nrrKC9hrat||c|Is2FUCPWbkpBugTqxBKcDKTCAD7Dv|heraldsun.com.au|
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: bm_sv
Value: 7CBDD938914909FAA576C7FAF8B59360~YAAQ0l8yuBqbjAaFAQAA9lN0GBLtvS4ExRrbC7FPQmrsPHY9DW4W4LG7WTgEdgXsAgXY9OoexlCoujKt0kIHqqlot3/EZBtoicMCn9bxewu167Yl3lGIbmNGnmlIDbP+C63HUL/i768hpaIDz7HMp/bu/NTwEyDy2e08IHjoHfG+7M088mPyQ9LLPkhiGb/omCGaNR11mRaWNHlziVakr9R2yXSIueIm2NQd7lDdvKW++KbgvmN9FScyRDimLBGGQiOb6WeE~1
.doubleclick.net/ Name: IDE
Value: AHWqTUlZdnV-YnBLOPrikwZvhSSi4GBvA_OJqvKOXfrawzN-8eQ562qjhEqZGyZdFGE
.socdm.com/ Name: SOC
Value: Y5vDq8Co8YsAACxSgykAAAAA
.postrelease.com/ Name: visitor
Value: b1f2ec94-f079-4cc7-94e1-8f9adb2dc7cf
.postrelease.com/ Name: status
Value: 0
.adsrvr.org/ Name: TDID
Value: 97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C73977920735991626331607330381802921694
.rubiconproject.com/ Name: khaos
Value: LBPT30PN-1T-J9B5
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: e4af5cac-f07a-4220-befa-7c314a70d707.1671152554.1.1671152556.1671152554.895ea135-2eb1-4c24-b763-442c6137ac2d
.newscgp.com/ Name: sp
Value: bb1d51b3-aef4-4064-806b-528ecf9350bf
.adscale.de/ Name: uu
Value: 1be512a9aaf44966a94859e248d01039
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200%2C1%2C9
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: s_nr30
Value: 1671152556132-New
.heraldsun.com.au/ Name: s_tslv
Value: 1671152556132
.heraldsun.com.au/ Name: s_sq
Value: newscorpau-hsweb%252Cnewscorpau-global%3D%2526c.%2526a.%2526activitymap.%2526page%253Dhs%25257Chome%25257Chomepage%25257Chomepage%2526link%253DThe%252520Royals%2526region%253Dnewscorpau_static_template-11%2526pageIDType%253D1%2526.activitymap%2526.a%2526.c%2526pid%253Dhs%25257Chome%25257Chomepage%25257Chomepage%2526pidt%253D1%2526oid%253Dhttps%25253A%25252F%25252Fwww.heraldsun.com.au%25252Ftopics%25252Fthe-royals%2526ot%253DA
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19343%7CMCMID%7C73977920735991626331607330381802921694%7CMCAAMLH-1671757356%7C9%7CMCAAMB-1671757356%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-291374712%7CMCOPTOUT-1671159756s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.contextweb.com/ Name: V
Value: IPdQsHX9ZJUy
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1ht8|5Ql.0.f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 911ac6dc396cd41a
.lijit.com/ Name: ljt_reader
Value: F0q-KQZHTajT1y8mSMSgA1eB
.adscale.de/ Name: cct
Value: 1671152556220
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 73956692102159585471605233320435453892
www.heraldsun.com.au/ Name: vidoraUserId
Value: 6ncu1ga385abg47isd8l5e47bs562v
.criteo.com/ Name: uid
Value: 66cac4ba-8c9e-41de-8046-5b238d0457ef
.lijit.com/ Name: _ljtrtb_42
Value: f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
.smartadserver.com/ Name: pid
Value: 8507947686806896355
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926
.openx.net/ Name: i
Value: 850088c1-c141-4086-99f1-1f23b7d78723|1671152556
.3lift.com/ Name: tluid
Value: 2167408850779744844935
.dpm.demdex.net/ Name: dpm
Value: 73956692102159585471605233320435453892
.turn.com/ Name: uid
Value: 3350514596490154961
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwrIfvnAY4AUABSAEQrIfvnAYYAA..
.adnxs.com/ Name: uuid2
Value: 5255120626500132149
ads.playground.xyz/ Name: connect.sid
Value: s%3AhwSNnzRg4YBHNXvJiU9LEcFXzh0htv_x.9E7zai85kwEvm4bDeYzFbDM70sE55Y1%2BQeQk6EMweQQ
.casalemedia.com/ Name: CMID
Value: Y5vDrZW6IKsKO5fjEthZcwAA
.casalemedia.com/ Name: CMPS
Value: 5318
.casalemedia.com/ Name: CMPRO
Value: 5318
.bidswitch.net/ Name: c
Value: 1671152557
.bidswitch.net/ Name: tuuid_lu
Value: 1671152557
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1671152557597.147040035
.eyeota.net/ Name: mako_uid
Value: 18518745e0f-4d13000001084b6e
.eyeota.net/ Name: SERVERID
Value: 19310~DM
.mfadsrvr.com/ Name: tuuid
Value: 129c3c4c-ed3f-4aad-9be9-696895f26f3f
.mfadsrvr.com/ Name: c
Value: 1671152557
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671152557
.scanscout.com/ Name: uid
Value: CI-19097d74333dc041ba1435c36c60320d
.scanscout.com/ Name: UIAA
Value: 73956692102159585471605233320435453892
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1671152557579"
mfad.inskinad.com/ Name: azk
Value: ue1-02cf1af739d549c7ae63832fae5e4e19
mfad.inskinad.com/ Name: azk-ss
Value: true
.omnitagjs.com/ Name: ayl_visitor
Value: 22818145ad8b1fc6feac839861343c63
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e33ad457-cdde-460e-5c2b-fb79f8983b3a.O0A2MmrrlREeRklo6Arcx4ncs1yXrcXcU%2BDDmrs1BsM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A4zrUV83eRg5cK_t5-Jg7Oq310Y4.%2B5yXL4lX0Q99iIeZSZ3FQUeCC%2FxxCTPPR%2BM5aeVMFYw
.adx.opera.com/ Name: UID
Value: OPUec20644aa7a94fffbd70cd3b8ebda5f9
.bidswitch.net/ Name: tuuid
Value: b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5vDrQADwQunQAAe
.mfadsrvr.com/ Name: ssh
Value: !taboola,1671152557
.heraldsun.com.au/ Name: nol_fpid
Value: p6fngwqjyhaqfsfzwdysdpc0ryn4t1671152558|1671152558058|1671152558058|1671152558058
.demdex.net/ Name: dextp
Value: 358-1-1671152556062|470-1-1671152556163|481-1-1671152556285|771-1-1671152556387|903-1-1671152556488|19566-1-1671152556589|23728-1-1671152556690|30432-1-1671152556791|30064-1-1671152556892|66757-1-1671152556993|134096-1-1671152557094|144230-1-1671152557195|144231-1-1671152557296|144232-1-1671152557397|144233-1-1671152557498|144234-1-1671152557604|144235-1-1671152557705|144236-1-1671152557806|144237-1-1671152557907|147592-1-1671152558008|461447-1-1671152558109
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b7eee8ad-f3d4-4d07-83ce-68493bef1d3e
.id5-sync.com/ Name: callback
Value:
.everesttech.net/ Name: ev_sync_dd
Value: 20221216
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY3Mzk3NzkyMDczNTk5MTYyNjMzMTYwNzMzMDM4MTgwMjkyMTY5NFIOCKjE0cPRMBgBKgNPUjLwAajE0cPRMA==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
.krxd.net/ Name: _kuid_
Value: PQp8_CLW
.amazon-adsystem.com/ Name: ad-id
Value: AzmStVSMnEmfhcWMc8VJWBQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ad-m.asia/ Name: uid
Value: F7IqYKAVPm
.spotxchange.com/ Name: audience
Value: 55d6ee67-7cdd-11ed-bd41-14a2f8e60507
.bluekai.com/ Name: bku
Value: pSL99vfeZtwszED0
.mathtag.com/ Name: uuid
Value: 9ae4639b-c3ae-4c00-94be-7376bf7903cd
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=327e3a56-6774-4020-be24-2f100b57dfc6&Created=12/16/2022 01:02:39&UserMode=0&guid=348f0818-7712-4ffd-a7d4-83d45b999453&ver=1
.heraldsun.com.au/ Name: __gads
Value: ID=9a67cb33b656d3d6:T=1671152558:S=ALNI_MYYOjAQyIOK3rrd3udgWOQ4a5idjw
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b91369560bb:T=1671152558:RT=1671152558:S=ALNI_MZ-88DWlu78Rjp-MGXAEQKZydSbBQ
.imrworldwide.com/ Name: IMRID
Value: 5617cb51-7cdd-11ed-a45c-459770024501
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: 6snBcxbcWPaHbS1QMZzSYBlww45s8fXd+sgqKD12B5dN9j7Q7yaz2OyDdjzdPzWfZEprtjL8ixp/u+x3vOvfdUNzl9EEOxFWpb4T6n3AYF2JANpk7SFzk8gaMH2+
.company-target.com/ Name: tuuid
Value: 468a8f41-63f2-4173-9a9a-de41b48e8133
.company-target.com/ Name: tuuid_lu
Value: 1671152560
.semasio.net/ Name: SEUNCY
Value: C7790B263FECDBD9
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 868C18B6-C4A5-4198-AA13-94B96ED44ADF
.admatrix.jp/ Name: uid
Value: 3eb1b694-ae90-424c-8a07-eefafb50cc7c
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuCFj0_004c3mCFj0_
.serving-sys.com/ Name: G4
Value: 0009fM00Jq_
.serving-sys.com/ Name: OT2
Value: 0001DC1rKx
.serving-sys.com/ Name: u2
Value: 9880e94b-b360-4491-a571-56a8b7a8f3bd4Ke050
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&KRTB&22918-97afdd2c-69cb-4e3e-ad11-2221ebfb2b51&KRTB&23031-97afdd2c-69cb-4e3e-ad11-2221ebfb2b51
.csync.loopme.me/ Name: viewer_token
Value: c52d74fe-c168-44b5-bdc0-fb7fc90014fb
.tapad.com/ Name: TapAd_TS
Value: 1671152560746
.tapad.com/ Name: TapAd_DID
Value: 98634a23-b404-4601-b8ae-f5ddb66f6c8e
.adotmob.com/ Name: uid
Value: 087f220407122fa984b2e904
.adotmob.com/ Name: uuid
Value: 087f220407122fa984b2e904
.adotmob.com/ Name: partners
Value: IX%3A1671152560680
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELIwECIop3wvUaSOJwdIkCQ&KRTB&16514-CAESELIwECIop3wvUaSOJwdIkCQ&KRTB&23025-CAESELIwECIop3wvUaSOJwdIkCQ&KRTB&23386-CAESELIwECIop3wvUaSOJwdIkCQ
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&KRTB&16736-uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&KRTB&23019-uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd&KRTB&23208-uid:9ae4639b-c3ae-4c00-94be-7376bf7903cd
.simpli.fi/ Name: suid
Value: 974533835F9D416FB00BF3A590E6F282
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: c2a68ceb7ce96e784db23d742a33f599
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&32471c7d-cecf-479a-8565-d67db3316171"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2973:u=1:x=1:i=1671152561:t=1671238961:v=2:sig=AQHUTQfXqoQMyAXkC78E8PVLftxvaGUI"
.id5-sync.com/ Name: id5
Value: 9f7802aa-17fa-7a7f-9cc7-0440915c5388#1671152557182#4
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:974533835F9D416FB00BF3A590E6F282
.teads.tv/ Name: tt_viewer
Value: 5449e3c6-d123-4e13-be4d-33285582559d
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8401
.ctnsnet.com/ Name: gid_CAESEAhOEh6hcgdXVGK1-_dRwYM
Value: 1
.ctnsnet.com/ Name: cid_8d9b8d4fbc9842a58583c478b7fd552e
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBLHDm2MCELP5tnWpHUoAWS4ZPM-_Na8FEgEBAQEVnWOlYwAAAAAA_eMAAA&S=AQAAApoWyFT_v9YqYoPwnH1Upw8
.adnxs.com/ Name: anj
Value: dTM7k!M4.gE:2jUF']wIg2E>ys*ujaNLr?vn]v!VT6>O</YPHY(<BB4?EEC^?FEw2*`4*Q1c9+WwB`c'#yQ=h?nJZWBllt]^21=%#^#tVSs$xd[AikUfjl`?eNQZ+v$ZO]G)/>x*qF1`*b^A./ErNb
.brand-display.com/ Name: _knxq_
Value: d0c349a4-caca-8d48-04016383.1671152561.0.1671152561.1671152561
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1650893494.1671152562
.linkedin.com/ Name: li_sugr
Value: 4a71d231-3747-4af9-a039-63160b7c22ae
.uncn.jp/ Name: t
Value: v_3efdcbc7-1904-4357-8ea0-7db5bcc12fe3
.reemo-ad.jp/ Name: deviceIdentifier
Value: AwhMDnwbsunUWLMjBjqgLFSFZWiLMhlv
.reemo-ad.jp/ Name: sync_gadx
Value: 1
.google.com/ Name: NID
Value: 511=uGBMDvd0wlcJFv1w97JXLfpT0BsAcbqSwejUvEFe-9xusDfR5_xOq0olDDgjRjtOsHZIcfqZTyHpcsv3A82d6aqufT-oFwKdoE9N8ny6Ler_dECbsaV1aox5wCpyQGQvsb8eKu5YCredJEgiWIL1FDWGOf6NZmfWaasFcvgaczc
.uuidksinc.net/ Name: jcsuuid
Value: ieMInx693fv7fzIITyGL
.linkedin.com/ Name: UserMatchHistory
Value: AQJTfcSq15LZrgAAAYUYdG9FXPb2CnLdzD0MbL-alnYQ58P7CAcQnJywLNzw5HNNwqVzFexP9tFj2w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIrVg3nA3QXuAAAAYUYdG9FWHKsxlI1-Pzub6Yq1jF_pY9XQrCldrf1a6Br7FHM0pNnUBx9i5FVvhPnFFT5lQ
.quantserve.com/ Name: mc
Value: 639bc3b2-2af8b-81837-c9631
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY3MTE1MjU2Mn0
.twitter.com/ Name: personalization_id
Value: "v1_oQ9V/FTgDpHrvtuhRyEoGw=="
.t.co/ Name: muc_ads
Value: 53eaeeba-4f08-4e76-ae85-468de3a36289
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221216010242b49592aa-cdd4-4f3c-8e62-3e1cd1c0c864AQEg3wxj9eGrn5HUpDrkj2SZXT_6XmBp"
.w55c.net/ Name: wfivefivec
Value: 0o4tx5321P5Z7A5
www.heraldsun.com.au/ Name: ln_or
Value: eyIxNzY1MzgwIjoiZCJ9
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: matchcasale
Value: 5
.zemanta.com/ Name: zuid
Value: lriDGu9DLDtICrNmESLa
.bidr.io/ Name: bito
Value: AAE_xk7HN4cAACDFjDf7ZA
.rubiconproject.com/ Name: audit
Value: 1|MaNs8RyK2uM6STiXwY7D4LHbKSjkHB38NGX0SXZMNb61Mnm1d2tbLeoyY5w0qJWZYK3UmLsa7ZIkEa5N2k7U1SEEFoCDRlfYBn0LdTvpHNwhd3BJ9Iks+KfGnvA7ZeXh3OlDu/ORdD8=
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI8ITKj-jCrzsQBRIVCgZjYXNhbGUSCwjW7reu6MKvOxAFEhYKB3J1Ymljb24SCwjik6O26MKvOxAFEhkKCnJpZ2h0bWVkaWESCwio-ZrC6MKvOxAFEhQKBXRhcGFkEgsI7oXjvOjCrzsQBRIVCgZnb29nbGUSCwi4wtnJ6MKvOxAFEhgKCWJpZHN3aXRjaBILCNye08zowq87EAUYASAEKAIyCwj6_sT1_sKvOxAFOAFaBzhoOXUxMWhgAg..
.adkernel.com/ Name: ADKUID
Value: A1633101085883266158
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A1633101085883266158
.lkqd.net/ Name: lkqdidts
Value: 1671152563
.lkqd.net/ Name: sr59
Value: 1||1671152563
.lkqd.net/ Name: lkqdid
Value: ixkrKv-m5YQ
.adform.net/ Name: C
Value: 1
.dyntrk.com/ Name: dyn_u
Value: 07030002_639bc3b4257c9
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1672358400%3A197_245_226_201%7C1671235200%3A174%7C1671753600%3A164_248
.pubmatic.com/ Name: SyncRTB3
Value: 1672444800%3A35%7C1671753600%3A223_2%7C1672012800%3A63%7C1672358400%3A54_7_13_22_8_56_233_71_247_21_3_220
.casalemedia.com/ Name: CMTS
Value: 5340
.quantserve.com/ Name: d
Value: ELwBEgHpJ_ijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "175w~28vd:1769~28vd:18z8~28vd"
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5vDrQADwQunQAAe&KRTB&22978-Y5vDrQADwQunQAAe&KRTB&23194-Y5vDrQADwQunQAAe&KRTB&23209-Y5vDrQADwQunQAAe
.adform.net/ Name: uid
Value: 8750192507165236982
.id5-sync.com/ Name: 3pi
Value: 464#1671152557563#-1063235271#f298bd21-f157-4874-a92f-347488dd3d5d-tucta954926|112#1671152560815#1821301328#C7790B263FECDBD9|2#1671152561454#297272243#5255120626500132149|3#1671152559336#257468607#9ae4639b-c3ae-4c00-94be-7376bf7903cd|264#1671152562761#449686#97afdd2c-69cb-4e3e-ad11-2221ebfb2b51|10#1671152564774#302321490#4215561582167017865|108#1671152562268#581122730
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu&KRTB&19420-neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu&KRTB&22979-neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu&KRTB&23403-neL6CMjioViG46IMk7PuUprp8F2GsvpcmOA3CYTu
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3350514596490154961&KRTB&23150-3350514596490154961
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5255120626500132149&KRTB&23339-5255120626500132149
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: y7bdxpggfsy
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8750192507165236982&KRTB&23263-8750192507165236982
.mookie1.com/ Name: id
Value: 10522871640278562624
.mookie1.com/ Name: mdata
Value: 1|10522871640278562624|1671152565262
.mookie1.com/ Name: ov
Value: eb32d6fcc3c1fb45c1a19620910f8d3d
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-y7bdxpggfsy
.rlcdn.com/ Name: pxrc
Value: CLWH75wGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-4zrUV83eRg5cK_t5-Jg7Oq310Y4&KRTB&23334-4zrUV83eRg5cK_t5-Jg7Oq310Y4&KRTB&23417-4zrUV83eRg5cK_t5-Jg7Oq310Y4&KRTB&23426-4zrUV83eRg5cK_t5-Jg7Oq310Y4
.mookie1.com/ Name: syncdata_TAP
Value: 1
.pippio.com/ Name: did
Value: FUWma8XZDY5gswX_
.pippio.com/ Name: didts
Value: 1671152565
.pippio.com/ Name: nnls
Value:
.agkn.com/ Name: ab
Value: 0001%3AUjuDnn%2BH5nT1pMan01Jyc8EeI1azVGne
.pubmatic.com/ Name: SPugT
Value: 1671152566
.pippio.com/ Name: pxrc
Value: CLaH75wGEgQIAhAAEgYI7OsBEAA=
.mookie1.com/ Name: syncdata_NEU
Value: 1
.innity.com/ Name: iUUID
Value: 09e5d5efaffcf25344f798b092d1da84
.linksynergy.com/ Name: rmuid
Value: fac5b1aa-0f37-4cc7-8b4c-195ba7d6dada
.linksynergy.com/ Name: icts
Value: 2022-12-16T01:02:47Z
.rlcdn.com/ Name: rlas3
Value: zub0k9sCzuh9w9hwsTKqLNUf1xBV177QXlbxRTWTpdw=
.pubmatic.com/ Name: PugT
Value: 1671152567
.heraldsun.com.au/ Name: s_tp
Value: 11824
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: 2778-ce7c-cb07-4fb9-056b-de7f-26bd-5b13
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1671152568092
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 62.35648232170894
.heraldsun.com.au/ Name: cto_bundle
Value: fxxTj19CZ0FLTVhYY3VKdlVIcUlsbnQ1QmRDdlF1NjhtVzcxZFlNMmpxN1pjZmtkcThjOVZTSmVxM1VUWVJ3cXFKRlA2TUZOeXdEZWtnZXFWSFRuZldxb2FVblV5UUZHM25Zb1VIaW1UMTclMkZFSlNZT21IZXRVQWNtM1lTblpZeDkyeHFwN3VMcE5FR051ODMlMkJPMlJPQmRQM2UlMkZ0NmJ5MkQwVFlqVmE1dFpRVE9qT2MlM0Q

11 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=666305591812.8844?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22238c33a3024a31%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%223f751eb7dd5dd%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%2248f2e5a8179d87%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%225691d7c22c5e38%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=c64c7273-8cea-4277-ae60-29a2c90b3918&pv=d1663c79-5749-4554-a39a-f4082830437f&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22238c33a3024a31%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%223f751eb7dd5dd%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%2248f2e5a8179d87%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%225691d7c22c5e38%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=c64c7273-8cea-4277-ae60-29a2c90b3918&pv=d1663c79-5749-4554-a39a-f4082830437f&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://cdn.ampproject.org/rtv/022211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEKqnAb3iAgQZY4kIRuaPBOs&google_cver=1&google_push=AavPq0PlWVWjDqBhH5uRDtecU37UzlOU8tq_bwAJ3cSRqrxIheycP3KsFUkxcXOmMH_KVAuVJvEHwOXEhuDVeXQzL2aAb0zucq9UxkXdn9UHM2kMM2StuFQq4LL-if6WefoXOHG1vgUgCaE
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e61fcc6766070ccc9fa2c95fca522c0.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
a1627.casalemedia.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
avd.innity.com
b1sync.zemanta.com
bbraoaivwsnletuwm7iewqznc1zpi1671152558.nuid.imrworldwide.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.doubleverify.com
cdn.id5-sync.com
cdn.indexww.com
cdn.inskinad.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.mfad.inskinad.com
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
connect.facebook.net
content.api.news
cs.chocolateplatform.com
cs.lkqd.net
csync.loopme.me
d.adroll.com
d.turn.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gdn.socdm.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
inskinmedia689754970364.s.moatpixel.com
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
mb.moatads.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
odr.mookie1.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
px.moatads.com
r.turn.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.company-target.com
s.pubmine.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
t.adx.opera.com
t.co
t.inskinad.com
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
v9999.adv.admeme.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
z.moatads.com
cs.chocolateplatform.com
login.newscorpaustralia.com
syd-1-apex.go.sonobi.com
103.229.10.247
103.229.205.243
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.71.26.126
104.16.86.20
104.18.33.19
104.18.36.94
104.22.52.86
104.244.42.131
104.244.42.69
104.254.148.251
104.254.151.68
104.69.108.119
104.83.196.116
104.83.196.200
107.178.244.193
107.178.254.65
119.81.192.134
119.9.108.191
124.146.215.47
13.107.42.14
13.115.65.60
13.226.175.15
13.251.90.192
13.33.30.231
13.33.33.13
13.33.33.22
13.33.33.73
13.33.79.24
13.33.88.129
13.33.88.56
13.33.88.94
13.33.90.128
13.33.91.15
13.35.8.13
13.35.8.40
13.35.8.67
13.35.8.73
13.35.8.87
13.52.14.45
139.5.84.243
141.226.229.48
141.226.230.50
142.250.4.154
142.250.4.156
142.250.4.94
142.251.10.121
142.251.10.132
142.251.10.154
142.251.10.95
142.251.12.148
142.251.12.97
146.20.128.67
146.75.112.157
150.95.47.242
151.101.1.108
151.101.1.175
151.101.1.44
151.101.130.49
151.101.65.44
151.101.66.217
157.240.235.1
157.240.235.35
162.19.138.117
162.19.138.119
162.19.138.120
172.217.194.102
172.217.194.157
172.217.194.94
172.253.118.113
172.253.118.148
172.253.118.155
172.64.132.15
172.64.154.237
172.67.69.247
174.137.133.49
18.138.110.117
18.138.18.111
18.138.26.177
18.140.217.106
18.142.1.26
18.155.68.101
18.155.68.116
18.155.68.27
18.155.68.50
18.155.68.87
18.158.185.48
18.182.72.188
18.208.87.237
18.210.55.209
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.31.5.52
184.87.193.91
185.183.112.148
185.196.197.130
185.84.60.21
192.40.36.151
199.127.207.188
199.36.158.100
20.50.2.28
202.241.208.4
204.236.153.238
220.150.223.50
220.150.223.52
23.106.127.39
23.106.127.52
23.106.69.73
23.23.162.146
23.36.253.206
23.52.171.107
23.54.56.153
23.54.56.214
23.72.44.196
23.72.44.233
23.72.45.156
23.73.13.201
23.73.13.34
3.0.118.42
3.104.211.97
3.114.23.93
3.73.221.153
34.102.253.54
34.111.151.213
34.120.155.137
34.149.43.113
34.160.169.226
34.194.167.128
34.212.196.215
34.96.71.22
34.98.64.218
34.98.67.3
35.186.193.173
35.190.60.146
35.213.12.39
35.214.223.115
35.227.202.26
35.230.38.116
35.241.45.82
35.71.131.137
35.82.246.6
42.99.140.192
44.239.37.156
50.116.239.135
52.220.190.50
52.221.156.235
52.223.2.229
52.3.45.181
52.41.136.75
52.46.151.131
52.68.226.122
52.74.13.196
52.88.43.167
52.95.132.94
54.169.64.129
54.239.33.158
54.251.140.206
54.255.63.116
54.81.22.167
54.93.142.150
63.140.36.101
63.140.36.179
63.251.14.3
64.202.112.159
69.173.158.64
69.173.158.65
74.118.186.45
74.125.24.106
74.125.24.154
74.125.24.157
74.125.24.94
74.125.68.155
74.214.196.131
8.43.72.97
82.145.213.8
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
00963888aa539b10793484d1b020aac609a909c06f08441b3cb0b3cc37e9635f
015da834507a76a51cb091b1542b4202cc2013c99203132aa7897275a0e4b2ab
018adba7b90b8c9865b847519768f00e14664facdb16a83e752ae61b04f7f394
019562112a5138057062066d2f9e9b17780d149d5240e9c852b96464dc074c28
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0245ba3569f3b55d21d288cc0d71949dc3bf0b557f7e4944b3e97b06cf7d8629
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
056756bf7602d67afcbec94cf373eeb3ca70b99e039db2690b7c242ed8a80e40
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3b4bd03e0e84bc979664bfac9e6ac5428d74672f328bcb7c4a9d965dfe9fca
0eab819d44d4e31f5a146fbb6c57b2e12b1785592debaa76055024807e7c41c1
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
109aff5a61da3ba9016663420bb360e372f1d51711760689cbbc4ef3cdc2911b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1576451ff5c704e49810af7c9579a3889540e25eb8d81b200ab1ee7f1c37ed93
160bd5b24ce2af7464aee520d10b7d180f09a94787ffd55c21b0d18b74324ba5
17e260d0e7d304a38b587e2271b1c2dd43b18d3a5d53ae5cc19edbaf8010a22f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a959886c0069860e94358583acb4c911ca2efc2423e1235ebcb26f9ee8d7dc3
1ab3eeac5d9c63708fa57a4dc53f3e7c3d2f94b3982f6bba9734cd43ff872a79
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b68c2445bf689895759a2707304ec53b54958a7878298a0916ff1dbc55f575d
1baca839c6fdcc5a0ce535651f0cbebd16d277c8db35bdb0e795d1bd70b14660
1c0e181856df8be4746cedc5a11adeced5917b671e076c3da70056b056739751
1cb3ede1f3a74da6c531c05895cf179220e00202a512c44962f8b2736f384619
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5
1f1aaf2d8419c207f8d214f58484f66f4becefe6e0104fe95b963dfe094e4a45
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
21bc24c8bcd1483603667dc443ad71f3f28d14839667c31a6fb7acf357bb2770
230be5b7d68732a59fdfc31fdd975bc4a377a839301c0a2b9fbcbcb44d877e43
2379bb72d646467424f96ba9ee613e095cbcb2548533d5614d58ba3d9fc68b2d
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277ff656120a3c04b8a24084aa4263083d465e32b6a038666ba4cb6f53ee7390
285dd74b0a91b3aace48f15e2b158c04c7f0ab0a2f722473e9b56f8df3ce5090
28ec36f2aed7bc17d9734577035828c8ae2fd8a6d0e66e61bf9258aa13397626
2ac192e5c4b1d3aa6d48a214c074b3d83e1b228aab340c41cc49e78ea6737293
2af039f6e022a063d1c540d4bd6dd75d2a5ac3f622b735855611eafe37fcaaca
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2baecf61e76db3299173f3f15490f3b9184c98cffdcecbc0207ee967abe2a63a
2be62e5b385bc1125068a072d22b47073fe2ddf62a983d16fce5df7808fe309c
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2eca9e148c898b2a99567087e448cfe4752b88cb2df3762f2e8aa586fe1b7102
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
33f6fc3033ee33a0f3533e9105efc5244028a5c53dd814525cbb6c419443e2bf
34f3e54d868d0fbb0d0506efc4a659518716b102a7c8bc784ccf2d5ff47f8d7b
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36691917333c34d70a8f4e8907f33869549b5a02ef9f8326a32175f8fd07d30b
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
380855ebf275daba0e22eca58aa784acb23f44fa4b5e3739e601a7c274e7faf0
388a1ecf6a0486415083da26b9e5bb4c5550201a8d1a8a79667a9fd9d8933b0d
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39b23d11b1d1e5d73a3731a4ff8d1b51c0eab5ce82eaf81c0b812ce8d61bdb4f
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a55cf235c2f8cc8b9802ce77fa1a010db5f96461173bc5bc3b91a8e7a6f446b
3b0b8d793c0c815d849f7b5cbe8aa06ae102332c1fe2ed78ecb072ee5a836bd1
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8ee79a19143d47c20f10690e0123986c4fae2625bef8cd694cba3cafce847c
3db327f30abd927cb04397b021e5f2bbfb3eeaad43a60a7f271a3fbd8ed04cbb
3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef8b7133a8587845f82752bcdaf67c56a3b2441146b1b63b7c70f170d73cd0a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442b3c402128c6b3354ded0d6f2e6ff0fc98a7adcc6bfe5c723decd7e4141bde
44388858009cfb0ba580feb459ed8e6d67ea03796ee617fd0e2a8d3c6456f034
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
467b8082b90a68f4a7e197d9f807935bb74a18c44f8bb32958c8bec4d9209187
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4936baaddfab9fb35479bf4316d1adc0b85e01ec00cf3e8e2cdd96af3b03083b
4a95d6ae70c98c49ecef7806386969c99bc126703c161600ebc410d22f1797a2
4ac3916e1a9c36de3692fd8efb47df76d61181b53abe3c4842fe28720e4f439a
4b0de807419bbac204627af01ac4647de367f1236da84060df6fecf86c630aa2
4b1e053d9059b62b6f07201f2d84339e3e321117fb315989b3ae2494e9b42d3e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c75f8a634a5b74c5958044005b8dac2e4348cb99655465467e92d3727a7f4fe
4cd4c532693fb60f644782aabe2b08453a2432b4310179e7b0429b40126571c0
4d313b7d5e685f1c06fe386cd72bd0c87016958fa62dfd72451e895a6fd24225
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4df4233f21825d84ad4acf0e1d96589a4246e9efc030d40c609e3f3ff70b629f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f221bc2f86320957a6930c3498d121fcc36d02f5f053dd87dd424745f13445f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
545e78ae2b4d6507c3e9eb2ea6698fd7a4c6ea44b92397e11ed10d1a40907896
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f113ab388f08aea775976f2178ee0efd5d444c7141cf1a4f3fb9bfc3685e7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56cafcfb79a2eb06b9f7e4ba028bdc473b9d0a6200d3c1bceefd19aa11f28a70
59414a8c519fb7b6d296b9010c3e7a4199e71dbe58cb1325398c9e8b698db12f
5c35e6a951bdd6b279ae8aeb53fd9465b0a82eb55f9f2e67370a1ffefeb45a41
5cdc753e5ba7e2c5d13c1cb95796dedc7f55299c3bd7ba3468b3f818f1548542
5d0be58980c3766431f0c9cb3d59213b6bea54384a72f23e041126e8d7e78257
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5df9b5aa6074e6434f3ebbb7897d52c5040b85dea23c376b1a0ccd5a2e552dc8
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f5bb77a056c5ef2c413be10a3e5dba9a2d006b1f7583bb0c5fd13c01efb176e
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
60723334f47c555bd814a234ad0090d2fb761e7ced50952e06e6c5409edf0f57
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61de6bb82566c9538bae9aeba8655b87931dd646f4441b1e1c500e8afc3992a7
620a96ac0bcf86f90d84acf376a5e3065b95af6b5778de014e8d63445766faf9
622d33c57dbb9c8b700d74b51cb51c67324b21b91eadb10b4ff60a55d1912dc0
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
6463a547b897063edcbfb12724c1ea548a260822b6b4f080549bb0b62b5a0513
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
64cace7201cfab02b7717e0bc40d7fb7753a7a50d6a8f12eb3beaab778c1e8be
659afe4f88a83decaea31a575588ffe8462ff3aa166393e4fe3f3614ac9a81a3
65b83649b68da75a1a302be488b889ef853b9c8b819dca3ba4acc7b58c412652
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
660a8dc82214d5858e65e10bb41d39d905c7cca6773840de680ec31a85d61552
6696e0029b626d0f183216889901f692dd4a7f5811657004c5f445818d08113b
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68f1e77a69313cb501bb6e02777d6f2bcc656e63973430ffb3079cbba24e1d09
6906b7e4c49da9f6cb5953fdf8ba7ab0012c7ca3cf898e75d0ffb3978bbe7bf2
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6ed685033853dc3e218e56c366c019b654b4695e322b9392a37bb923c96b2c10
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec
707d2c0e6f2ebf60d6f8555335382ee4b51f7577298d08a7f7b357e0efa33adc
7119ef3bb90afc38ec3bfdfb86583aff2bfd03bb84d58fac47dd417d6f812cb0
71e3b723f5ae76026f529032d00bf30ee21fb78dfa6473d8e849d84442450851
726a1418ebed5a5a821de18bad244877836dd34574c59465e29326d5dc18f270
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
7589eb7aa1d97aad96b3f6fb62c7712ecab961fcb09510a207a64e102d7e4ce7
75f61a096082e808b7e3df989ce2384a0bebc24346823daf342380c50bd8be18
77c14b6fbc2de9907439d34fc718570d4dde1cc5ee8225f761ba5d2ccd1f9afa
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
79ee8e9cfdde7255fab7e1b11f2537e7ce824f89dfe6e088ef112b275d6ef51f
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d6d6a2814aef9b2ba67051906d4fe6b9c503543f94159d73ca482c0e03b7b47
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
7fb803428b6af4182864c0f594e0cd5659cca57d977fdc437a6799e3dfdfe2de
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
828856dbfeb24129393f588dc9dfa0c77964fe466dd40f066f423b64a9e0ccbc
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82ec8cd333ea0644fb3524da9d408727a214aab9d224863c75ff1a9cd1dbe48f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8414011837a539aaa74cad2dbddd587411887434b00d084740c0564639315b37
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
84850d50823ca8d77cb4c238356e9289dc59dc770f00829d7f3a70aed85c3f70
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
888e0258d4d0d3ca733b93f230e6a761106ea103428823b6dbf7beda15f7b748
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8b5e69b88af0ba3fa45927e2ccd2dedadf2f8b7c74cbfe369e46acb5f88a785d
8cbc0db8eb2b1b5ed89444964300b413c4c9bd1a01cd51bb04a2c44b6bf77639
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
95a0a3e04c4d3d467eb4f90f9a5adcc78acf490cfc91b70b17c14ce3913b0c13
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
980dbafb3c0bf1cdd0bb5ae8c403fbbd73db134afe75edc5f598ee57139bf90f
98994f12023d36dfec4acab48919b1a38715786e87bef351f1f129cf09de71a3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c1ca20f49b5fd3ebf3f04cbae4fc4c9289e60e46b326cac72247cb9a6885405
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f
9c826a107af5b970f909a4f22e72471eccdebfb0037941efd65832b9e1194510
9c85dc5060f303a50702105dba3137165dac3441ca067f92f5c17c8998c79f4d
9d771e8e3fac85b1113de6212248832838a6a24e6d3bde88342c7794e87b552b
9d886e5f06db2b28f635338901155e3f2514b0344754eb0b19b41c66e41b6f1c
9e77931f4d92b468ad54f75d0ba3dbfd1ef88df95025a2bc18e0478ffcd0d66f
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42
9f89275e424109ea6a0404f385c6336c578dd78286b00f42694ff3b04e097f9d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a026be89951dfa5f2dffbe9aae228280088a9664139f3aa180e6f2328201695f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a4fba9383e0638379a3e43d67f2664ac611337f93c7835b5225c619696ef474c
a7d8d4d0ac971f59345b73a988d9e621bf94f0b8e89a03388a8eec3342ed895e
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa85a1148f1d73bf2403db63de285ff8fddb70fee7e382c818beb7ea8a568f73
aaca769dd10d9165c778b7cc84e5c084febb77bcf38e32d468285684018673da
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acbb30fcc33a9c58f57efd3b4a0d7f04e2afe64d88c3f74b37e1c85f04c0ea90
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b032ed408addc320b41193f87997359459c055f376586c6afb87d032088f1d08
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b55cf6f004895c53bd2e283d9633df67a0fd981fd7955946835deeb49e6e1ab3
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
b5f3a48566b4e4ae542abdb7eb092921cc44c8579431f28a6576135d061b40f7
b660474ccc1f92a7110a037b4ea952b0b1237a676144c0442aa26783d8913efd
b7bff0367c655589f2e81add0d93cbc9c3d6a0763f7cf1b36eab013857406477
b873419c70b8ea89bcf56673a3010f24f9ea0b5fa2b3eee5bd82c2730b793ba7
b890e2fe66bddbfcf0aad772997478817d1ee529a7d79bc58d296a33a68970fa
b8d5f776e4123386b4b1154f341f4317b1165858ab1691ce6c03cf22fca7d1b1
b96a281629dda172e65bc95d10d589a71b4b45edf4ee68a6d326789c9f66ab9d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bdda5fd122f247d9ac522edad66dad0f5874fd9cedd384cb8a974558b28d6837
bddbf7e9ab14ce92ecc37640bf54fcb90d8a02da52d87ec12e252cfde4432e66
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be043850b7f70488af296a6e138e8fc8b0f131c7201f6f69710df4550f0ea167
bfaf67ed6eca07286602df369632af9c4f748a7fce71f9d059beaa8455090d5c
c17e4071ae3a93240ef40c4020dd872ff003bc7a08d17ff6c1ac19b3279ff1ad
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2f8db62be1de5d9a54a2631f8ba49d15b14953ea52212255736be9ff159bb30
c3ab4028d53f3f3c6e4303c9eaeb360c1b036bd755ce608216cb99539a1dee51
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c422fa92e1b9ce95b859aaa8626d4785d774a350703e7cbcdc5538ab65fc444f
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c6e041b95a4b73a36f6b3f5db69c0ff1d7e6bdfe8f9754537c5a971f912dd05e
c7832ebd6f5f5d0cf4edf2f59fecde879d5ff96ecc867382369f5b54c9bb3b6f
c88b748226e610c650313f48af58dac4f3c0d4b75a5364efabc3119648771f3f
c9475223d261be9fe8a3bde503acdc72b6f1c11e85a80a35967668a194009a67
c97bf9f445c187c1969234b63918560d519b9c88581620457efec0b4ee8bc9d3
c98c20916f12f74e43f885162eb285c213a978a45c76769a2517e4b8c6d4b1ae
ca16f812e3db2250581ea7917b1d480cb28f51e05f20bbf9a134cde4ffec3983
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e
cc486c7f61b888b656b69b9ae14f8726a9164bef4cd0663b350549f9500e7b2c
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06dfb9ba2818d82a6518c1e830da2fca0011c632452782d69dc372278a27556
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d234b4f283a0522104e4d9d96971db56b8d7f08e776734b9ec8b0ea3219afeed
d36e7e1bc34ce156418cb394e647511105f17a00d0487cf80a8efd22a0da3b03
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
d784d0651630fc713354c969ee338d657b78180c64316f788c073cfe09fd9407
d8785e4dc35b113c133137cddb644d17d9e1af63e4ecc4dfd9589fd1e62089bf
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8e963ef893f2af1b54a1601c05ad0b2f9755357f5ebfd762d7e09bc8f91cba2
d984e305de27e0e2a7163350108b77fc35af26a417570f43d8ad32033153f1f2
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da92990f76e53dc9937e5ba84e1b0b9efefc42cc4d3498a0c7179cc547d968bc
daf9c2ca70508348c1d7ba059a1206ccab4c8dcc59c864e5d2ac0684ddd0a515
db7a2a5604bda9c65ea872cb1cc6f963f4ba2c3cf561f30c448f092f78c2d93a
dce9f5afda30bc387f9f1090b155cbb90596e3c7c1374ea9e135b7184c8fc707
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
df163752b4d8bc41baf135afbe06f717396422d9ea0863fcdcaca6d8a66bce27
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e1623e1451248e9a54e49b3fbc7290db5e5e620756f4c8933efeece19abc5816
e1f33bea29d3a3031701b094adb902ff0e8609f9629c6bee9d9ee45bdfe78bdc
e23432edb82743800869821316f368d2dc290e0f50dc520155a42fce57db3b9c
e237eff9aa31f56802a5457bb48eb043c9123629a678ccf14371defe665a7281
e23d1ed62c982ac7ccbdbf25ce5289b23facf4631028e662b1b092f62332f4cd
e25f59db6454ed5cc5c86bd209333107ab12d55fa86a108f2224c2dcee7a09a8
e27e857900032d7dd09d063512b33a40e674d1051074b1892557c0d3ba49f651
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b239ae7efacc5732fa4ab49d6d1c45d8a5c06bdb182ad91ff2c75810f4ce6e
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6db94afe0a1449792d113b322bea941b8c64ee74fce98c6d7937aa1605dc801
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1338dfe4c9fde18f2d9affd03c0b7d6d5c8b7e681399921e88a1718b424b6e
eda6cbe188160d4a7aeb44bc9af6cc6b97a4e9f8a84758b59b439c5202d0342b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f133540c0c926d332f3c4758411cf619558bcae72e56fc2a061b120761d6a8e9
f14d591cc46e758d150bfa8852702eb90c83fdd5ccf2141e192d64313e7ec7f2
f165a9d06f5fa4a94dde100488e8932c15f31013058fe53aecf6828378b73035
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f4dc592dc5c6ef8b5aaa8a5ec8b68ee3be67c9fbd0e1a712d2fa08368b050e7a
f651a74a43587bb3459e2cadc705606e818c5d538a8101d5fe46603a837a5de0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f76e5c0b14c5f8a937cca611499f2594d63d6f1623f46a88a50bc9e16fb6c4c2
f782453376c8eafe4712af01d339385534774c44b0ebdb57ed5eadf96d49e859
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fe9570357a40091ba3ffbb2696a24cfaeb6cfcb8279446427f554c824f39b7d8
fe98ce32828ef7d35e8bc5477487855460c4b0d1b6c172e1cf8b57bd528fcaac
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
fffd7fc5ebaaa365061e242a63f7821daa6df68fea7970ca207f6ff2e2e7d503