urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.195.152.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.morningtonpeninsulaleader.com.au/
Effective URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Submission: On February 03 via manual from IN — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 12 countries across 89 domains to perform 410 HTTP transactions. The main IP is 23.195.152.111, located in Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 228348.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 15th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.69.249.4 16509 (AMAZON-02)
2 29 23.195.152.111 16625 (AKAMAI-AS)
1 11 23.195.152.191 16625 (AKAMAI-AS)
11 23.213.141.29 16625 (AKAMAI-AS)
1 151.101.194.217 54113 (FASTLY)
1 52.95.128.122 16509 (AMAZON-02)
2 142.251.10.132 15169 (GOOGLE)
3 34.160.169.226 15169 (GOOGLE)
1 199.36.158.100 54113 (FASTLY)
3 23.44.27.174 16625 (AKAMAI-AS)
4 23.213.140.211 16625 (AKAMAI-AS)
9 54.192.111.40 16509 (AMAZON-02)
2 13.35.8.74 16509 (AMAZON-02)
1 74.125.24.149 15169 (GOOGLE)
1 13.33.91.15 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 18.155.68.87 16509 (AMAZON-02)
2 18.213.217.104 14618 (AMAZON-AES)
2 151.101.129.175 54113 (FASTLY)
2 104.22.53.86 13335 (CLOUDFLAR...)
1 23.72.44.233 16625 (AKAMAI-AS)
12 74.125.24.156 15169 (GOOGLE)
3 13.33.79.24 16509 (AMAZON-02)
2 13.35.8.94 16509 (AMAZON-02)
2 172.64.101.9 13335 (CLOUDFLAR...)
2 96.17.72.42 20940 (AKAMAI-ASN1)
3 13.35.8.99 16509 (AMAZON-02)
4 13.35.8.51 16509 (AMAZON-02)
2 34.232.231.107 14618 (AMAZON-AES)
1 13.35.8.40 16509 (AMAZON-02)
1 15 52.88.128.19 16509 (AMAZON-02)
8 142.250.4.156 15169 (GOOGLE)
12 16 142.251.10.155 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
1 8 172.217.194.138 15169 (GOOGLE)
2 18.161.111.89 16509 (AMAZON-02)
6 162.19.138.83 16276 (OVH)
4 157.240.235.35 32934 (FACEBOOK)
4 52.63.107.165 16509 (AMAZON-02)
1 18.155.68.45 16509 (AMAZON-02)
1 13.33.88.28 16509 (AMAZON-02)
1 18.155.68.56 16509 (AMAZON-02)
9 18.140.11.26 16509 (AMAZON-02)
1 13.33.30.231 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 13.214.10.7 16509 (AMAZON-02)
1 13.35.8.13 16509 (AMAZON-02)
6 172.64.154.237 13335 (CLOUDFLAR...)
2 54.80.166.41 14618 (AMAZON-AES)
1 103.231.98.193 62713 (AS-PUBMATIC)
1 182.161.73.145 55569 (CRITEO-AS...)
4 9 104.254.148.251 29990 (ASN-APPNEX)
4 69.173.158.65 26667 (RUBICONPR...)
2 34.102.253.54 396982 (GOOGLE-CL...)
3 63.140.36.104 16509 (AMAZON-02)
1 1 13.228.154.11 16509 (AMAZON-02)
1 52.76.199.184 16509 (AMAZON-02)
2 10 52.46.128.147 16509 (AMAZON-02)
5 142.250.4.94 15169 (GOOGLE)
4 13.35.15.213 16509 (AMAZON-02)
3 6 142.251.12.149 15169 (GOOGLE)
5 7 104.254.151.120 29990 (ASN-APPNEX)
1 199.232.44.157 54113 (FASTLY)
1 42.99.140.160 4637 (ASN-TELST...)
1 142.251.12.97 15169 (GOOGLE)
2 151.101.65.108 54113 (FASTLY)
1 18.136.169.219 16509 (AMAZON-02)
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 142.251.12.155 15169 (GOOGLE)
8 11 69.173.158.64 26667 (RUBICONPR...)
1 13.33.88.96 16509 (AMAZON-02)
3 5 13.107.42.14 8068 (MICROSOFT...)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
4 15 15.197.193.217 16509 (AMAZON-02)
4 23.72.44.196 16625 (AKAMAI-AS)
2 3 104.18.33.19 13335 (CLOUDFLAR...)
1 1 199.127.207.188 26120 (RHYTHMONE)
4 142.250.4.155 15169 (GOOGLE)
2 2 18.140.27.177 16509 (AMAZON-02)
1 18.158.147.33 16509 (AMAZON-02)
7 142.251.12.105 15169 (GOOGLE)
2 142.251.12.94 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
1 1 3.213.18.11 14618 (AMAZON-AES)
1 50.112.50.233 16509 (AMAZON-02)
1 74.125.68.156 15169 (GOOGLE)
2 2 59.151.164.106 16625 (AKAMAI-AS)
9 74.125.24.101 15169 (GOOGLE)
6 6 52.74.13.196 16509 (AMAZON-02)
9 10 151.101.194.49 54113 (FASTLY)
2 17 139.5.84.243 27381 (CASALE-MEDIA)
4 104.69.39.62 16625 (AKAMAI-AS)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
6 103.231.98.194 62713 (AS-PUBMATIC)
2 103.231.98.196 62713 (AS-PUBMATIC)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
15 74.125.68.132 15169 (GOOGLE)
4 172.217.194.154 15169 (GOOGLE)
2 2 162.19.80.92 16276 (OVH)
2 2 34.96.71.22 396982 (GOOGLE-CL...)
2 2 70.42.32.31 22075 (AS-OUTBRAIN)
1 151.101.65.44 54113 (FASTLY)
1 74.118.186.44 26120 (RHYTHMONE)
1 1 8.43.72.98 26667 (RUBICONPR...)
2 3 185.84.60.30 198622 (ADFORM)
2 2 103.229.206.240 30419 (MEDIAMATH...)
8 67.199.150.86 3257 (GTT-BACKB...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 2 119.9.108.180 45187 (RACKSPACE...)
2 2 35.247.47.28 396982 (GOOGLE-CL...)
1 4 13.251.185.52 16509 (AMAZON-02)
1 67.220.228.200 16509 (AMAZON-02)
2 52.199.119.40 16509 (AMAZON-02)
1 172.64.151.162 13335 (CLOUDFLAR...)
2 2 13.113.223.36 16509 (AMAZON-02)
2 2 103.229.10.192 16509 (AMAZON-02)
1 1 52.220.229.2 16509 (AMAZON-02)
1 104.18.36.94 13335 (CLOUDFLAR...)
3 103.231.98.195 62713 (AS-PUBMATIC)
2 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
40 44.230.191.33 ()
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 139.162.38.30 63949 (AKAMAI-AP...)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 2 18.136.33.92 16509 (AMAZON-02)
2 3 107.178.244.193 15169 (GOOGLE)
3 3 35.213.12.39 ()
2 2 18.180.3.9 ()
2 2 89.207.22.76 ()
410 109
1    165.69.249.4 (Australia)

ASN16509 (AMAZON-02, US)
PTR: ip-165.69.249.4.news.com.au
www.morningtonpeninsulaleader.com.au
29    23.195.152.111 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
mhr.talk.news.com.au
content.api.news
11    23.195.152.191 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-191.deploy.static.akamaitechnologies.com
tags.news.com.au
11    23.213.141.29 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-141-29.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    52.95.128.122 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
2    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com
3    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
3    23.44.27.174 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-27-174.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.213.140.211 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-140-211.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
9    54.192.111.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-111-40.mrs52.r.cloudfront.net
static.adsafeprotected.com
2    13.35.8.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-74.sin5.r.cloudfront.net
assets.vidora.com
1    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
ad.doubleclick.net
1    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net
au.tags.newscgp.com
2    18.213.217.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-217-104.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.129.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.72.44.233 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-233.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
12    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
securepubads.g.doubleclick.net
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
2    13.35.8.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-94.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
check.analytics.rlcdn.com
2    172.64.101.9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    96.17.72.42 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-72-42.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    13.35.8.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-99.sin5.r.cloudfront.net
cdn-gl.imrworldwide.com
4    13.35.8.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-51.sin5.r.cloudfront.net
au-script.dotmetrics.net
2    34.232.231.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-231-107.compute-1.amazonaws.com
ping.chartbeat.net
1    13.35.8.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-40.sin5.r.cloudfront.net
cdn.adsafeprotected.com
15    52.88.128.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-128-19.us-west-2.compute.amazonaws.com
dpm.demdex.net
newscorpau.demdex.net
8    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
pagead2.googlesyndication.com
www.googleadservices.com
16    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    172.217.194.138 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f138.1e100.net
news.google.com
2    18.161.111.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-89.mrs52.r.cloudfront.net
geo.privacymanager.io
6    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
id5-sync.com
4    157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
4    52.63.107.165 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-63-107-165.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.155.68.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-45.sin52.r.cloudfront.net
ncg.tags.news.com.au
1    13.33.88.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-28.sin2.r.cloudfront.net
au.audience.newscgp.com
1    18.155.68.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-56.sin52.r.cloudfront.net
rm-script.dotmetrics.net
9    18.140.11.26 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    13.214.10.7 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-10-7.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    13.35.8.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-13.sin5.r.cloudfront.net
6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828.nuid.imrworldwide.com
6    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
2    54.80.166.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-166-41.compute-1.amazonaws.com
mfad.inskinad.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
9    104.254.148.251 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
3    63.140.36.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-104.data.adobedc.net
metrics.heraldsun.com.au
edge.adobedc.net
1    13.228.154.11 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-154-11.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    52.76.199.184 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-199-184.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
10    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
www.gstatic.com
4    13.35.15.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-15-213.sin5.r.cloudfront.net
js.adsrvr.org
6    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
8228261.fls.doubleclick.net
7    104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    199.232.44.157 (Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    42.99.140.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-160.pacnet.net
snap.licdn.com
1    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    18.136.169.219 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-169-219.ap-southeast-1.compute.amazonaws.com
pixel.mediaiqdigital.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
2    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
googleads.g.doubleclick.net
11    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    13.33.88.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-96.sin2.r.cloudfront.net
cdn.linkedin.oribi.io
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
15    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
4    23.72.44.196 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
3    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum.casalemedia.com
1    199.127.207.188 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
4    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
adservice.google.com
2    18.140.27.177 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    18.158.147.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-147-33.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
7    142.251.12.105 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f105.1e100.net
www.google.com
2    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.google.com.au
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    3.213.18.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-18-11.compute-1.amazonaws.com
usermatch.krxd.net
1    50.112.50.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-50-233.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
adservice.google.com.au
2    59.151.164.106 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a59-151-164-106.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
9    74.125.24.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f101.1e100.net
play.google.com
6    52.74.13.196 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
10    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
17    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    104.69.39.62 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-39-62.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
6    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    103.71.26.125 (Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
15    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
tpc.googlesyndication.com
4    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
www.googletagservices.com
2    162.19.80.92 (France)

ASN16276 (OVH, FR)
PTR: ns3011863.ip-162-19-80.eu
gu.dyntrk.com
2    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    74.118.186.44 (Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    185.84.60.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
4    13.251.185.52 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-185-52.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    52.199.119.40 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-119-40.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    13.113.223.36 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-223-36.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
3    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
40    44.230.191.33 (None, )

ASN- ()
dt.adsafeprotected.com
1    18.138.18.111 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    139.162.38.30 (Singapore)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1451-30.members.linode.com
gocm.c.appier.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    18.136.33.92 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-33-92.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
3    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
3    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
2    18.180.3.9 (None, )

ASN- ()
pool.admedo.com
2    89.207.22.76 (None, )

ASN- ()
pubmatic-match.dotomi.com
Apex Domain
Subdomains		 Transfer
59 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 616
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3046
pixel.adsafeprotected.com — Cisco Umbrella Rank: 716
dt.adsafeprotected.com
409 KB
37 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 184
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 225114
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
207 KB
28 google.com
news.google.com — Cisco Umbrella Rank: 5696
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 16
69 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 472
ssum.casalemedia.com — Cisco Umbrella Rank: 1332
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
dsum.casalemedia.com — Cisco Umbrella Rank: 1385
18 KB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450
image5.pubmatic.com — Cisco Umbrella Rank: 88498
ads.pubmatic.com — Cisco Umbrella Rank: 463
image2.pubmatic.com — Cisco Umbrella Rank: 872
image6.pubmatic.com — Cisco Umbrella Rank: 733
simage2.pubmatic.com — Cisco Umbrella Rank: 665
simage4.pubmatic.com — Cisco Umbrella Rank: 1166
image4.pubmatic.com — Cisco Umbrella Rank: 941
25 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
245 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 454
token.rubiconproject.com — Cisco Umbrella Rank: 548
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
eus.rubiconproject.com — Cisco Umbrella Rank: 537
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1079
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2706
32 KB
22 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 228348
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
444 KB
19 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1411
match.adsrvr.org — Cisco Umbrella Rank: 304
insight.adsrvr.org — Cisco Umbrella Rank: 595
17 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 409
acdn.adnxs.com — Cisco Umbrella Rank: 534
37 KB
15 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
newscorpau.demdex.net — Cisco Umbrella Rank: 118427
19 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 291
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 488
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902
60 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 56451
mhr.talk.news.com.au — Cisco Umbrella Rank: 848387
ncg.tags.news.com.au — Cisco Umbrella Rank: 156867
235 KB
11 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1000
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
2 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 101228
83 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
4 KB
9 api.news
content.api.news — Cisco Umbrella Rank: 56230
223 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2717
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7521
6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828.nuid.imrworldwide.com
67 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 948
id5-sync.com — Cisco Umbrella Rank: 389
38 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 127332
au.pixel.newscgp.com — Cisco Umbrella Rank: 157309
au.audience.newscgp.com — Cisco Umbrella Rank: 172017
49 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
www.linkedin.com — Cisco Umbrella Rank: 575
3 KB
5 gstatic.com
www.gstatic.com
119 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 763
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3935
idsync.rlcdn.com — Cisco Umbrella Rank: 349
2 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 48793
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5487
21 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
193 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 730
gum.criteo.com — Cisco Umbrella Rank: 388
dis.criteo.com — Cisco Umbrella Rank: 696
7 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
344 B
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2460
bs.serving-sys.com — Cisco Umbrella Rank: 1522
lm.serving-sys.com — Cisco Umbrella Rank: 2229
27 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 974
25 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 412
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 568
1 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24436
adservice.google.com.au — Cisco Umbrella Rank: 75048
1 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3789
geo.privacymanager.io — Cisco Umbrella Rank: 1665
53 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4140
udc-neb.kampyle.com — Cisco Umbrella Rank: 2002
88 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 98127
21 KB
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 admedo.com
pool.admedo.com
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 757
853 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
1006 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 470
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 577
cdn.indexww.com — Cisco Umbrella Rank: 1508
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1110
856 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 718
879 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 512
1 KB
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2151
718 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1019
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 660
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 417
499 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 545
stags.bluekai.com — Cisco Umbrella Rank: 496
941 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1360
beacon.krxd.net — Cisco Umbrella Rank: 581
529 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 647
57 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1008
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1147
ad.turn.com — Cisco Umbrella Rank: 748
827 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3445
632 B
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 22852
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1097
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1314
694 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1217
401 B
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3195
18 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 18673
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
136 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 16746
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 160314
3 KB
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1898
395 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 28614
653 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2556
746 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4294
390 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
99 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 639
380 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 28852
698 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 623
397 B
1 t.co
t.co — Cisco Umbrella Rank: 531
377 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814
377 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 6808
831 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 11194
58 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 167
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
50 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 707
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 625
15 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
2 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 21149
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1457
24 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 188438
2 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 358
1 KB
1 amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5410
7 KB
1 morningtonpeninsulaleader.com.au
www.morningtonpeninsulaleader.com.au
273 B
410 89
Domain Requested by
40 dt.adsafeprotected.com
19 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
17 dsum-sec.casalemedia.com 2 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 cm.g.doubleclick.net 12 redirects www.heraldsun.com.au
eus.rubiconproject.com
14 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
13 match.adsrvr.org 4 redirects js.adsrvr.org
ssum-sec.casalemedia.com
eus.rubiconproject.com
12 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 sync-tm.everesttech.net 9 redirects ads.pubmatic.com
10 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
9 play.google.com www.gstatic.com
9 ib.adnxs.com 4 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
9 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
9 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
9 content.api.news www.heraldsun.com.au
8 simage2.pubmatic.com ads.pubmatic.com
8 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
7 www.google.com www.heraldsun.com.au
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 secure.adnxs.com 5 redirects www.heraldsun.com.au
7 pagead2.googlesyndication.com ad.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
6 pixel.rubiconproject.com 3 redirects www.heraldsun.com.au
eus.rubiconproject.com
6 ups.analytics.yahoo.com 6 redirects
6 8228261.fls.doubleclick.net 3 redirects www.heraldsun.com.au
5 ssum-sec.casalemedia.com s.amazon-adsystem.com
ssum-sec.casalemedia.com
tags.news.com.au
js-sec.indexww.com
5 token.rubiconproject.com 5 redirects
5 www.gstatic.com news.google.com
www.gstatic.com
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 www.googletagservices.com securepubads.g.doubleclick.net
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 adservice.google.com 8228261.fls.doubleclick.net
securepubads.g.doubleclick.net
4 px.ads.linkedin.com 2 redirects www.heraldsun.com.au
eus.rubiconproject.com
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 fastlane.rubiconproject.com tags.news.com.au
4 id5-sync.com tags.news.com.au
cdn.id5-sync.com
www.heraldsun.com.au
4 au.pixel.newscgp.com au.tags.newscgp.com
4 www.facebook.com www.heraldsun.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 x.bidswitch.net 3 redirects
3 pixel.tapad.com 2 redirects
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 pubmatic-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 sync.crwdcntrl.net 1 redirects
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 simage4.pubmatic.com ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 prebid-a.rubiconproject.com tags.news.com.au
2 um.simpli.fi 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pippio.com 2 redirects
2 sync.mathtag.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 s.company-target.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 image6.pubmatic.com ads.pubmatic.com
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 static.criteo.net tags.news.com.au
static.criteo.net
2 www.google.com.au www.heraldsun.com.au
2 insight.adsrvr.org js.adsrvr.org
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 metrics.heraldsun.com.au tags.news.com.au
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
1 image4.pubmatic.com
1 dis.criteo.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 cm.ambientdsp.com 1 redirects
1 udc-neb.kampyle.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 ad.turn.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 tags.rd.linksynergy.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 sync.1rx.io www.heraldsun.com.au
1 trc.taboola.com www.heraldsun.com.au
1 stags.bluekai.com 1 redirects
1 check.analytics.rlcdn.com tags.news.com.au
1 tags.bluekai.com 1 redirects
1 94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com.au securepubads.g.doubleclick.net
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 lm.serving-sys.com secure-ds.serving-sys.com
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 d.turn.com 1 redirects
1 edge.adobedc.net cdn1.adoberesources.net
1 pixel.mediaiqdigital.com www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828.nuid.imrworldwide.com www.heraldsun.com.au
1 api.rlcdn.com tags.news.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.jsdelivr.net tags.news.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 cdn.adsafeprotected.com tags.news.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 cdn.ampproject.org www.heraldsun.com.au
1 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 www.morningtonpeninsulaleader.com.au 1 redirects
410 153
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-15 -
2024-01-14		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
bedsberry.com
R3		 2023-01-30 -
2023-04-30		 3 months crt.sh
web.app
GTS CA 1D4		 2022-12-19 -
2023-03-19		 3 months crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.vidora.com
Amazon		 2023-01-11 -
2024-02-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-12 -
2023-02-10		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-12-26 -
2024-01-23		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
*.brandmetrics.com
GTS CA 1P5		 2023-01-12 -
2023-04-12		 3 months crt.sh
secure-ds.serving-sys.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-05-27		 4 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
mfad.inskinad.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-12-11 -
2023-03-11		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
lm.serving-sys.com
Amazon		 2023-01-16 -
2024-02-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh

This page contains 62 frames:

Primary Page: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Frame ID: C2C346DC12ACC51B8D1C1EB498DFAEDE
Requests: 198 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=s_AJmKJ4zZaxESicuQBJsVibOhc1S8vl&nonce=7~AEmVqoSeqrUK.4DnEn9mMfjmYl-CdB&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMC4wIn0%3D
Frame ID: C6383D6E416FDAC9110BB56F40C5F3E6
Requests: 3 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 05B00BE1C203E1BDC08ED18141EF2498
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 3BE7C8D5DC30DA38223EB7BBCB234E8F
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: EB38E81CA5B70A84A72D4065D2BCEA9B
Requests: 22 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
Frame ID: 3728438B58A4D6958FF2AB1B0A88D204
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 4ED9EF69544A26F2AFA44F409A6461F8
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F8C5FAAB88D3F581A45DC11CAACCFD55
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812
Frame ID: 6686829EAFC6CAECD232C00D73E94F77
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07
Frame ID: 21E973CC83A21728D188C37194765A7C
Requests: 2 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1274268%26seg%3D22404526%26t%3D1
Frame ID: 3740DB49E69509C25D021C8B9344BF17
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: B81F31A2D95DAA3670C659EF846142F9
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: BA364ABC879B771078AA617E75F792B4
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: DD94827B7703E3C83C2FFF29C1D1E346
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 4E609FEE9A1F316C17EA91D9FC0CCE2C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 46C712EFA87D46CC7D571CA0C872682D
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424
Frame ID: 05EA9C0414163C2B54C0D2569891F11A
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 7681160CEDD9CF4FB89CD854A034ACD7
Requests: 4 HTTP requests in this frame

Frame: https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=4284035433158298916
Frame ID: 83DB5F651C29225EDB3D50D1CD145B3D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&upid=trk7f24&upv=1.1.0
Frame ID: B51E984BF19BBB604DD6E7DF5D28EBAA
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&upid=ekg5qxt&upv=1.1.0
Frame ID: EEB706069D0F6CE73C61A5DD0DF10C1D
Requests: 2 HTTP requests in this frame

Frame: https://94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 07B6E53EA282E15A3BA82A604D733756
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
Frame ID: A6E8BCCE306DAC7F247A382E19CCB45A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: A363E846181956E5089CE614D848F687
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
Frame ID: F3B68BA6F78C348A9BAEE6B0AE177FA6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: CC77EF1E9D04540CDB076835953C180E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
Frame ID: 9A53FBCDE29C1643F604D5CE65E9AC08
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 9494AB64C247ACAF5C3A494BD4FDD03E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
Frame ID: 2F7FEB08DEF7193C2C28C5ECC2C439BE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: BF66DB031BB130C363EF747BFBE8A41F
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 7604C17B1D793C6EB0DB7E34178FE924
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 91FEEA13A8B162B65282097184EE665A
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1gs-MWX5tNr0EYmef_dx3a8BZ14VoHZcLCkKTiamYW6H-fNx94hk2ryojh9SfqPy7grgFUbodqZvQcDTlDSpbuZLNttSF9aw_BX0CVzjC5NPzl3OGZVTraJGBzxgNFwQNrqUpQhZS_2Y0wz1aYY6Fcxy9rMdmCPc5PZ-VRKHwzuV4Bplk4C6dg9CnoLbwYcK6oOkY6LtPbU5AODd_BP8iaRwEWcrdLO7bjD6q1ewzujfzCTxuev6P7hOmVJNwtaSOcrQHRigm83cD4bJNWyRVW_2O0fphtM-0Su-96PjCMdhm9v1IhG-2F64_YW_c6NW7_R1iC-d_pOWhlWuF&sai=AMfl-YSaDKeyvxvnhUyufkLOlRJSbVyhayYzRYL9cnDZ3vmInZap34rSGjIks0D1a3Q7bgjkRy2Nb4uXRG3QV5Xl_dgi1vQQT_ChmjsPobhhCPjHbunN6Sbr4zp-z29FCA&sig=Cg0ArKJSzDPedv1C6Bp1EAE&uach_m=[UACH]&adurl=
Frame ID: 363D3354026C5CCC84ED33F3A1ED7449
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNRk7xvP8UWDNnS2vMHIMldEo_K6Mn2jqCsjTq7J_iSbELFWqgx1_DwgF2I5okIWwBMIvCAWvMrpgvT1uL-SnjkqRIMexw43uWkPnW5UMxqsQap0BhWfJmyDmeXxJwpER8ubl5MGIZMICXodnB0zwLcZ_MJpP42B01mgGHRKHq1-DKN9GO-UcDFdMP0wjh0ZsWNCIRH3YnJPVtZVbudTQAp6ZPhCnvWPA5fTnSgphEyFJVyYh42VubnxFeS15OZ9B2bvsHyGO4xqJZbeZ6hDdpsKmBFR2BBlPDDMYTaJQUaWKR125GwJbMR8Ce0RtMCDjaULiEMt-LUZ8yH4UL&sai=AMfl-YTsRDurzBPGKsivuujz0gHj5cAHoC_A50I9itufm3mKV4umt65XvYiVKHxfIKwf400I1XJQc2pCtsjxcmsS6J-EDLimemZUAwsr04RldPVfFSrNMgA3D6YYLhwh9Q&sig=Cg0ArKJSzJnoIYvNKwkoEAE&uach_m=[UACH]&adurl=
Frame ID: 83F1D73ADD2CD62289571073347A2EDB
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugrZZpA7svG3JLuPwKoZLNB93bIwDNgupgJwb4sCHQ3ojGdF_mhbKl_zCQIPL6O4tYNWaSUDhy_7LKw8abFQHZQNAwZbu2Z2Yi5KTuOYem0Fs7riwnvWX4cpf5sVT90gLEIbjks_eh1hDRMy8gcLdGfFNIatAtTRfKux0TaYKDtTACcQY0SvRwgumNNscdYEfsN-mqez-4GnJ801nABEZaPDr5uTKaq3xt-m3pZevmo_KXcsAtiFiNJXwLdqftS0ieI5yw3Fk7Bp7P1I2DqS-tA6Y4_Pn1d2kizKNx2I0oexi71eaE8HbVBfOvQ1_BI23h6fVl_WqI6QErmagV&sai=AMfl-YSe5K3sxvQWPWZuC6G7sZjI993vPw6k5U_G9M7spUj1LpMhXTZ4A7av1zkGWM387sxX9OY7X_CtQKV6v--6-jnJapWsJyKUDpLf6-JoX-7pMYginO6pY9aXTkbR9Q&sig=Cg0ArKJSzHZECRDAeKIYEAE&uach_m=[UACH]&adurl=
Frame ID: 1CBD50F6320010D3B52C63F62AAAB46C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC3oGV7RDM_8F62mgt2P53_9CY9tfKU9nWLKNZY24MqdJ3axB4_Lqd65_l1JQcNJ0AHwulcyTQrKGQ9eDfe7A90HHghdli1rVdQcxh3XieZfqrSis6Y6FfIZMDOf_qnctTYA0jbR_41k_iRe-vX56o6CHaOlbMeKmvYvlS5ll-B2icFCrFMpp_h71yrykFQBdesDNqgpLEcwIS36RFh5KQrtX22xqQHny7Q2gNHgNK23kNj8I7ZW_8L0b3EGgzlHd7KE2VtskEKAbeaIw-JubutOdSU_sn_pIFDHH96AbeyytD3RccFkJh3Y3OYeK-bpBdQaoLdi5eWqTfMx8V&sai=AMfl-YTV_7wyJQokauKMTBVTcmaQOu_LYp1Yr8V31UQm-_2PthZ9c2REz3qeNTJs5Ho740wNRUPnPx6OY9MMm5IL9ZRSyrW2UubSRv8NzhGIfgkNGbGZEe3OV85ZUxLLyA&sig=Cg0ArKJSzHA-aFYWSjX7EAE&uach_m=[UACH]&adurl=
Frame ID: A93D449F181861F81F067DABADF31A2C
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
Frame ID: 4F11608350D9C18BF474798E8B3DEAFA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a6963dc-7358-4000-aeab-37894c329096&gdpr=0&gdpr_consent=
Frame ID: FD4CE52395A94199F107F7A47DE14627
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID586903E1-4ECA-4930-A45D-87D4977133F6
Frame ID: AD5E10021EF09B03ED034887023C03B3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1CB4787EE9377B43CCC335D9FC53C9DE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 6E987C3485B1214B19AB0B147887C903
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0B7E8B14DC4C9E96D0765A559A6A231A
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 846E7CB0E4B153DDD6B113C4ED8F4E0B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 80D31234F0FED97E5148355A0F02F3E1
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 109FF0FA586B19FE8D8B334A49A20D19
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138419571206&pubOrder=2553375348&cb=154297514&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88d-a36b-11ed-8f23-0679fa08ad36
Frame ID: E8BE296C680D6557A116771AEA3A5AB4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5083943881&pubCreative=138419571206&pubOrder=2553375348&cb=1801925643&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88e-a36b-11ed-8f23-0679fa08ad36
Frame ID: 134D47EAEF4D256CBF248B652C49C961
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=1629182692&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88b-a36b-11ed-8f23-0679fa08ad36
Frame ID: 7C94CEE913761224693F361F82BD3614
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629775&pubOrder=2553375348&cb=1972135267&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88c-a36b-11ed-8f23-0679fa08ad36
Frame ID: 85D1B7D13821A11BA8B6E526EA6C794E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 2059BCA176CD99A528463F06E83AC706
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B18C82539D14E58D3B45B26437ED0481
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 976984C9ABF68C65FD3AE22B9822C6D7
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8185F584DE5D422CD38300AFFBA03D48
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: CE7AFEF10111406F04295ED495D3E5E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1310738631785163303&gdpr=0&gdpr_consent=
Frame ID: 861E812A176F3196E6D28603A564D3A8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb
Frame ID: B509F2E5744356E529152B0FB70219EE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yt78evvt5vl
Frame ID: 959569A1A685731E2F980E09E34FA640
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cykl-2kABf6M9Y7ZXHPcYw
Frame ID: 3E91B0BBC38E82195BA93F0DE675C1E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 20B0C4A7621ADFC9DAC21E31C0D210AF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C4C8332EAF3F11B87FAA7D151B8F97F5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2F6C0FF9DEE7AD30E9EB1930278DDB8D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BCEC08FABBF56487A013C52E51195F91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

South east | Leader Newspapers South East Melbourne | Local Community News VIC | Moorabbin Leader | Dandenong Leader | Berwick Leader | Cranbourne Leader | Herald Sun

Page URL History Show full URLs

  1. http://www.morningtonpeninsulaleader.com.au/ HTTP 301
    http://www.heraldsun.com.au/leader/south-east HTTP 301
    https://www.heraldsun.com.au/leader/south-east HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2flead... HTTP 302
    https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

410
Requests

84 %
HTTPS

0 %
IPv6

89
Domains

153
Subdomains

109
IPs

12
Countries

3212 kB
Transfer

9073 kB
Size

172
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.morningtonpeninsulaleader.com.au/ HTTP 301
    http://www.heraldsun.com.au/leader/south-east HTTP 301
    https://www.heraldsun.com.au/leader/south-east HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fsouth-east&1675391817564887142 HTTP 302
    https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1675391827202 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1675391827202
Request Chain 128
  • https://cm.everesttech.net/cm/dd?d_uuid=63627653486276301132881381696468829956 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9xzVQAAAFcgHgNW
Request Chain 133
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
Request Chain 138
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 144
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812
Request Chain 145
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07
Request Chain 146
  • https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1274268%26seg%3D22404526%26t%3D1
Request Chain 152
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424
Request Chain 154
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1297269%26seg%3D22449553%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253D%25pu1%3D%21%3B%2526pixel_id%253D1297269%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=4284035433158298916
Request Chain 155
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Request Chain 157
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1945658433220457059
Request Chain 160
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7854299086110410743
Request Chain 163
  • https://token.rubiconproject.com/token?pid=6404&puid=63627653486276301132881381696468829956&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LDNX1D2B-18-A6AV?gdpr=0
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjM2Mjc2NTM0ODYyNzYzMDExMzI4ODEzODE2OTY0Njg4Mjk5NTY= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHNe5y0d5Win_SleknkvTXo&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 166
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1675391829964%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fsouth-east%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&cookiesTest=true&liSync=true
Request Chain 169
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3cf35ab1-8e56-4a5c-905a-a885064eef9f
Request Chain 171
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688
Request Chain 173
  • https://dt.scanscout.com/ssframework/uid?UIAA=63627653486276301132881381696468829956&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-3f28078e36008389a565d193b038506f
Request Chain 180
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=63627653486276301132881381696468829956&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=63627653486276301132881381696468829956&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 188
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=63627653486276301132881381696468829956 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=63627653486276301132881381696468829956
Request Chain 195
  • https://tags.bluekai.com/site/43981?id=63627653486276301132881381696468829956&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 199
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
Request Chain 200
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2NmMzVhYjEtOGU1Ni00YTVjLTkwNWEtYTg4NTA2NGVlZjlm&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
Request Chain 202
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTl4elZRQUFBRmNnSGdOVw==
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2NmMzVhYjEtOGU1Ni00YTVjLTkwNWEtYTg4NTA2NGVlZjlm&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
Request Chain 207
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 208
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y9xzVQAAAFcgHgNW&expires=90
Request Chain 210
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
Request Chain 219
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y9xzVQAAAFcgHgNW
Request Chain 223
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9xzVQAAAFcgHgNW HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y9xzVQAAAFcgHgNW
Request Chain 224
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9xzVQAAAFcgHgNW
Request Chain 227
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9xzVQAAAFcgHgNW&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9xzVQAAAFcgHgNW&img=1&__user_check__=1&sync_id=a9feaddc-a36b-11ed-8c60-183e48c20407
Request Chain 253
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9xzVQAAAFcgHgNW&t=2592000&o=0
Request Chain 259
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9xzVjypQMGwTbWOCYVRUwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
Request Chain 260
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
Request Chain 261
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_63dc7358654ed&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_63dc7358654ed
Request Chain 262
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030231&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
Request Chain 263
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=JFO7CKyELK9z7Bd1IC8u&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSGJ43UGS3ZIVGEWOL2G5BGIMKJIM4HK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSGJ43UGS3ZIVGEWOL2G5BGIMKJIM4HK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JFO7CKyELK9z7Bd1IC8u
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
Request Chain 268
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LDNX1D2B-18-A6AV HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LDNX1D2B-18-A6AV&ex=d-rubiconproject.com&status=ok
Request Chain 269
  • https://c1.adform.net/serving/cookie/match?party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
Request Chain 270
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a6963dc-7358-4000-aeab-37894c329096&gdpr=0&gdpr_consent=
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WGkD4U7KSTCkXYfUl3Ez9g%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 273
  • https://idsync.rlcdn.com/420486.gif?partner_uid=586903E1-4ECA-4930-A45D-87D4977133F6 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU4NjkwM0UxLTRFQ0EtNDkzMC1BNDVELTg3RDQ5NzcxMzNGNhAAGg0I2ObxngYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=81b8e5131b4eea1f2779544f6e187f19913e9cb5325ac5faa90d2b62d6c39cda791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4MWI4ZTUxMzFiNGVlYTFmMjc3OTU0NGY2ZTE4N2YxOTkxM2U5Y2I1MzI1YWM1ZmFhOTBkMmI2MmQ2YzM5Y2RhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2ObxngYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4MWI4ZTUxMzFiNGVlYTFmMjc3OTU0NGY2ZTE4N2YxOTkxM2U5Y2I1MzI1YWM1ZmFhOTBkMmI2MmQ2YzM5Y2RhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2ObxngYSBAgCEABCAEoA&google_gid=CAESELDeXOg7c-U3j2P67jgRvFs&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=77e79ac4-5b67-4f28-a5fe-8228af8712ea
Request Chain 274
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=586903E1-4ECA-4930-A45D-87D4977133F6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=586903E1-4ECA-4930-A45D-87D4977133F6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTg2OTAzRTEtNEVDQS00OTMwLUE0NUQtODdENDk3NzEzM0Y2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPlbB0tni21uNV-y8Ki0Qbs&google_cver=1
Request Chain 277
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FE14D36BE24459E9346A9CA2266418E
Request Chain 279
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKxAsci2B7HWcKwvr_M6d10&google_cver=1
Request Chain 281
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNX1D2B-18-A6AV
Request Chain 283
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/lNHMgMl0DrHAXrcnV7NcPMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3HKEH4dE2oLATsh7tCWrYHKPhFazCb89jah70w--~A
Request Chain 285
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROWDFEMkItMTgtQTZBVg==
Request Chain 286
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7Hzf4G74TeiQ_zLK6GoBmQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Hzf4G74TeiQ_zLK6GoBmQ
Request Chain 287
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjA3ODRhMjRkYzNjNjUyNmYyMjc2NWFhMzk4YWQxOTUzN2M5Mjk3Zg
Request Chain 299
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=1310738631785163303
Request Chain 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9xzVjypQMGwTbWOCYVRUwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
Request Chain 305
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030232&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
Request Chain 306
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7854299086110410743
Request Chain 307
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
Request Chain 308
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a6963dc-7358-4000-aeab-37894c329096
Request Chain 313
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1310738631785163303
Request Chain 314
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADSUU7HuOcAACCIBTRpRw&expiration=1676601434
Request Chain 315
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7FE14D36BE24459E9346A9CA2266418E
Request Chain 316
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=zggd1M8ITI7VAk7Sy1lUhJwISoPVWBqDmwkkGDur
Request Chain 317
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=11yc4ck14x5i
Request Chain 318
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1310738631785163303
Request Chain 356
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1310738631785163303&gdpr=0&gdpr_consent=
Request Chain 357
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb
Request Chain 358
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yt78evvt5vl
Request Chain 359
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cykl-2kABf6M9Y7ZXHPcYw
Request Chain 360
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 361
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=&ct=y
Request Chain 362
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=586903E1-4ECA-4930-A45D-87D4977133F6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=586903E1-4ECA-4930-A45D-87D4977133F6 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=44adb3dd-c7ab-4469-9311-10a043e9e32f%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3cf35ab1-8e56-4a5c-905a-a885064eef9f&ttd_puid=44adb3dd-c7ab-4469-9311-10a043e9e32f%2C%2C
Request Chain 363
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=586903E1-4ECA-4930-A45D-87D4977133F6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6UYTmoxE2uXIFh6jqZFWwFL59Zuoe7c-~A&gdpr=0
Request Chain 364
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1408194508254203637
Request Chain 365
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=71b85244-c29a-4ecf-8818-a68eb80fa622&user_group=1&ssp=pubmatic&bsw_param=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 366
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5ee483af5d9b2050&is_secure=true&networkId=17100&version=1&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALetRKwDrvewNLC5yEAAAAAAA&expiration=1675478237&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&is_secure=true&gdpr_consent=&gdpr=0

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request south-east
www.heraldsun.com.au/leader/
Redirect Chain
  • http://www.morningtonpeninsulaleader.com.au/
  • http://www.heraldsun.com.au/leader/south-east
  • https://www.heraldsun.com.au/leader/south-east
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fsouth-east&1675391817564887142
  • https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
392 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
e9c8af6755216f945f88eca733d513e7b44eda285fa6498eee4d25921427e5bf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 02:37:04 GMT
expires
Fri, 03 Feb 2023 02:37:04 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 401501 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fsouth-east%3fnk%3d9375a80c72660dfec484bc0ddce70d4e-1675391818&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=south-east&session=9375a80c72660dfec484bc0ddce70d4e
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Fri, 03 Feb 2023 02:36:58 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
expires
Fri, 03 Feb 2023 02:36:58 GMT
location
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
x-akamai-ssl-client-sid
/I3YZGLnJLG19AuXwAJuwQ==
x-check-cacheable
NO
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:05 GMT
date
Fri, 03 Feb 2023 02:37:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
kix1 0 2 9980
last-modified
Tue, 06 Dec 2022 05:08:17 GMT
server
nginx
etag
W/"638ece41-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:05 GMT
date
Fri, 03 Feb 2023 02:37:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
kix1 0 2 9980
last-modified
Tue, 06 Dec 2022 05:08:16 GMT
server
nginx
etag
W/"638ece40-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:08 GMT
date
Fri, 03 Feb 2023 02:37:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt1 0 2 9980
last-modified
Thu, 15 Dec 2022 03:27:23 GMT
server
nginx
etag
W/"639a941b-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=4
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3G5Z8W8S6XCGAJAW
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=588508
accept-ranges
bytes
content-length
11472
x-amz-id-2
5hJLgpae4q57NtXmkIIBukgNtMLxXf2G2hlg/JvBhZjVllnPyAQT/yjTRNG8rwUxM3FqVmPgy/w=
expires
Thu, 09 Feb 2023 22:05:33 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
9C1C4X40N5H09Z71
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=312439
accept-ranges
bytes
content-length
12052
x-amz-id-2
+aFaQdffQ0OBBFm/WRxvit3h2R6GUbuYonTsHay6C8Dh+dbXfQ9n8oZVXmyU7BqYUycPkIiERlc=
expires
Mon, 06 Feb 2023 17:24:24 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
XE608XH2JQPY9M4C
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=315788
accept-ranges
bytes
content-length
12440
x-amz-id-2
xtS5X8zqfRWWlpi1B3sMWw57xMMm9nFysXQEZ0JUxoJkfCtrYy1ppxityt7bve71Sq+vT1Cfeko=
expires
Mon, 06 Feb 2023 18:20:13 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
557EF55A0E2EF4F3
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=78670
accept-ranges
bytes
content-length
11372
x-amz-id-2
rFcqAk8CMK9Ormi8VyyklHnwcm0+MUWspDv0GoxasX4W3L+KcOOfrpLs37nfx5eXFqS2iNFopW0=
expires
Sat, 04 Feb 2023 00:28:15 GMT
lux.js
cdn.speedcurve.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
3
date
Fri, 03 Feb 2023 02:37:05 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
92746
x-cache
HIT
content-length
7152
x-served-by
cache-fty21338-FTY
last-modified
Thu, 02 Feb 2023 00:51:19 GMT
server
Apache
x-timer
S1675391825.372202,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Feb 2023 00:51:19 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:05 GMT
date
Fri, 03 Feb 2023 02:37:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
nrt1 0 2 9980
last-modified
Thu, 15 Dec 2022 04:18:38 GMT
server
nginx
etag
W/"639aa01e-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:31 GMT
date
Fri, 03 Feb 2023 02:37:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2967
x-rq
nrt1 0 2 9980
last-modified
Thu, 08 Dec 2022 06:56:52 GMT
server
nginx
etag
W/"63918ab4-1d74"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=27
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
49e759ba
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/49e759ba
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3a2bfeffec6c30f62dcd1308aa925ca3f364948fed41dd6fb6beac2ee0af3d6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:05 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Fri, 03 Feb 2023 02:37:05 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/leader/south-east
x-opw
4
content-length
8760
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"31fe72044464c49454449aa5bb2d4579a8eb905308717171deeec39f2eae6643"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f49e759ba&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=49e759ba&session=9375a80c72660dfec484bc0ddce70d4e
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 27 Feb 2023 07:37:31 GMT
date
Fri, 03 Feb 2023 02:37:04 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 02:13:33 GMT
server
nginx
etag
W/"638d53cd-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2091627
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
M8B487TGJQBP2C93
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=224913
accept-ranges
bytes
content-length
16112
x-amz-id-2
Xn9aIYCPQERFSd3fKxZtLWsTStzWeewiHmHlzOfzS6A70Tg4zcTITrmT7OAi+kTRsOwMx7QYeyc=
expires
Sun, 05 Feb 2023 17:05:38 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
BEAF3237C941B11D
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=132206
accept-ranges
bytes
content-length
15948
x-amz-id-2
eP/fJ4xHSYnBZAXhB09q5ZBX9+QTQx3NNvr1l4a5wmFbtCejPDyiJiggq9VEstqs2p+9tU6j6vI=
expires
Sat, 04 Feb 2023 15:20:31 GMT
rea-logo-grey.png
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/rea-logo-grey.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.122 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:37:06 GMT
x-amz-version-id
dKOPaz9thY.HOlUhOOqUMNe1euXfQloR
Last-Modified
Thu, 09 Sep 2021 21:19:11 GMT
Server
AmazonS3
x-amz-request-id
F3BZJ1S5E9ZTHYJR
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
fzqFyrv41mc0B6kXEGnFHUzl3uOB3qn3xxUhRS3t9pslgsaWQfYqEVSCzuL5/2uyb4c/Ep8+Nv8=
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
SMYK2KQY9GG9FACQ
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=392379
accept-ranges
bytes
content-length
540
x-amz-id-2
IyxXkBn6dMJT/LBB66r4ElxstwwNx8/LUgYW524LosDV4x8kZly9gDBJqacwIl9v5R9GStbCiUU=
expires
Tue, 07 Feb 2023 15:36:44 GMT
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 02:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
433
x-xss-protection
0
server
sffe
etag
"0ab56aa012811b9e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 03 Feb 2023 02:37:05 GMT
/
www.heraldsun.com.au/_static/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuZGFmbG5oWUWAK+rIio=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 03 Feb 2023 02:37:04 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
sin1 0 2 9980
last-modified
Wed, 04 Jan 2023 20:21:59 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=6
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 03 Feb 2023 02:37:10 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
854 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
Q4PP3VPC7BYKJWY9
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=476282
accept-ranges
bytes
content-length
535
x-amz-id-2
WcZ48MCxkz2sSwIgMO6alYldqM4gtO1rVIWkGaYO68ZSxmKQ8T1jO4h236dI/26wxTfkhNi0Jr0=
expires
Wed, 08 Feb 2023 14:55:07 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=347247
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Tue, 07 Feb 2023 03:04:32 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 03 Feb 2023 02:37:04 GMT
cache-control
max-age=34103
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
698e4e698960fd9a90f537fea9068212a3ce3dd4b208fbab3510378aeb20d3f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 03 Feb 2023 02:37:05 GMT
x-datacenter
gce-asia-east1
etag
"983932a5a9952553a6c26d4885cca29ba54062e72e7c2a1a83d3ac92fa212a56"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-01f5
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
757822166
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:06 GMT
date
Fri, 03 Feb 2023 02:37:05 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
hkg1 0 2 9980
last-modified
Mon, 23 Jan 2023 05:36:57 GMT
server
nginx
etag
"63ce1cf9-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		282 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4468d08891fca625d4051ab4e7a33725527fe4174864c8c6866c93a88defe88a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Fri, 03 Feb 2023 02:37:05 GMT
server
AkamaiNetStorage
etag
"af816b6ce032f3422eee490ee10544a4:1674101957.670601"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1544
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 03 Feb 2023 03:02:49 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by
cache-fty21341-FTY
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 03 Feb 2023 02:37:06 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1675391826.165038,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
208
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
54a1a14472fd940eef27a1a152d9cd23aa2f9e51b1760f432b407c7e629ad3b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:51:22 GMT
date
Fri, 03 Feb 2023 02:37:05 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29876
x-rq
nrt1 0 2 9980
last-modified
Mon, 09 Jan 2023 03:24:52 GMT
server
nginx
etag
W/"63bb8904-182e5"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=857
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:06 GMT
date
Fri, 03 Feb 2023 02:37:05 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
nrt1 0 2 9980
last-modified
Thu, 15 Dec 2022 03:27:24 GMT
server
nginx
etag
W/"639a941c-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
comments-count
mhr.talk.news.com.au/api/v1/ 		710 B
739 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=0937111a3e3bda63f3ca528767679b83,830cc3920941283369a0fe4b434f137b,4037f57cf303ee196aab4ea8a3c2fa03,d3b105cf8f96ee522cb042a1067b0a7f,da79102ee206798cb8d757c73b16416c,2295289b931cdfe2d163c9c42be10156,0bd0afbd5d7f4e6ebec567fa78bd648f,ba95c0f51435714473479af4f7741c4e,2a5843ad132741d9112a5da09c72892d,8795541c49efaeabfe362bba1e4f9b1b,fb7c92400d573221ab016156b8cf842b,fd643d041bec1791bb29955f5f789b49,2ae6a04cf25fccbc617d7620cdc4142f,cea6e34302208f65c75de13325e9b39f,e8b143439dfa7c50280436728e52701a,a90d60e94176137da6e84818ff6efd8e,a25523577a9c2a03a0ac8698256bd469,23f0732ecd607415779c788742d4c26a,cea6e34302208f65c75de13325e9b39f,6179f462e847793151e9b9915155549e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
f5cebfaca1abdd284a890585812ed668edf6b3d1ab00f51b88c0402f57d87b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 02:37:06 GMT
server
nginx/1.20.1
etag
W/"2c6-UQmHnB6ANStGBDH+y7AKGsBDHls"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
a653eea0-a36b-11ed-b411-4983dbc12ce3
content-length
424
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6b05bc799e111097866a5f021cc4d5e10fecce1878c42331ddbfebfab0d54960
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Fri, 03 Feb 2023 02:37:05 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1687
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=29
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 03 Feb 2023 02:37:34 GMT
ac737ca512a458cb69f33aec382f657a
content.api.news/v3/images/bin/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ac737ca512a458cb69f33aec382f657a?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2c9c87e2bc688728bc92018e5b0c49899ad5ac6b9df0ba2989669ed997e4bef8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
last-modified
Fri, 03 Feb 2023 02:25:13 GMT
server
Akamai Image Manager
etag
f078051d1d16d6b61607ad34fcb0db47-ac737ca512a458cb69f33aec382f657a-650
edge-cache-tag
ac737ca512a458cb69f33aec382f657a
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5183134
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
44763
expires
Tue, 04 Apr 2023 02:22:40 GMT
e021148dc00313f5f8321b69762dd808
content.api.news/v3/images/bin/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e021148dc00313f5f8321b69762dd808?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e7aee80bf929f063b2aa268d0bf3df277f374b6413e1bf27278f4b809becce2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
x-check-cacheable
YES
edge-cache-tag
e021148dc00313f5f8321b69762dd808
content-length
21684
last-modified
Fri, 03 Feb 2023 00:50:06 GMT
server
Akamai Image Manager
x-serial
146
etag
7fe45e03722369fb033d65df076b82cd-e021148dc00313f5f8321b69762dd808-320
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177241
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 04 Apr 2023 00:44:26 GMT
ed0216f0d4ed49b56c268bc380c7f7f6
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ed0216f0d4ed49b56c268bc380c7f7f6?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dc729ae9f3214d872b219ceb393d41ed5b5fd27501cea76e65dffca063faf05d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Thu, 02 Feb 2023 23:44:49 GMT
server
Akamai Image Manager
etag
dbe096f50a1418f409ff08f20932597d-ed0216f0d4ed49b56c268bc380c7f7f6-320
edge-cache-tag
ed0216f0d4ed49b56c268bc380c7f7f6
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5173638
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10746
expires
Mon, 03 Apr 2023 23:44:23 GMT
94550a22b5c383931b6e090d8cdac93a
content.api.news/v3/images/bin/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/94550a22b5c383931b6e090d8cdac93a?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3dad3b6839ad8a9e97d9051034caf09cdd4d0cf2cb7ae17eec47c5b27329bfae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:05 GMT
last-modified
Thu, 02 Feb 2023 21:32:23 GMT
server
Akamai Image Manager
etag
1ccc420e07574145a2ac01e533f76449-94550a22b5c383931b6e090d8cdac93a-320
edge-cache-tag
94550a22b5c383931b6e090d8cdac93a
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5165721
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10841
expires
Mon, 03 Apr 2023 21:32:26 GMT
authorize
login.newscorpaustralia.com/ Frame C638 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=s_AJmKJ4zZaxESicuQBJsVibOhc1S8vl&nonce=7~AEmVqoSeqrUK.4DnEn9mMfjmYl-CdB&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMC4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.174 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-174.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
9a0be7d10e21d3fd03e2b95ee182d36963a110f8b1b5dcbe0f62ece1e7a1c84a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7937c8638eac4667-SIN
content-encoding
gzip
content-length
806
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Fri, 03 Feb 2023 02:37:06 GMT
expires
Fri, 03 Feb 2023 02:37:06 GMT
ot-baggage-auth0-request-id
7937c8638eac4667
ot-tracer-sampled
true
ot-tracer-spanid
5cab84c421175168
ot-tracer-traceid
086e029936572238
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-0000000000000000086e029936572238-5cab84c421175168-01
tracestate
auth0-request-id=7937c8638eac4667,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 589 0 pmb=mTOE,3
x-auth0-requestid
5d7c678042285fdc5c0b
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1675391827
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.140.211 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-211.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d896e2c2a4867aef9f1f702c2b930379a006b59bcd4e85d84529c407fed79add

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 04:44:20 GMT
server
AkamaiNetStorage
etag
"f25e8d04357f4fa97b11b935b7ffa2d0:1675140260.257625"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Fri, 03 Feb 2023 02:42:06 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.140.211 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-211.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6d67bc44e2840e82222dbbf991345abae73322333031960388ed5ba7a8b4d93b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 04:44:20 GMT
server
AkamaiNetStorage
etag
"4ad0a65a4425c4f11ce063fbc0bc5a2b:1675140260.659592"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21759
expires
Fri, 03 Feb 2023 02:42:06 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		194 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ef0d911d6be498dc03632eeabe223294384bac7c51b041035f0c2d7d27b3ee51
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:06 GMT
date
Fri, 03 Feb 2023 02:37:05 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45677
x-rq
sin1 0 2 9980
last-modified
Mon, 23 Jan 2023 03:26:18 GMT
server
nginx
etag
W/"63cdfe5a-308cd"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/south-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 03 Feb 2023 02:37:16 GMT
date
Fri, 03 Feb 2023 02:37:05 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3442
x-rq
hkg1 0 2 9980
last-modified
Mon, 23 Jan 2023 05:36:57 GMT
server
nginx
etag
W/"63ce1cf9-21ad"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=11
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
b5a8aaa586cdbbe7ea37253203bea327
content.api.news/v3/images/bin/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b5a8aaa586cdbbe7ea37253203bea327?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6cc6f6a3ec5a5d3a671bc0f8cc9f90e97904ab2d94c9ad51d4c4df2808a6eeea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
last-modified
Wed, 01 Feb 2023 23:47:20 GMT
server
Akamai Image Manager
etag
90ee8998acc639a4f81421d467e5594b-b5a8aaa586cdbbe7ea37253203bea327-650
edge-cache-tag
b5a8aaa586cdbbe7ea37253203bea327
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5087401
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
48682
expires
Sun, 02 Apr 2023 23:47:07 GMT
b14df29982f13f855b58165e23f4e6cd
content.api.news/v3/images/bin/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b14df29982f13f855b58165e23f4e6cd?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d36c9b8c84b929ef11b8a54d2afe666a5d04921d5bce65fba05f4fecca491c0b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
last-modified
Wed, 01 Feb 2023 22:54:33 GMT
server
Akamai Image Manager
etag
50c2c3e249b7830b37f5cb864d92493a-b14df29982f13f855b58165e23f4e6cd-650
edge-cache-tag
b14df29982f13f855b58165e23f4e6cd
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5084254
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
58162
expires
Sun, 02 Apr 2023 22:54:40 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
30458343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ccAhV42zhLybtFLvyMfro3lZ8v5h1nIFPehqtpUiVCbYRjJw7tBUcg==
pixel_49e759ba
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_49e759ba
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/49e759ba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/south-east
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Fri, 03 Feb 2023 02:37:06 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_49e759ba&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_49e759ba&session=9375a80c72660dfec484bc0ddce70d4e
x-arrrg4
https://www.heraldsun.com.au/leader/south-east
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-74.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 04:19:07 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
via
1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
age
80280
x-amz-cf-id
EN5Ev0XT_114O040FDZsJyaEiVpASbz_jipVR8oAVySwf5Vnmc2K9g==
campaigns
resourcesssl.newscdn.com.au/indies/ 		870 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22index%22,site:%22heraldsun.com.au%22,section:%22/leader/south-east%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
73d7194f51616ea395b52934db721b5cb4de766c0aaf33f05ea197379686654c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Fri, 03 Feb 2023 02:37:07 GMT
x-powered-by
Express
content-length
498
x-served-by
cache-qpg1239-QPG
server
Google Frontend
x-timer
S1675391827.136742,VS0,VE823
etag
W/"366-rtt4a362LXOakyu0cUr+ukqCgvw"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
cce6a3249eae76b2edc8c3917af9e82e
cache-control
private, max-age=1794
function-execution-id
lr95v2m2a7hq
accept-ranges
bytes
x-orig-accept-language
en-AU,en;q=0.9
x-country-code
SG
expires
Fri, 03 Feb 2023 03:07:01 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22index%22,site:%22heraldsun.com.au%22,section:%22/leader/south-east%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.141.29 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-141-29.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Fri, 03 Feb 2023 02:37:06 GMT
expires
Fri, 03 Feb 2023 03:07:06 GMT
function-execution-id
jj3xkngpx0a2
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
d10647b776ac9373a3978ac5ad85f236
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1239-QPG
x-timer
S1675391826.397465,VS0,VE554
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16753918265260.20733332614867628
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
content-encoding
gzip
date
Fri, 03 Feb 2023 02:37:06 GMT
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
839
expires
Fri, 03 Feb 2023 02:37:06 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 03 Feb 2023 02:37:06 GMT
cache-control
max-age=34440
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
db73998268fdc7f9a21918983c90d44f13efceccff11761fcf3fd3d954479d93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 03:12:37 GMT
content-encoding
gzip
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
84270
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ZwXqetRXQu3OPhdgVCo0dFm9dHIZ41hxdVPhp-DNt8jVypoYjxZlNg==
expires
Fri, 03 Feb 2023 03:12:37 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		185 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cc1a4504e9b52dfdbe77c1648b2f57a4854a2161eaeeecb3c51c83a9efcc559b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"3532c17d5e0cbfc3f6514b47359770fd:1675139584.580135"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=22715
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=57415
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 03 Feb 2023 02:37:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
OjZg1ohaRxq2P4j7KBxFM6bQmMdNX1h26zjhd3WpxXrQM9Urc4xhHvRfcNLfPVwMKb51f0MScogYqLOCi1Z8KA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 01:41:18 GMT
Content-Encoding
gzip
Via
1.1 0e0ce09b6e10a8fc07c3a94faa7d2626.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
3351
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
tmxwcHk6W8fAxS2-NtJsAictPz_LR6cC4EbQPEzpC31UCecBaEybUg==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2023-02-03T02%3A37%3A06.544Z&country=au&newsconnectId=&fpid=9375a80c72660dfec484bc0ddce70d4e
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
5d1756c2ccdc67363e14db3d40eeae1ec3765618c31624a398a858e42bf2d584

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e978d238d5c41225bcd905cf8add12e444e2cf30f04691a949cebe0789f174c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
wjnDuuLX59sOKR5weVSPTApJevg8A974
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Feb 2023 02:37:07 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
ZYHWHYCFG70BMHDE
x-cache
HIT
content-length
520
x-amz-id-2
z47QLb9mhGeAU9HMwuAIp3YBwmTI6mmwoDLJJWPiG05YleLIURqF4OgFVmeyhUb0RFJFIzSL7xs=
x-served-by
cache-fty21346-FTY
last-modified
Sun, 22 Jan 2023 10:32:35 GMT
server
AmazonS3
x-timer
S1675391827.296509,VS0,VE0
etag
"4e461faf14ac3f921d3adc4f754611d5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
1914
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:57 GMT
server
cloudflare
x-amz-request-id
7RMXYRM6TJ980X24
age
2682
etag
W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7937c8655c822b36-MEL
x-amz-id-2
hu/PMfXaZSEyIxFhgPhihABwe+grp5OCZcKISsFZDcpCvgMboF90Y8+D/w0zs+X+5NjpGf2yfuE=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.44.233 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-233.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Fri, 03 Feb 2023 03:37:07 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a274dbe4a9a49f23e9a2822ac546709e:1673918295.329898"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=21200
content-length
2302
tad.js
tags.news.com.au/prod/tad/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
33765ffc9d5eaaca51acbc275a845a0b4e1bda54e9a87ac05e09aa5803816c61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"920eb16cbbe3a0f6b2ffee100d8e4543:1675216057.629454"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=19234
content-length
33432
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
63dd49b6cbd1a890e9e23fb5bf3fbe94921dfb6b5c4e5937a8ea5c8b5b2dd36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27227
x-xss-protection
0
server
sffe
etag
"1471 / 359 of 1000 / last-modified: 1675379379"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Feb 2023 02:37:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8cc28ac27a3fe14720d82c5b681f8531381764074a669aa3e0ee58bc86bfabc7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:04:48 GMT
content-encoding
gzip
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront), 1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2023 21:25:54 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, SIN2-P2
age
1940
x-amz-server-side-encryption
AES256
etag
W/"ca579f2de02c4700bc4fa6f925ed06a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
MhmwyOA97JoubL7oOaBEyrgoVD4kjeScH0wV4tvXMvwWVufzkPYC2Q==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=13659
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-94.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1ed1677dc75607eb6865e91977014c05346e13285475a93ba4e8fcec5239a3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
iWnu5yI2whAnqv8_WLKKBEkO8GRGD5MU
content-encoding
gzip
via
1.1 1a95269c34e986ace2bf21962deb2db4.cloudfront.net (CloudFront)
date
Fri, 03 Feb 2023 01:57:30 GMT
last-modified
Thu, 02 Feb 2023 07:04:38 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
2378
x-amz-server-side-encryption
AES256
etag
W/"760efa303068553e2a16d6a46f447be5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
QCMQnRn6gMmroCu3HPDxMDQl-Rb-cGmivIlhJTK1Txsd8hruLqZLFw==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
618843158ccc24172fe7ac6ab8b755bf371cf5965c469407613041778e43e503

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"bb52a37d45d417951a3c95a98cf1fbfd:1673855044.593883"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=19776
content-length
6076
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.101.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3528195e6af4e53d97fa596f8c6e62b517d884e584bfb3e4d5de348447842c59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
952
cf-polished
origSize=5799
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Fri, 03 Feb 2023 02:21:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCTLBFXxumwWDSX1OHesJkcRNVAfMGW3f%2BhrVVEMdLMGh%2BUIoVpxwKFwFVpd0M7Jm2YqkrCQm%2Bz3sojMED%2FYKzeihYBGGhGboYumKUv8C3%2BMXp64Iv%2BVlH8gbowy6vj8qoWs%2Fjnvug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7937c86918d217ca-MEL
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.140.211 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-211.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Sat, 18 Feb 2023 02:37:06 GMT
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.72.42 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-72-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
gzip
last-modified
Sun, 18 Dec 2022 11:30:40 GMT
server
AmazonS3
x-amz-request-id
8D37WMA5S6NC1F0Y
x-amz-cf-pop
ATL58-P1
etag
"f1a4e674158b6b0ef75f5ba312c64b88"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
U0t0jVzAb82-wdEu2WJFeJSb0I7VIIxp2QJDipCqwA3zsLnLjboGDg==
x-amz-id-2
0LbFQyIVoE1DKZTcSGVlOzihmZkAkVThHq2AqT46yiJikLDi/+bUkt+O3B5BkoBqQAOL3J0S+3c=
content-length
22469
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202301310444&cb=1675391826730
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.140.211 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-140-211.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:06 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 03 Feb 2023 02:47:06 GMT
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-99.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc30942e2d331ad94fc36a66ae5fc814f6f9433db557e7fd1109331b44029f41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
5UN9lMtSWf5ySUM7BylJ4.Ovp4m.kHy7
content-encoding
gzip
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
date
Fri, 03 Feb 2023 01:58:15 GMT
last-modified
Thu, 02 Feb 2023 21:19:17 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
2469
x-amz-server-side-encryption
AES256
etag
W/"d36c00c20a33200d7cb77698d5b8fa08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
lUaMGGYv1pvluB1k1yRfVd6pmDzOJyDFAQTy6EiN5ZuzQmyJZRqbKA==
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.174 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers
849c7ff
login.newscorpaustralia.com/akam/13/ Frame C638 		0
0
fQA2SS8
login.newscorpaustralia.com/bWEo_/y/iC/S4K9/dMGCUN91/1NEiNQ8r1ciz/U2MDMBYB/SUQb/ Frame C638 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.27.174 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-27-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN52-C2
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=18
accept-ranges
bytes
x-amz-cf-id
C7UKOgddxyLDLADXK4CgbCDG0pUJAIQ6oDHyfbw4ZvWwAeD_2FBSLg==
content-length
66268
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13214
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-51.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
35d44d15b9f1029b1481b4c44c9148aaee06dac3851a72f0ff02105b0ab91041

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
br
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"13214...220.2023020302"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
MUTt771M6RVGdglgAfeagqx3nHbin6DdyWt15q_2WGFth9POevN0SA==
v2jtkjeChuFFdd8bahGZqgU7jSWNerlVjUDWh70XPvK0thU5aK6eP_nYezfiAHpJmwW9HTslk
bedsberry.com/ 		202 B
229 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2jtkjeChuFFdd8bahGZqgU7jSWNerlVjUDWh70XPvK0thU5aK6eP_nYezfiAHpJmwW9HTslk
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5f38af9f576dc1e7ee4eaaad9abdbacfc19550e8c631ed0b1d02e90dbdd50ce5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 03 Feb 2023 02:37:07 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-01f5
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 03 Feb 2023 02:37:06 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fsouth-east&u=CiXNLeDDQXOVC3aFwR&d=heraldsun.com.au&g=36976&g0=local%2Csouth-east%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7390&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&b=10655&t=DQ3K_r1ecAABMUyOZBfHr2IB2bJU&V=139&i=South%20east%20%7C%20Leader%20Newspapers%20South%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Moorabbin%20Leader%20%7C%20&tz=0&_acct=anon&sn=1&sv=DPEBW6BY3DAFDJu-DXBjqHxyClfEC4&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-231-107.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:08 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-40.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sat, 28 Jan 2023 02:41:50 GMT
Content-Encoding
gzip
Via
1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
518118
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
3qbdYmKxedX0HfbIxQinUF23CsqiUJdFxcO3YQZojgtpXoJshiGwJA==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1675391827202
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1675391827202
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1675391827202
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c84ca0c4bc0abf83cb058ec027ee7cb18f2ba78258929a14067aa0c1dd246f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0e4b678da.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ZDNfKuCNQpI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1558
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcscanary-prod-usw2-1-v052-068e7d247.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6I+LFq9QQ4s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1675391827202
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 19:55:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
24088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 19:55:40 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsto60wN0yRZNK7Pf3-kxMAna9DZb_sOuBVkWeLjz0s_yYGIWhxy0v9uOQ_70nOUcQ8OFDKujTc89KFsOGu0IiHznX96mcuK2a1uO_LNlVAQ2sdjneKVwMdvDrHiYuZQwAAeZX_Is0_oJ9leNNY-&sai=AMfl-YTOuH7q0BMgGQ38qp7kOm4gBgRJ2oswmkZtdgqD-qoCimSxiPyo-1CqBPIcuTuP0YsK26_56yfSLgZDhsY&sig=Cg0ArKJSzFbXZ-7VauEjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20230201.33056&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:37:07 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230203
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2082d2b2816c3bebdfa271bd867571605683415cc6e157e5e5a3ba01531d5f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38138
x-jsd-version
1.0.1605
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4548-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-ofkszW5wWVQ4qziiMrQ365RtTH0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJWXOETQeDmCWQpdSt3fwUmq1RLClOPgEY%2B0zWk%2BKR7%2BYp2XYWERkk%2Bxu1esGv%2BnP8M1q%2FXVmbuV4GVljkZRF7O%2F9b1TnLZS2SH9T%2FiDkg692k7h%2FbOgpOul67n86%2BfxuDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7937c869fa1cdfa1-MEL
384959879014125
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
94a00f3def7a4bb093181c62b376c224db3afec5f61fb284e737b458f98a2566
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 03 Feb 2023 02:37:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110517
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
w/rdsZgdt8tXvMnXBnnUYMmIBZjBiCEWmkb9k7n5CEmKznpUs5bLXx4dKPXu7/Pog3gkUH+aiKP7rIq38T3NqA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
server
AkamaiNetStorage
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=2222
content-length
65
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=b7554d56a70045152d7b51fd0a0de9fc&timewithTz=2023-02-03T02:37:06.544Z&country=au&newsconnectId=&fpid=9375a80c72660dfec484bc0ddce70d4e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.101.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b40fa1401d2875418cb7fad10e8ebe10a276198e4bb9b3ef62c28cd81ac4f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
951
cf-polished
origSize=47391
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cf-bgj
minify
last-modified
Fri, 03 Feb 2023 02:21:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlF6s5hPOEF3NjjzqDjR0ppcpnwyZdu28oLRt6QP%2BEGbc1Ok0T6S9cdsSh2nZd9B2GEhWew%2Fqi%2BLUedeI0c1B6N0pUjqPTLvr1bMYONQFzOgXss5CXxVFumtKhmNwNVBUyTdvpb3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7937c869b9ca17ca-MEL
v2new7iLt8nDekZV7_FgnD6GsLiWjW-iF_jENFknVOwL3Fz8vxHz3EYenOenumEC78OSCGx5P
bedsberry.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2new7iLt8nDekZV7_FgnD6GsLiWjW-iF_jENFknVOwL3Fz8vxHz3EYenOenumEC78OSCGx5P
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 03 Feb 2023 02:37:07 GMT
via
1.1 google
x-buildnumber
757822166
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-01f5
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
swg.js
news.google.com/swg/js/v1/ 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
sffe /
Resource Hash
566adb623a1723b23ca4f800a75a4af52d6daeb3750afba98498f832180319c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49880
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 18:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:58:55 GMT
pubads_impl_2023013001.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133639
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 09:35:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 16:30:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		870 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
96df4756b1894bcb35909a02bc4cdb400f51ee7ff56a2bae8ac03dcb1ef1f777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:37:08 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 01:06:08 GMT
via
1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
5459
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
nzKQPIA8QqS265G8hD1fsRAeGr-mKDMuQo2Cghq2HX6Oy8XXqsICqA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 f6a003d0ac39dd4960506f9ca113dde8.cloudfront.net (CloudFront)
date
Thu, 02 Feb 2023 22:25:19 GMT
x-amz-cf-pop
SIN2-P2
age
15110
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
BjwtO7XJ_B1AbuOo2Lld07KkZFEHKC6xS0MuX8vGDGC0C0M8USwrig==
/
geo.privacymanager.io/ 		31 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-89.mrs52.r.cloudfront.net
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 01:29:12 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 8ddb34cf6930071cc06ac942a8998048.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P4
age
4076
x-amzn-requestid
92f92f63-1a54-48ab-af5f-0ed323f4253d
x-amzn-trace-id
Root=1-63dc6368-0729b64024c5b2d94bf7eee4;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
fvR4UFCDDoEFUdw=
content-length
31
x-amz-cf-id
lDN9M2wR2H284-z9EMWY4uUlom5LPhy7ERugOJYMC06-94Nytf3S_g==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
88c7b0c4d2267189bba94aecac6e21455cc88bd62fd36f9657fd517a8dd3d078
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 03 Feb 2023 02:37:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
f4e132f5b8c7a6d55e69438c4c1e36dc89fce75d573f90d3d384b766da1cf89f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 3 Feb 2023 02:37:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&rl=&if=false&ts=1675391827844&sw=1600&sh=1200&v=2.9.95&r=stable&ec=1&o=30&cs_est=true&est_source=2353117768323382&fbp=fb.2.1675391827843.1321885817&it=1675391827307&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 03 Feb 2023 02:37:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&rl=&if=false&ts=1675391827845&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1675391827843.1321885817&it=1675391827307&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 03 Feb 2023 02:37:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-99.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
date
Fri, 03 Feb 2023 02:12:05 GMT
x-amz-cf-pop
SIN5-C1
age
1503
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Yc-hLiIWNBfvQIccjzMeTCsM4lkXirdyKxpz00rMG1goJM0hmPySqA==
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.72.42 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a96-17-72-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
content-encoding
gzip
date
Fri, 03 Feb 2023 02:37:08 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
MIA3-C2
etag
"4a5e4a11bf4a74aeb574379e169fa679"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=368
accept-ranges
bytes
x-amz-cf-id
qaACm4nl2pGlRV0DqAT84JNpb07puvFulXEie3AlVsMsFbLVckBATw==
content-length
1284
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.107.165 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-107-165.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 03 Feb 2023 02:37:08 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.107.165 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-107-165.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 03 Feb 2023 02:37:08 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 05B0 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-45.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
781
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 03 Feb 2023 02:24:08 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 bf928fe3a859cf8cab4cd81be24e61de.cloudfront.net (CloudFront)
X-Amz-Cf-Id
_B6fXUvy1y5X6ycelFfPru7erN8HeboGBTdGL3d4aUWH44hyQwzzUw==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=9375a80c72660dfec484bc0ddce70d4e&&bust=16753918280150.6353104403405352&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-28.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
1431791464cf8495adfa004a07f5c87595a33293f25f31da947316e9c670f455

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
j65_X5J4_M_7K2nKz6nTBeaTPNCP_QBy1CXOv6tdkbgQy6cS4pTJ4w==
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&dom=www.heraldsun.com.au&r=1675391828040&pvs=1&pvid=d47c04f1-b3e7-4c5b-aedf-9811a85466ab&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-51.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
dotmetrics-hit-status
01 OK
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
isrc-r4YrXVe0syc4PyBz6wl-xnWOvHajyDzups_fRjsypoxPcWVpA==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&dom=www.heraldsun.com.au&r=1675391828040&pvs=1&pvid=d47c04f1-b3e7-4c5b-aedf-9811a85466ab&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-56.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 15:50:35 GMT
via
1.1 b6ea6ca61ea97da097b9b6998cef803a.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
38794
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
gUhXeVfxrc_aT26ZMxyNREwOXwhL1Zc8KmR_p-YY4FNR7Rxym-5Xmw==
/
geo.privacymanager.io/ 		31 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-89.mrs52.r.cloudfront.net
Software
/
Resource Hash
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 01:29:12 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 8ddb34cf6930071cc06ac942a8998048.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MRS52-P4
age
4076
x-amzn-requestid
92f92f63-1a54-48ab-af5f-0ed323f4253d
x-amzn-trace-id
Root=1-63dc6368-0729b64024c5b2d94bf7eee4;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
fvR4UFCDDoEFUdw=
content-length
31
x-amz-cf-id
tbXp83e94iJipSslP-OVWk6Jz8VNnQLyYvNZ0MMvqdIjBYohdgQyAA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
script.js
au-script.dotmetrics.net/Scripts/ 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=220
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-51.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
5c95897de08e24b0189631976b2f0f780ba34067303f2e74979f7f660220ca5c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
content-encoding
br
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 10:30:52 GMT
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"1d9323a6e0dd7a8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
Vy9-FnW4uuB1VgyrccpIfOtHM4RhoQ9_3Coi_3rw3ccm2kRWTRdbrw==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 3BE7 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-99.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1500
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 03 Feb 2023 02:12:09 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-amz-cf-id
NCcBluoMeAPbVKR80x9w0JdoZ0JOBj8L8s-5J0xT9xBSP23QZ0IV3g==
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
510426d114ecbe4989ce66138f3c6b1011200d25710a8038f9f11a794e2119f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pub
pixel.adsafeprotected.com/services/ 		752 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.leader/local/southeast,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=0a1416d8-677d-7fd3-ff24-cd1e6c151507&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fsouth-east
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
436c8410120df712d7af6adada0356658b4f72086231b700c67c09510c769889

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
server
nginx
x-server-name
app01.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&pid=3Syat9Qk3zIHQ&cb=0&ws=1600x1200&v=23.127.1625&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast-ad-block-300x250-2%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast-ad-block-728x90-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
116d4af50fad649c491f01832a39482a07434355db986e3a290926c8b1f634ef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
via
1.1 500f4e37798a0a47047ecfa48f4fd932.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
925
x-amz-cf-id
uHBeQWS3E-QRy9QUXAjYrSrK_1n6z6T5Ql7rXY1xESIL8WlR23kyrg==
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-74.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
via
1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
4OpOI6EMbKLUBtcw942TRPG7sjYwcN5aVbg3zb3S9ZEuttR9u1wcFA==
expires
Fri, 03 Feb 2023 02:37:07 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 3BE7 		44 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828&c16=sdkv,bj.6.0.0&uoo=&fp_id=dwqo6hn4uqfxmh33xexoanwmqyvm01675391828&fp_cr_tm=1675391828229&fp_acc_tm=1675391828229&fp_emm_tm=1675391828229&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.214.10.7 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-214-10-7.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:08 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828.nuid.imrworldwide.com/ Frame 3BE7 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-13.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 00:14:47 GMT
via
1.1 33ccc45b55961a5a150d23d44de2958a.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
age
8543
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
wWryQJXv0dq_brBAxxWnnqsRXhYf5eUm3uiPkatqB_V9RwTs8_gKMg==
cygnus
htlb.casalemedia.com/ 		36 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221e9b07845b848e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east%3Fpagetype%3Dindex%26sec1%3Dlocal%26sec2%3Dsouth-east%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222ee879c1dd7af3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%225be7ca71d6ecec%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%22716b6c69c72e17%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-300x250-2%22%7D%7D%2C%7B%22id%22%3A%22800932de1ad5c3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-728x90-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e91492ef520a27b3adbd0b71b16e38a345514eb2bcce34f26e269e5c5bb01035

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocKC6yIQy%2FnsDF3ggNtDVwKx5LsGmyh6RlNmlws6RZpbwtsgLDCr6qid5zopC6TkcJT3OLJKPzlzaGp0rdQi1mSo6%2Bwz%2BxtruK3V5Yjd4eU%2BAgSnRAG8B7sYxoERg8wEHsjO92uW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7937c8716fc55a4f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
v2
mfad.inskinad.com/api/ 		161 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.166.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-166-41.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
efb3993ebf016577434feeddbfd074c4ef77be7b119298c4419aff5357e4c766

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"a1-RY8I6KTedF++5fT/l24XN7jbqVI"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
161
x-served-by
bifrost-production-shard001-us-east-1a-i-03dedb69eccb864c6
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 03 Feb 2023 02:37:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=11144536287
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		495 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b84b369629ea444349e15b466381ac73a251acd189e612852d0726ee9fdf9fa4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:09 GMT
AN-X-Request-Uuid
e99c7757-e264-43fa-861f-3883bc764897
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
495
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		444 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=south-east&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=bf9deb84-2355-4b49-8340-6b8a6b8bae74&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-728x90-1&slots=1&rand=0.967871607295568
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5374aa7362e004cb6158fd95a42f43817798fde09a2b9836e49237ef2186e860

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		443 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=south-east&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=1fe95775-5148-4dbe-819d-c416f8a744e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-300x250-1&slots=1&rand=0.9679404630065156
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1a47d16fe5f85db6c4fa5ba896ee860a0a9bf5e5dafafd23670de1dbd38c0948

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
443
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		419 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=south-east&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=e551e97a-3403-4ff8-9c6d-1aa010f8f01e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-300x250-2&slots=1&rand=0.11605216456704581
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bba6184ca3466d203d56449dc641c78b6573d3302e16694076a14c9e3f402843

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
419
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		421 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=south-east&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=5999eda5-3429-4207-876e-367ae2ed6d52&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fsoutheast%23ad-block-728x90-2&slots=1&rand=0.11271869700475756
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ceba1d3b2b7a7e4d00bb536f73d6a2c9824e013cc2947c6d303c6e501d01458

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
421
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.playground.xyz/host-config/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
ea6d78ba-ec26-43a7-bd12-402086309744
dest5.html
newscorpau.demdex.net/ Frame EB38 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v041-07786c86f.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
O56tlAEdQnc=
content-encoding
gzip
date
Fri, 3 Feb 2023 02:37:09 GMT
last-modified
Fri, 28 Oct 2022 13:33:45 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=63606572942243986512878983405691016734&ts=1675391828526
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
5835d900a8aac3dc4d5fcd332fdb8bb71079feaa371ae7a02b11a8d284120bc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y9xzVQAAAFcgHgNW
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=63627653486276301132881381696468829956
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9xzVQAAAFcgHgNW
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9xzVQAAAFcgHgNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-08b446111.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3ChwWW3ES0A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9xzVQAAAFcgHgNW
Date
Fri, 03 Feb 2023 02:37:09 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMyMTQsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvc291dGgtZWFzdCIsInJ1cmwiOiIiLCJwdmlkIjoiZDQ3YzA0ZjEtYjNlNy00YzViLWFlZGYtOTgxMWE4NTQ2NmFiIiwidHpPZmZzZXQiOjAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1675391828551
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-51.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
aeaaed2b24cadcd68b58fb476b9cf270ee49780ec6014af3356451618bae3a09

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
content-encoding
br
via
1.1 f9a9e5a2fe899e7acf3e13d8d7a34642.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
fAUHaALpbH3gXAiaUEKJCPy7Xt5TqGW0PQSG0w4u4G0RMFqA-bTjrQ==
Serving
bs.serving-sys.com/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=5345948940963873772&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east$$&activityValues=$$Session%3D6343094752014792005$$&ns=0&rnd=5474544146781499&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.199.184 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-199-184.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
594e37072e43b53217558bedf3fae181ed790890be59151566d0e7f3b81f5193

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2500
expires
Sun, 05-Jun-2005 22:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:51:06 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:56:42 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 3728
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
ESF /
Resource Hash
edf9a3f33d78b7d3701acfc2691565060b222ff1273d80dc8c3bd7e3df64158e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Jigz8ZgB3cuxGEXSNZGeDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Jigz8ZgB3cuxGEXSNZGeDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Fri, 03 Feb 2023 02:37:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-HwXOLS2ZDRbGlTf_GrikQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-resource-policy
same-site
date
Fri, 03 Feb 2023 02:37:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a135d6ea10042caa5883447a78127593ad94d07469ef759796c6af2b66e1eaff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.107.165 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-107-165.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 03 Feb 2023 02:37:09 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.63.107.165 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-63-107-165.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 03 Feb 2023 02:37:08 GMT
Server
nginx
iu3
s.amazon-adsystem.com/ Frame 4ED9
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 03 Feb 2023 02:37:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CDFB8E7BTVD0SX66XJWT

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 03 Feb 2023 02:37:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PES0PAY3VE4DHQR5B30F
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 3728 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JFrZsyIYCHKL3ph4lKI9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-JFrZsyIYCHKL3ph4lKI9iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L.B1.O/am=GgMABA/d=1/ed=1/rs=ABXTjI7F0gVyHH-H0Nnnl5UHWO0uhG_NTQ/ Frame 3728 		521 B
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L.B1.O/am=GgMABA/d=1/ed=1/rs=ABXTjI7F0gVyHH-H0Nnnl5UHWO0uhG_NTQ/m=serviceiframeview,_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 18:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 00:36:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 18:04:54 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 3728 		195 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=465386&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
75ff226055d5212f77f5adb9a64d1eca0ff433e8085a259366a82924da1cdc20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 17:43:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70069
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 03:52:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 17:43:10 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&rl=&if=false&ts=1675391829348&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22South%20east%20%7C%20Leader%20Newspapers%20South%20East%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Moorabbin%20Leader%20%7C%20Dandenong%20Leader%20%7C%20Berwick%20Leader%20%7C%20Cranbourne%20Leader%20%7C%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&ec=2&o=30&fbp=fb.2.1675391827843.1321885817&it=1675391827307&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 03 Feb 2023 02:37:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
up_loader.1.1.0.js
js.adsrvr.org/ Frame F8C5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 16:48:44 GMT
Content-Encoding
gzip
Via
1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
35306
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
b8ERp5cXBipAIrcV7WCZcyQvIq6ppyDk5OSJDObTSbPcjD0kwnMt7Q==
activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812
8228261.fls.doubleclick.net/ Frame 6686
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=894351886959...
402 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
cafe /
Resource Hash
cfd67866cb98d6c5e15120c5375a527e8d01625fcdd160ac42d83dbdcbb223b4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:10 GMT
expires
Fri, 03 Feb 2023 02:37:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07
8228261.fls.doubleclick.net/ Frame 21E9
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=451671080448...
401 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
cafe /
Resource Hash
5a4dde3e7a535ddb496bc1a74b0fc98c252b544f6e729dab07da890363aad7cc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:10 GMT
expires
Fri, 03 Feb 2023 02:37:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bounce
secure.adnxs.com/ Frame 3740
Redirect Chain
  • https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1274268%26seg%3D22404526%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1274268%26seg%3D22404526%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:10 GMT
AN-X-Request-Uuid
c543a74d-bf8c-4ccc-b4a3-4da32016812c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:09 GMT
AN-X-Request-Uuid
713dfb3a-cbab-4703-8009-499bd9399f7b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1274268%26seg%3D22404526%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uwt.js
static.ads-twitter.com/ Frame B81F 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1223-QPG
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame BA36 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-160.pacnet.net
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=10662
accept-ranges
bytes
content-length
4777
js
www.googletagmanager.com/gtag/ Frame DD94 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d68c9072babf3b3aa7dfbe791d90ee5efa24365b99e6ffdd492381a01fc6bc48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50766
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 01:40:14 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Feb 2023 02:37:09 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 4E60 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 16:48:44 GMT
Content-Encoding
gzip
Via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
35306
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
kk2fK4qla2LmXaYA_XPj5Mwy4g0G7_uTPF6XFsgWnA3LZbdz8rfPEQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 46C7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires
Fri, 27 Jan 2023 02:11:02 GMT
Date
Fri, 03 Feb 2023 02:37:10 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
1553
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-fty21324-FTY
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1675391830.151973,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
2, 357
activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424
8228261.fls.doubleclick.net/ Frame 05EA
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=601112431274...
402 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
cafe /
Resource Hash
aff56c416d498cf41875e7f59dc71d9e90d15017624b28d29a1e6d8f23810fac
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:10 GMT
expires
Fri, 03 Feb 2023 02:37:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
www.googleadservices.com/pagead/ Frame 7681 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16815
x-xss-protection
0
server
cafe
etag
17544913231395580258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 02:37:09 GMT
pixel
pixel.mediaiqdigital.com/ Frame 83DB
Redirect Chain
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1297269%26seg%3D22449553%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253D%25pu1%3D%21%3B%2526pixel_id%253D1297269%2526uid%25...
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=4284035433158298916
2 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=4284035433158298916
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Server
18.136.169.219 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-169-219.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:10 GMT
content-length
2

Redirect headers

Date
Fri, 03 Feb 2023 02:37:10 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f3ae664a-f7a4-4268-9b2c-128e1a6a1c98
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=4284035433158298916
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:10 GMT
AN-X-Request-Uuid
b8335998-a7ce-4587-a8f0-90cb3c327f73
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:10 GMT
AN-X-Request-Uuid
366d6b5d-6e0d-471e-9c55-795d9a15393b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1049974%26seg%3D15374424%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=63606572942243986512878983405691016734&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%019375a80c72660dfec484bc0ddce70d4e%011&ts=1675391829476
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
4403f7382d1fcbf91864d21c598189e987f75eeb7ddd72b1fbf87a2efb670fa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v041-0ca9f92b6.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
eKRvv/wlS9g=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1558
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=358&dpuuid=1945658433220457059
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1945658433220457059
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1945658433220457059
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-08b52b58d.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zr0AHYi1Txs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 03 Feb 2023 02:37:09 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
80c5ee79-4660-44e8-987d-4b1c594ad2ba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1945658433220457059
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?id5id=ID5*RqjVhLeDSNSczlsafK1qOStISHbtXzclgVkIsdNhg5I3xi8Xi7dZGO08oqv6pMNi&o=api&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		725 B
831 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=ebc3fad9-6a9a-497f-88ef-a6636859a588
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
ef2129b09da882dacd2ab77d22221a8cb0dd94adf70c1a93b2002010797f713a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:09 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
x-xss-protection
1; mode=block
x-request-id
ebc3fad9-6a9a-497f-88ef-a6636859a588
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
23.1.48:96d4383c
ibs:dpid=470&dpuuid=7854299086110410743
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7854299086110410743
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7854299086110410743
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0bd9283ab.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qsRnkPYzSR8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7854299086110410743
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
s88087780282782
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s88087780282782?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=3%2F1%2F2023%202%3A37%3A9%205%200&cid.&newsnkidcookie.&id=9375a80c72660dfec484bc0ddce70d4e&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=9375a80c72660dfec484bc0ddce70d4e&mid=63606572942243986512878983405691016734&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Clocal%7Cindex%7Csouth-east&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D107&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Clocal%7Csouth-east&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Cmrec%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=local&c5=D%3Dv5&v5=south-east&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=1%3A37%20PM%7CFriday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=107&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cvic%7Cmelbourne%7C-37.82%7C144.97%7Cgmt%2B10%7Cunknown&v79=au&v80=9375a80c72660dfec484bc0ddce70d4e-00000000000000000000000000000000-1675391826703-717065&v110=2023-02-03%2002%3A36%3A58&v111=0&v161=9.100000381469727&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-104.data.adobedc.net
Software
jag /
Resource Hash
7dc091b494e9d47c250418034694238654ce3857d3c805233614d29c672d8389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-aam-tid
0zzkojNdQJ0=
date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4951
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-2-v041-08288d5db.edge-usw2.demdex.com 5 ms
pragma
no-cache
last-modified
Sat, 04 Feb 2023 02:37:09 GMT
server
jag
etag
3597876556873170944-4619767858074111066
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 02 Feb 2023 02:37:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 7681 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1675391829763&cv=9&fst=1675391829763&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
812f463038896467c4aacef0dfba212a46ca856a4813ac2d75747c67993d68bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
936
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=481&dpuuid=LDNX1D2B-18-A6AV
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=63627653486276301132881381696468829956&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LDNX1D2B-18-A6AV?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LDNX1D2B-18-A6AV?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-04c095abe.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rW980M6BTNk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LDNX1D2B-18-A6AV?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEHNe5y0d5Win_SleknkvTXo&google_cver=1
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjM2Mjc2NTM0ODYyNzYzMDExMzI4ODEzODE2OTY0Njg4Mjk5NTY=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHNe5y0d5Win_SleknkvTXo&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHNe5y0d5Win_SleknkvTXo&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0e2f229f4.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sq+T0h3OSdQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHNe5y0d5Win_SleknkvTXo&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame BA36 		36 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-96.sin2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 00:55:46 GMT
content-encoding
gzip
via
1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
6084
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=17456
x-amz-cf-id
wxWwqltc4xNa6NGkZ9qPUdBpq5pHofcKiUFiaAWeKBzyZPC8LJC3lQ==
collect
px.ads.linkedin.com/ Frame BA36
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1675391829964%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&cookiesTest=true&liSync=true
0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&cookiesTest=true&liSync=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 62253207CEC04F75891E9FE4777C58AE Ref B: MEL01EDGE1818 Ref C: 2023-02-03T02:37:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzwo718nSKCS21BdSUyg==

Redirect headers

content-security-policy
default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 03 Feb 2023 02:37:10 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXzwo7xFwL0h980euJN/w==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6C84353033A04858BCC27D5E2DDDBF9E Ref B: MEL01EDGE1818 Ref C: 2023-02-03T02:37:10Z
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1675391829964&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
t.co/i/ Frame B81F 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=0c9b15da-e1c8-4523-8a4e-8846dd83d48a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=577de0e3-405b-4066-8ce7-5098ad669194&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time
146
date
Fri, 03 Feb 2023 02:37:09 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
f82abb3faaaf1503
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
bb49a77cda0ba50e821df9cc253dfa618b9918ee1a97072580ca986c8cf0377d
content-length
43
adsct
analytics.twitter.com/i/ Frame B81F 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0c9b15da-e1c8-4523-8a4e-8846dd83d48a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=577de0e3-405b-4066-8ce7-5098ad669194&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time
255
date
Fri, 03 Feb 2023 02:37:10 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
882afa1347b9967e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
9d4021e3f8c24d5f82449ffdb4ae38ef6d52e8c431d37876cef8e579f7d17dd8
content-length
43
ibs:dpid=903&dpuuid=3cf35ab1-8e56-4a5c-905a-a885064eef9f
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3cf35ab1-8e56-4a5c-905a-a885064eef9f
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3cf35ab1-8e56-4a5c-905a-a885064eef9f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0376fee13.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bBPiX4/wRg4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3cf35ab1-8e56-4a5c-905a-a885064eef9f
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame EB38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0196d0924.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Gp0G+0tnS+0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSAv5nOedOpt0SxdUO3rCRT6UPOn7eijgy9ixRtRtCMRb2EPmm4fGi%2B3k1JZbz3abq0Y287L0hE0l45DcwVVP%2BX50yCGgE%2BTsmxmisYZSzpFI9SmLT3AQGlrfazgeg6FQYjsw0Ks"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688
cache-control
no-cache
cf-ray
7937c87d5bc55a4f-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_leader_S&asn=leader&fp_id=dwqo6hn4uqfxmh33xexoanwmqyvm01675391828&fp_cr_tm=1675391828229&fp_acc_tm=1675391828229&fp_emm_tm=1675391828229&ve_id=&sessionId=6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,south-east&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,hujctebf2gznzxnodcdboxhhjvz0r1675391828&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16753918282269742&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1675391826747&c3=st,c&c64=starttm,1675391829&adid=1675391826747&c58=isLive,false&c59=sesid,&c61=createtm,1675391830&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&c66=mediaurl,&sdd=&c62=sendTime,1675391830&rnd=537724
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.214.10.7 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-214-10-7.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
ibs:dpid=30432&dpuuid=CI-3f28078e36008389a565d193b038506f
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=63627653486276301132881381696468829956&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-3f28078e36008389a565d193b038506f
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-3f28078e36008389a565d193b038506f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcscanary-prod-usw2-1-v052-068e7d247.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DENYXeWnT/w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-3f28078e36008389a565d193b038506f
Date
Fri, 03 Feb 2023 02:37:11 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixie
ib.adnxs.com/ Frame 46C7 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1675391830290&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&r=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&st=1675391830290&et=1675391830291&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:37:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424
adservice.google.com/ddm/fls/z/ Frame 05EA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJnQh_eo-PwCFYFAfAodF9YDSg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6011124312748.424?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07
adservice.google.com/ddm/fls/z/ Frame 21E9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIPqh_eo-PwCFZYVtwAdGMsEQQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4516710804489.07?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,zG9H6c,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L... Frame 3728 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L.B1.O/am=GgMABA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4FEIQZOd7CD8aONr5UrdOy_L6-7Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,zG9H6c,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
733a823eb03134ff9ba848ac7775304a82874815017be1a75b4a29f00dffc44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42686
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 00:36:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 18:10:58 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L... Frame 3728 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L.B1.O/am=GgMABA/d=1/exm=COQbmf,DfBslb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4FEIQZOd7CD8aONr5UrdOy_L6-7Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
df1fbfbbbb5692c3acbcbec81d63dbda128469530ea1c941dbe91772815b6e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7296
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 00:36:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 18:10:58 GMT
dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812
adservice.google.com/ddm/fls/z/ Frame 6686 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CNTbh_eo-PwCFQUytwAdn5kDIg;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8943518869596.812?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=63627653486276301132881381696468829956&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=63627653486276301132881381696468829956&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-010ffe579.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8SjGZvqfQTA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 03 Feb 2023 02:37:11 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
up
insight.adsrvr.org/track/ Frame B51E 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
0d41f19c0ba4882d625087353df062e66059f1f0e3e897abd12ecfcfb28a083b

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:37:10 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.147.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-147-33.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame DD94 		2 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1675391830434&cv=11&fst=1675391830434&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&auid=1174245713.1675391830&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9f6f87beb81bc2cb7076a5724b0aea23e100d3498ddfec97989242c848fc6c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
873
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame EEB7 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
71d408a39baa0dc4581e93d6cf7848f232f487f221329208403d10ba8398f885

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:37:10 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
www.google.com/pagead/1p-user-list/859754747/ Frame 7681 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1675391829763&cv=9&fst=1675389600000&num=1&guid=ON&eid=376635470%2C375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&fmt=3&is_vtc=1&random=1808542135&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 7681 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1675391829763&cv=9&fst=1675389600000&num=1&guid=ON&eid=376635470%2C375603261%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&fmt=3&is_vtc=1&random=1808542135&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 02:37:10 GMT
usermatch.gif
beacon.krxd.net/ Frame EB38
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=63627653486276301132881381696468829956
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=63627653486276301132881381696468829956
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=63627653486276301132881381696468829956
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Server
50.112.50.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-50-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by
beacon-n001-pdx-prod.krxd.net
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1675391832
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=63627653486276301132881381696468829956
date
Fri, 03 Feb 2023 02:37:11 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a013-ash-prod.krxd.net
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame B51E 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 17:54:28 GMT
Via
1.1 dcb42c70bda10759ea456b517bba08fa.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
46176
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
9LNBYVWEirqy7agL0NwC1V125YPyhP89b91swwrmy2bhXYnVQ0Pvtg==
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		205 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=40545177360621&correlator=2432516270343427&hxva=1&scor=3126003753323368&eid=31072021%2C31072024%2C31072031%2C31072039%2C31072040%2C31072043&output=ldjh&gdfp_req=1&vrg=2023013001&ptt=17&impl=fifs&iu_parts=5129%2Cndm.leader%2Clocal%2Csoutheast&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ifi=1&adks=1194512124%2C3917992986%2C2405353167%2C1619468282%2C3143688445%2C2214259391%2C2941766028&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Da8d2f88b-a36b-11ed-8f23-0679fa08ad36%26grm%3D40%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D1qvdqtc%26amznp%3Dkwl5og%26id%3Da8d2f88c-a36b-11ed-8f23-0679fa08ad36%26amzniid%3DJNv6M39GUX6EvQzRCOFz2PQAAAGGFSKEcgUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICAHs_Rj%26amznsz%3D728x90%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Da8d2f88d-a36b-11ed-8f23-0679fa08ad36%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%26pub%3D40%2C50%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D1qvdqtc%26amznp%3Dkwl5og%26id%3Da8d2f88e-a36b-11ed-8f23-0679fa08ad36%26amzniid%3DJBas0tVMlm5ya4MHkT2RutkAAAGGFSKEcgUAABP_AQBhcHNfdHhuX2JpZDEgICBOL0EgICAgICAgICAgICA1C4I0%26amznsz%3D300x250%7Cpos%3D1%26refreshed%3Dfalse%26id%3Da8d2f88f-a36b-11ed-8f23-0679fa08ad36%26grm%3D40%7Cpos%3D1%26refreshed%3Dfalse%26id%3Da8d2f890-a36b-11ed-8f23-0679fa08ad36%26grm%3D40%7Cpos%3D1%26id%3Da8d2f891-a36b-11ed-8f23-0679fa08ad36&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D9375a80c72660dfec484bc0ddce70d4e%26sec1%3Dlocal%26sec2%3Dsoutheast%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%252Ce%252Cf%252Cg%252Ca%252Cb%252Cc%26abtest%3Da%26pvid%3D9375a80c72660dfec484bc0ddce70d4e-00000000000000000000000000000000-1675391826703-717065%26amznbid%3D0%26amznp%3D0%26fr%3Dtrue%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&sc=1&cookie_enabled=1&abxe=1&dt=1675391830530&lmt=1675391830&dlt=1675391824484&idt=3902&adxs=436%2C176%2C1124%2C1124%2C0%2C1124%2C0&adys=28%2C6669%2C496%2C3183%2C6669%2C438%2C7390&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&frm=20&vis=1&psz=1600x134%7C1248x0%7C300x250%7C300x250%7C1600x720%7C300x0%7C1600x7408&msz=728x133%7C1248x0%7C300x250%7C300x250%7C1600x0%7C300x0%7C1600x0&fws=512%2C0%2C512%2C512%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C300%2C0&ga_vid=1181083183.1675391831&ga_sid=1675391831&ga_hid=419451794&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
d9ec00e3b0328992e3e7db3b5249d2ed079f355bb54fb95a42ebf118eb996b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29794
x-xss-protection
0
google-lineitem-id
5084295962,5084295962,5084295962,5083943881,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347629745,138347629775,138419571206,138419571206,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 07B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:11 GMT
expires
Sat, 03 Feb 2024 02:37:11 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame EEB7 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 17:54:28 GMT
Via
1.1 91085d9a0810fca6dacd51dae7dd6a32.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
46176
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
zWlicihrMPVTZUqjDBDF7IBg4U0cU6cOiH9thHOFt1g7oFGoq8Pb0Q==
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame EB38
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=63627653486276301132881381696468829956&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0bd9283ab.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6Zk7fFZITts=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Fri, 03 Feb 2023 02:37:11 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L... Frame 3728 		1 KB
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.F9IbdYg1O6o.L.B1.O/am=GgMABA/d=1/exm=COQbmf,DfBslb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI4FEIQZOd7CD8aONr5UrdOy_L6-7Q/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
727f7ed7ae7bf7e9ed17e13cf3a3aaa4ce9e6de796767b63ebc28c08fc65a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
713
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 00:36:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Feb 2024 18:10:58 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 3728 		163 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-7013941963848585439&bl=boq_subscribewithgoogleclientserver_20230201.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=9431&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
ESF /
Resource Hash
6cdbe3cb7727207a2e9750f463f38e42c05d78989448e818efe0807d91b26153
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame 3728 		131 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 03 Feb 2023 02:37:11 GMT
generic
match.adsrvr.org/track/cmf/ Frame A6E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
70 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:11 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Fri, 03 Feb 2023 02:37:11 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
rubicon
match.adsrvr.org/track/cmf/ Frame A363
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:11 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
content-length
0
google
match.adsrvr.org/track/cmf/ Frame F3B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2NmMzVhYjEtOGU1Ni00YTVjLTkwNWEtYTg4NTA2NGVlZjlm&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a8850...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
70 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:10 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTl4elZRQUFBRmNnSGdOVw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTl4elZRQUFBRmNnSGdOVw==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391831.381307,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTl4elZRQUFBRmNnSGdOVw==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame DD94 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1675391830434&cv=11&fst=1675389600000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2343519538&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame DD94 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1675391830434&cv=11&fst=1675389600000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2343519538&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame CC77 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
160dc3f617a48b081c3c9d31417362e233efb525ed9760dd87aaf488cf71d658
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 03 Feb 2023 02:37:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6BZ372ASED38MY8ZMV6Y
google
match.adsrvr.org/track/cmf/ Frame 9A53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2NmMzVhYjEtOGU1Ni00YTVjLTkwNWEtYTg4NTA2NGVlZjlm&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a8850...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
70 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:11 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&google_gid=CAESEBoaqhK780vkn0aV93lU-bo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 9494
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:11 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 2F7F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3cf35ab1-8e56-4a5c-905a-a885064eef9f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
70 B
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:11 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Fri, 03 Feb 2023 02:37:11 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-Ur8KM95E2uKhFZgGE3jJEhqKx.ADK5w-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
tap.php
pixel.rubiconproject.com/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y9xzVQAAAFcgHgNW&expires=90
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y9xzVQAAAFcgHgNW&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391831.381274,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y9xzVQAAAFcgHgNW&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391831.381729,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
log
play.google.com/ Frame 3728 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 02:37:11 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3728 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 02:37:11 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3728 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 02:37:11 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3728 		131 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.ffxfoR8owrE.es5.O/am=GgMABA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5Hs-D-c9yBVy9z5PfWmjefTi5eig/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f101.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 03 Feb 2023 02:37:11 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
setuid
ib.adnxs.com/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y9xzVQAAAFcgHgNW
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y9xzVQAAAFcgHgNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:11 GMT
AN-X-Request-Uuid
23b2d4a2-93d7-4de9-88c3-10c37c6d587d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391831.381694,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y9xzVQAAAFcgHgNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch
ssum-sec.casalemedia.com/ Frame BF66 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff5df18424cdb4cb408ebf6c6b3d05d94522197f4b85d4e08593de70161fd790

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7937c8817a363775-MEL
content-encoding
br
content-type
text/html
date
Fri, 03 Feb 2023 02:37:11 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkKPz0MrfAxZFONr%2FsWp5%2FrQkWluf%2BIlO%2BSZB4kjpFi7x3278x70iFEAn76LW91rGDrCtDKvI6ehfiJ5ovt%2FkjgH2FFzMGw70Xd29ET%2FOLLPO5RbF2%2BeRxWdfo41PneFFrkL7o9FY2FEGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7604 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.39.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-39-62.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 02:37:11 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91FE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20113
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 03 Feb 2023 02:37:11 GMT
expires
Fri, 03 Feb 2023 08:12:24 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sd
us-u.openx.net/w/1.0/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9xzVQAAAFcgHgNW
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y9xzVQAAAFcgHgNW
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y9xzVQAAAFcgHgNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y9xzVQAAAFcgHgNW
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9xzVQAAAFcgHgNW
1 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9xzVQAAAFcgHgNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:37:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391831.381762,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9xzVQAAAFcgHgNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 04 Feb 2023 02:37:11 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 91FE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13764374&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ed511662ff938514f98c554f217e5a5e29903b147ad177677c3e4e6349520109

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 03 Feb 2023 02:37:11 GMT
content-length
1650
content-type
text/html; charset=UTF-8
partner
sync.search.spotxchange.com/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9xzVQAAAFcgHgNW&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9xzVQAAAFcgHgNW&img=1&__user_check__=1&sync_id=a9feaddc-a36b-11ed-8c60-183e48c20407
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9xzVQAAAFcgHgNW&img=1&__user_check__=1&sync_id=a9feaddc-a36b-11ed-8c60-183e48c20407
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
HTTP/1.1
Server
103.71.26.125 , Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
15
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y9xzVQAAAFcgHgNW&img=1&__user_check__=1&sync_id=a9feaddc-a36b-11ed-8c60-183e48c20407
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
58
Connection
keep-alive
Content-Length
0
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 18 Jan 2023 10:47:58 GMT
server
cloudflare
x-amz-request-id
JB7G01B4KE6EK1E3
age
303
etag
W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7937c8826a152b36-MEL
x-amz-id-2
9+krXmGazTjPM46upLMRc1HHsVO4cvz4l+qTQx3I+aYsxDGkxN9V6+HtLD6L8wdSfabQOnpIrbA=
view
securepubads.g.doubleclick.net/pcs/ Frame 363D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1gs-MWX5tNr0EYmef_dx3a8BZ14VoHZcLCkKTiamYW6H-fNx94hk2ryojh9SfqPy7grgFUbodqZvQcDTlDSpbuZLNttSF9aw_BX0CVzjC5NPzl3OGZVTraJGBzxgNFwQNrqUpQhZS_2Y0wz1aYY6Fcxy9rMdmCPc5PZ-VRKHwzuV4Bplk4C6dg9CnoLbwYcK6oOkY6LtPbU5AODd_BP8iaRwEWcrdLO7bjD6q1ewzujfzCTxuev6P7hOmVJNwtaSOcrQHRigm83cD4bJNWyRVW_2O0fphtM-0Su-96PjCMdhm9v1IhG-2F64_YW_c6NW7_R1iC-d_pOWhlWuF&sai=AMfl-YSaDKeyvxvnhUyufkLOlRJSbVyhayYzRYL9cnDZ3vmInZap34rSGjIks0D1a3Q7bgjkRy2Nb4uXRG3QV5Xl_dgi1vQQT_ChmjsPobhhCPjHbunN6Sbr4zp-z29FCA&sig=Cg0ArKJSzDPedv1C6Bp1EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 363D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 363D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
l
www.google.com/ads/measurement/ Frame 363D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwrqAuN_MngD9ZW3I3xRjaQ3ky8OjjJD4NhWnmeZDWYD4c17uZCJmksJM2YVqQfSewhPygY31n9t-KcqNjX-VzwALHPA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 363D 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:37:13 GMT
11960385870550645432
tpc.googlesyndication.com/simgad/ Frame 363D 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11960385870550645432
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 07:21:39 GMT
x-content-type-options
nosniff
age
242132
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15618
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 Jan 2024 07:21:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 83F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNRk7xvP8UWDNnS2vMHIMldEo_K6Mn2jqCsjTq7J_iSbELFWqgx1_DwgF2I5okIWwBMIvCAWvMrpgvT1uL-SnjkqRIMexw43uWkPnW5UMxqsQap0BhWfJmyDmeXxJwpER8ubl5MGIZMICXodnB0zwLcZ_MJpP42B01mgGHRKHq1-DKN9GO-UcDFdMP0wjh0ZsWNCIRH3YnJPVtZVbudTQAp6ZPhCnvWPA5fTnSgphEyFJVyYh42VubnxFeS15OZ9B2bvsHyGO4xqJZbeZ6hDdpsKmBFR2BBlPDDMYTaJQUaWKR125GwJbMR8Ce0RtMCDjaULiEMt-LUZ8yH4UL&sai=AMfl-YTsRDurzBPGKsivuujz0gHj5cAHoC_A50I9itufm3mKV4umt65XvYiVKHxfIKwf400I1XJQc2pCtsjxcmsS6J-EDLimemZUAwsr04RldPVfFSrNMgA3D6YYLhwh9Q&sig=Cg0ArKJSzJnoIYvNKwkoEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 83F1 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 83F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
l
www.google.com/ads/measurement/ Frame 83F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSk4jv_FjlZvc_lELqK8ZJOC2GdqtmWjCN9S42cg3zNETmpW5zYi3WGPnWAubwE6YNmw2j3EJ1XjNDe6VHMzREqgiVNTg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 83F1 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:37:13 GMT
13148952536986812586
tpc.googlesyndication.com/simgad/ Frame 83F1 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13148952536986812586
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 07:26:11 GMT
x-content-type-options
nosniff
age
414660
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15618
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jan 2024 07:26:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1CBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugrZZpA7svG3JLuPwKoZLNB93bIwDNgupgJwb4sCHQ3ojGdF_mhbKl_zCQIPL6O4tYNWaSUDhy_7LKw8abFQHZQNAwZbu2Z2Yi5KTuOYem0Fs7riwnvWX4cpf5sVT90gLEIbjks_eh1hDRMy8gcLdGfFNIatAtTRfKux0TaYKDtTACcQY0SvRwgumNNscdYEfsN-mqez-4GnJ801nABEZaPDr5uTKaq3xt-m3pZevmo_KXcsAtiFiNJXwLdqftS0ieI5yw3Fk7Bp7P1I2DqS-tA6Y4_Pn1d2kizKNx2I0oexi71eaE8HbVBfOvQ1_BI23h6fVl_WqI6QErmagV&sai=AMfl-YSe5K3sxvQWPWZuC6G7sZjI993vPw6k5U_G9M7spUj1LpMhXTZ4A7av1zkGWM387sxX9OY7X_CtQKV6v--6-jnJapWsJyKUDpLf6-JoX-7pMYginO6pY9aXTkbR9Q&sig=Cg0ArKJSzHZECRDAeKIYEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 1CBD 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1CBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
l
www.google.com/ads/measurement/ Frame 1CBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsSoBspJqeHgSwOdmXWHQJRy_ZVX-xgmQpkYC2piJzHnhnGNQgX3bQZ-A6wv3NvLn7FrfK2fiMIC9dZDaPMBrjfGwqkQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1CBD 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:37:13 GMT
11438703049129612531
tpc.googlesyndication.com/simgad/ Frame 1CBD 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11438703049129612531
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
ef96338dbe7fe031b9901ba29d1ccce7a528eb4138f1895afc6fb73d40d561cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:42:57 GMT
x-content-type-options
nosniff
age
143654
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65664
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 00:58:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Feb 2024 10:42:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A93D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC3oGV7RDM_8F62mgt2P53_9CY9tfKU9nWLKNZY24MqdJ3axB4_Lqd65_l1JQcNJ0AHwulcyTQrKGQ9eDfe7A90HHghdli1rVdQcxh3XieZfqrSis6Y6FfIZMDOf_qnctTYA0jbR_41k_iRe-vX56o6CHaOlbMeKmvYvlS5ll-B2icFCrFMpp_h71yrykFQBdesDNqgpLEcwIS36RFh5KQrtX22xqQHny7Q2gNHgNK23kNj8I7ZW_8L0b3EGgzlHd7KE2VtskEKAbeaIw-JubutOdSU_sn_pIFDHH96AbeyytD3RccFkJh3Y3OYeK-bpBdQaoLdi5eWqTfMx8V&sai=AMfl-YTV_7wyJQokauKMTBVTcmaQOu_LYp1Yr8V31UQm-_2PthZ9c2REz3qeNTJs5Ho740wNRUPnPx6OY9MMm5IL9ZRSyrW2UubSRv8NzhGIfgkNGbGZEe3OV85ZUxLLyA&sig=Cg0ArKJSzHA-aFYWSjX7EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east?nk=9375a80c72660dfec484bc0ddce70d4e-1675391818
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
11438703049129612531
tpc.googlesyndication.com/simgad/ Frame A93D 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11438703049129612531
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
ef96338dbe7fe031b9901ba29d1ccce7a528eb4138f1895afc6fb73d40d561cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 10:42:57 GMT
x-content-type-options
nosniff
age
143654
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65664
x-xss-protection
0
last-modified
Fri, 13 Jan 2023 00:58:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Feb 2024 10:42:57 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame A93D 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20924
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8993
x-xss-protection
0
server
cafe
etag
12355142264901698679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame A93D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 20:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
20925
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Feb 2023 20:48:27 GMT
l
www.google.com/ads/measurement/ Frame A93D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOm2Hsnf9mCeCffnBBOyKKAJhv-2j4WyJYo0_UODiezfPk-agh3XXVrECm58_jG626Tb_qdaQ6_gidaeIFLolk07P18A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A93D 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:37:13 GMT
b.php
www.facebook.com/fr/ Frame EB38
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9xzVQAAAFcgHgNW&t=2592000&o=0
43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9xzVQAAAFcgHgNW&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H3
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 18:37:11 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
99S2s7TXAFN6HKdeYV2u82SaMpTkRgPqhuQI7URU9KzPpehK5S+tOn6tPsv2hTUzXtGxRwxEg5qopmmwFp06zA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
priority
u=3,i
expires
Thu, 02 Feb 2023 18:37:11 PST

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391832.624839,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9xzVQAAAFcgHgNW&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 03 Feb 2023 02:37:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
usync.js
eus.rubiconproject.com/ Frame 7604 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.39.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-39-62.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec6044651e922931c0e49bcc72f729bc33c6f43829b239105952fc1252e35185

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:37:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Feb 2023 11:42:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32681
Connection
keep-alive
Content-Length
10036
Expires
Fri, 03 Feb 2023 11:41:52 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-94.sin5.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Feb 2023 02:37:12 GMT
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
x-amzn-trace-id
Root=1-63dc7358-23457740661d9f1c26036330
x-amzn-requestid
89d7f836-526b-48a4-89f2-d457720c650a
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
fvb13HZ0DoEFrTQ=
content-length
25
x-amz-cf-id
Jsiubr0UHm4oxvFqWJ7sS48yrQBQzyW4iWzibK0VyMVoU2WtIt2Pqw==
dcm
s.amazon-adsystem.com/ Frame BF66 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7GX13QE10SXKB92FA488
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BF66 		70 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BF66
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9xzVjypQMGwTbWOCYVRUwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BF66
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fnw5PR%2FjRYc%2FskbkzTSrHy2mMdkYON3%2FJ0%2F2AOZrkdlMp7VwU7GJse91oPMTaqI8Cy0LXKWQ%2FA%2FSEhE7r7TNS%2FQ9gRiuApVuoC%2FnbI3ChaN68lWs0HX0TPk2dzT%2BoP%2B1YFeoxsQap7W3mg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7937c8851e683775-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF66
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=03030001_63dc7358654ed&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_63dc7358654ed
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_63dc7358654ed
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 03 Feb 2023 02:37:12 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=03030001_63dc7358654ed
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
crum
dsum-sec.casalemedia.com/ Frame BF66
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030231&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030231&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030231&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame BF66
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=JFO7CKyELK9z7Bd1IC8u&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2SSGJ43UG...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JFO7CKyELK9z7Bd1IC8u
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JFO7CKyELK9z7Bd1IC8u
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=JFO7CKyELK9z7Bd1IC8u
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BF66
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fty21347-FTY
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1675391832.721861,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y9xzVQAAAFcgHgNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
s.amazon-adsystem.com/ Frame BF66 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:11 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
78RVECHKEZ13ZKGMEPRB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cm
trc.taboola.com/sg/adobe/1/ Frame EB38 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-vcl-time-ms
439
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
via
1.1 varnish
x-served-by
cache-fty21361-FTY
server
nginx
x-timer
S1675391832.280272,VS0,VE439
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
0
sync.1rx.io/usersync/adobe/ Frame EB38 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.44 , Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
ecm3
s.amazon-adsystem.com/ Frame 7604
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LDNX1D2B-18-A6AV
  • https://s.amazon-adsystem.com/ecm3?id=LDNX1D2B-18-A6AV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LDNX1D2B-18-A6AV&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6E21TXV621Y4VB45BQ9Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LDNX1D2B-18-A6AV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Expires
0
match
c1.adform.net/serving/cookie/ Frame 4F11
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 03 Feb 2023 02:37:12 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 03 Feb 2023 02:37:12 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame FD4C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a6963dc-7358-4000-aeab-37894c329096&gdpr=0&gdpr_consent=
42 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a6963dc-7358-4000-aeab-37894c329096&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 03 Feb 2023 02:37:12 GMT
Expires
Fri, 03 Feb 2023 02:37:11 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 421 8749e8d master hkg-pixel-x24 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3a6963dc-7358-4000-aeab-37894c329096&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame AD5E 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID586903E1-4ECA-4930-A45D-87D4977133F6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 03 Feb 2023 02:37:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
TZFV66TFQ9FWFVSCVJ4V
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WGkD4U7KSTCkXYfUl3Ez9g%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:12 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=20112
accept-ranges
bytes
content-length
5554
expires
Fri, 03 Feb 2023 08:12:24 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 91FE
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=586903E1-4ECA-4930-A45D-87D4977133F6
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDU4NjkwM0UxLTRFQ0EtNDkzMC1BNDVELTg3RDQ5NzcxMzNGNhAAGg0I2ObxngYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=81b8e5131b4eea1f2779544f6e187f19913e9cb5325ac5faa90d2b62d6c39cda791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA4MWI4ZTUxMzFiNGVlYTFmMjc3OTU0NGY2ZTE4N2YxOTkxM2U5Y2I1MzI1YWM1ZmFhOTBkMmI2MmQ2YzM5Y2RhNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA4MWI4ZTUxMzFiNGVlYTFmMjc3OTU0NGY2ZTE4N2YxOTkxM2U5Y2I1MzI1YWM1ZmFhOTBkMmI2MmQ2YzM5Y2RhNzkxNDI2YjU0MTdkY2UyMRAAGgwI2ObxngYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=77e79ac4-5b67-4f28-a5fe-8228af8712ea
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=77e79ac4-5b67-4f28-a5fe-8228af8712ea
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=77e79ac4-5b67-4f28-a5fe-8228af8712ea
date
Fri, 03 Feb 2023 02:37:13 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
info2
uipglob.semasio.net/pubmatic/1/ Frame 91FE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=586903E1-4ECA-4930-A45D-87D4977133F6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=586903E1-4ECA-4930-A45D-87D4977133F6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=586903E1-4ECA-4930-A45D-87D4977133F6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Fri, 03 Feb 2023 02:37:05 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:05 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=586903E1-4ECA-4930-A45D-87D4977133F6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 91FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTg2OTAzRTEtNEVDQS00OTMwLUE0NUQtODdENDk3NzEzM0Y2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 91FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPlbB0tni21uNV-y8Ki0Qbs&google_cver=1
42 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPlbB0tni21uNV-y8Ki0Qbs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPlbB0tni21uNV-y8Ki0Qbs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 91FE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FE14D36BE24459E9346A9CA2266418E
42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FE14D36BE24459E9346A9CA2266418E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 03 Feb 2023 02:37:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7FE14D36BE24459E9346A9CA2266418E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 02 Feb 2023 02:37:12 GMT
586903E1-4ECA-4930-A45D-87D4977133F6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 91FE 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/586903E1-4ECA-4930-A45D-87D4977133F6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.185.52 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-185-52.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 91FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=
42 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3cf35ab1-8e56-4a5c-905a-a885064eef9f&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
tap.php
pixel.rubiconproject.com/ Frame 7604
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKxAsci2B7HWcKwvr_M6d10&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKxAsci2B7HWcKwvr_M6d10&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKxAsci2B7HWcKwvr_M6d10&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 7604
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNX1D2B-18-A6AV
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNX1D2B-18-A6AV
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F53046A26E3C4561A016171B7A9C825E Ref B: MEL01EDGE1818 Ref C: 2023-02-03T02:37:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzwo8ENmE9MS4L2JbbOw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDNX1D2B-18-A6AV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7604 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VS3KFWN35HY7MERVTPE1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7604
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/lNHMgMl0DrHAXrcnV7NcPMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3HKEH4dE2oLATsh7tCWrYHKPhFazCb89jah70w--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3HKEH4dE2oLATsh7tCWrYHKPhFazCb89jah70w--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 03 Feb 2023 02:37:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3HKEH4dE2oLATsh7tCWrYHKPhFazCb89jah70w--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 7604 		70 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7604
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROWDFEMkItMTgtQTZBVg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROWDFEMkItMTgtQTZBVg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEROWDFEMkItMTgtQTZBVg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7604
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7Hzf4G74TeiQ_zLK6GoBmQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Hzf4G74TeiQ_zLK6GoBmQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Hzf4G74TeiQ_zLK6GoBmQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MZA13HH6Y969PHFGZHR0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7Hzf4G74TeiQ_zLK6GoBmQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7604
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjA3ODRhMjRkYzNjNjUyNmYyMjc2NWFhMzk4YWQxOTUzN2M5Mjk3Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjA3ODRhMjRkYzNjNjUyNmYyMjc2NWFhMzk4YWQxOTUzN2M5Mjk3Zg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjA3ODRhMjRkYzNjNjUyNmYyMjc2NWFhMzk4YWQxOTUzN2M5Mjk3Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame 1CBD 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abad9f745e3e1be5b494d8470cedda22a59039a173b8b60f1778a3eaa6551dbe

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 363D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f5918f6686ae77c26da80bf85577f4769407707b8fc7a1ab374897bdf1893d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A93D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a5baae6d38fe1223a342d58b5ba94c1a01fa93f98b4cdd39bb8a18201d9488b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 83F1 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03c210296b15a85a4e280c79130809fa58c68604a36be582c37ef087249fd468

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.119.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-119-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 03 Feb 2023 02:37:13 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.119.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-199-119-40.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 03 Feb 2023 02:37:13 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ixmatch.html
js-sec.indexww.com/um/ Frame 1CB4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
435
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7937c88ae9fa2b2c-MEL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 03 Feb 2023 02:37:12 GMT
expires
Fri, 03 Feb 2023 06:37:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6E98 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=20112
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 03 Feb 2023 02:37:12 GMT
expires
Fri, 03 Feb 2023 08:12:24 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0B7E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
82482
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 03 Feb 2023 02:37:12 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
8, 285361
X-Served-By
cache-lga13626-LGA, cache-fty21324-FTY
X-Timer
S1675391833.695192,VS0,VE0
usermatch
ssum-sec.casalemedia.com/ Frame 846E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa4df33ea24a3e54322fc617686953d34fb41d80311bb57bcc1eff3859490a9

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7937c889ce6c17d0-MEL
content-encoding
br
content-type
text/html
date
Fri, 03 Feb 2023 02:37:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkbT3JJXRpPRyoMKKuGerHCSEvQx7liIbQ8o6GR7d3jCdRDpYcIatjdsd4MLH%2FQVMHcSdsVyGKg2e8%2BxyTaEqshav6JE%2Fg2f7EYrfhaRs%2BpHUg6Mwj5R3RYENbIA9%2B0gl%2BPOPEc%2F2DZaMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 80D3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.39.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-39-62.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 02:37:12 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=1310738631785163303
43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=1310738631785163303
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:12 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
0f844cab-03b2-4eb5-a087-316474066da5

Redirect headers

Date
Fri, 03 Feb 2023 02:37:12 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f2521090-9bc6-45a2-8a3e-af2f7549197e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=1310738631785163303
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 80D3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.69.39.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-39-62.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ec6044651e922931c0e49bcc72f729bc33c6f43829b239105952fc1252e35185

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 02:37:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Feb 2023 11:42:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=32680
Connection
keep-alive
Content-Length
10036
Expires
Fri, 03 Feb 2023 11:41:52 GMT
casale
match.adsrvr.org/track/cmf/ Frame 846E 		70 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 846E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y9xzVjypQMGwTbWOCYVRUwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM5tO6O1kv4c9D2LqLtB5jA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 846E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K962R1SRJXRBVFAB3Y8F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 846E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyUo3klRVHIeSOj%2BBy5yLOR67in8eNDitnGVdyj2iq6IMdM8vTBUTW1fgO9bOKwKTv359p5v6gUk3%2BSr9Fn7AcevpjGgEQYrf4JlHWTMlmz9ZeX%2BqCPbbf8zjxIOCnnhIMg55DG8dlxY4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7937c88c79ce17d0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEENKciyZpf3j0760dsFKGRI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 846E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030232&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030232&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Fri, 03 Feb 2023 02:37:12 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1691030232&external_user_id=f1ee572d-27bb-4531-b8db-6eb1a3d8f132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 846E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7854299086110410743
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7854299086110410743
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7854299086110410743
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 846E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
13.251.185.52 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-185-52.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
date
Fri, 03 Feb 2023 02:37:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 846E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a6963dc-7358-4000-aeab-37894c329096
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a6963dc-7358-4000-aeab-37894c329096
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 03 Feb 2023 02:37:12 GMT
Server
MT3 421 8749e8d master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3a6963dc-7358-4000-aeab-37894c329096
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 03 Feb 2023 02:37:11 GMT
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 846E 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y9xzVjypQMGwTbWOCYVRUwAA%264688
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.166.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-166-41.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:12 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1a-i-03dedb69eccb864c6
usermatch
ssum-sec.casalemedia.com/ Frame 109F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf2ad17e709e9e544ba6670ba4414e65c8293634795e9be79fcad3b5998e8bb

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7937c88b98ba17d0-MEL
content-encoding
br
content-type
text/html
date
Fri, 03 Feb 2023 02:37:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRGscmbwpsWNlge1igAGZJBUwr577rlOrb8TSTwHWgDER%2B4SBLoLGEO56gvyer2lmEVQJHqvGkVifVQ3iHKzEGGMkZLsjmT0FF9w8aNTOE%2BWOnKlsxWVwmh4sPHXQk4OfFamrHDaC0363g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 0B7E 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
AN-X-Request-Uuid
229a5211-49da-47c4-ac05-ed7fe5a6c492
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 109F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y9xzVjypQMGwTbWOCYVRUwAAElAAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.185.52 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-185-52.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 109F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1310738631785163303
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1310738631785163303
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 03 Feb 2023 02:37:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ff80ed1c-ee56-4847-8785-078532427b84
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1310738631785163303
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 109F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADSUU7HuOcAACCIBTRpRw&expiration=1676601434
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADSUU7HuOcAACCIBTRpRw&expiration=1676601434
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADSUU7HuOcAACCIBTRpRw&expiration=1676601434
Date
Fri, 03 Feb 2023 02:37:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 109F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7FE14D36BE24459E9346A9CA2266418E
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7FE14D36BE24459E9346A9CA2266418E
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Fri, 03 Feb 2023 02:37:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=7FE14D36BE24459E9346A9CA2266418E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 02 Feb 2023 02:37:13 GMT
rum
dsum-sec.casalemedia.com/ Frame 109F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=zggd1M8ITI7VAk7Sy1lUhJwISoPVWBqDmwkkGDur
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=zggd1M8ITI7VAk7Sy1lUhJwISoPVWBqDmwkkGDur
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=zggd1M8ITI7VAk7Sy1lUhJwISoPVWBqDmwkkGDur
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 109F
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=11yc4ck14x5i
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=11yc4ck14x5i
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

lws
224
date
Fri, 03 Feb 2023 02:37:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-encoding
utf-8
time-ms
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=11yc4ck14x5i
cache-control
no-cache, no-store
content-length
0
crum
dsum.casalemedia.com/ Frame 109F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1310738631785163303
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1310738631785163303
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2H7GchEZPf9aHUWfn7B6D60BNsM9gNYJyZLtuId81pPbYEYqdswTn16uLC5OXnr%2FPyGzdwi%2FyD7YH6p50fHt%2FWVblEQL7rZnNCnVn3pRV7I6ZUy80M%2FIFDsRUIoRlgCOr6K66Jf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7937c8908eb917d0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 03 Feb 2023 02:37:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2a43ba25-41a5-4596-9eb1-0f92786f87ff
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1310738631785163303
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688
dpm.demdex.net/ Frame 109F 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y9xzVjypQMGwTbWOCYVRUwAA%264688?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.128.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-128-19.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0fa5da88e.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JUFeI0OgTko=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame 109F 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y9xzVjypQMGwTbWOCYVRUwAA%264688
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:13 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
17944
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7937c88e29e6df2c-MEL
content-length
43
expires
Sat, 04 Feb 2023 02:37:13 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 91FE 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 0B7E 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.251 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 02:37:14 GMT
AN-X-Request-Uuid
bb25c5b0-d75b-4e4b-8467-68177bc26722
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1CBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXzm16sT8ReXdLUZDcElcv0oURnf7OjdfExCYNNkVrLc5EppLBNfULcHU6Ufmyyn_7QNIBO6TnbQb26skVYFrtf6aMbNH9oMAyyjj-3z9_jJBWV65IjiYJ1M-7SfU7OTO1wPPXhcNYevVgaaMYHeCL5RNoG48JizJQQo-w-mzOWXvjuuuUK2GP3zr9cwpfJOK2frwCr38ubtKYnpkW2WlRk9ghFNOMFE42jZAjOXQ_Z7Cb2x522vHHCh2YyIu7RQ0uA__3sGtG3veueY1i2wqzrX82Fp6LI2KJvxc0pEJ1vCZjYiv1UxD4evfzwKcQgOGdVBpIPcLshkvxCd0qk2Q&sai=AMfl-YRP9LZTXeHjpu9xysLv9uagQSeoh9RYH5hrVwh8KwqUKR3i0F4Iqds99CewjOAtdr9OyKgRUgNQP3YEcFp6c7292upkuk7s0-UqhA1prLl3BeGrATDZKeOUQlJP3g&sig=Cg0ArKJSzLIWYr2sJ8-3EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:37:14 GMT
jload
pixel.adsafeprotected.com/ Frame E8BE 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138419571206&pubOrder=2553375348&cb=154297514&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88d-a36b-11ed-8f23-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
76487be22ec765c569bbac54534007bef88147a46504cf07c6e26090a1696dc9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A93D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3uDKXUwCIATrgBUaZunACtvGXd2fghyrhx1l14CEwM8ILxBWFVN7XACMoBwYQq2crrUk6Tnkob-bs0_99gtU9F9lq2XQynPUMzcVBKd6O9hWDc2l-vRjgflwuu8_tTgiQeNFAIOvswHzrulfHJNZEC34YEJb6iTOUqgxdpR6NXkkgb0MSiFYHWUgXMXdXhTN6j9zI9ynbog2ZE8us_TA_adL6-7Q0jiXv5lpS1XTUlKvN56KJamcjeow3T1tB9Dzh_pnXJJq2kq6BfPCkINiAdBeeWUF7Y1Ndr5rLigPIpv49qDg2ohPm1fe0DJx4bWiZIm2d9mcaaRaUhxQbGJ8&sai=AMfl-YQXW7OC9S8_YCFJxFgZ770391u6jzAfFV9uMj5TbURAG-vDr9XqlEygNwb9jl7_9RDV2Ow4HhrplYiuQ7ak2sLmwMyg_bk_sE8uexDoXmHVUDDGmnfpf7_8cYVFQw&sig=Cg0ArKJSzBCYWIOPnxYZEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:37:14 GMT
jload
pixel.adsafeprotected.com/ Frame 134D 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5083943881&pubCreative=138419571206&pubOrder=2553375348&cb=1801925643&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88e-a36b-11ed-8f23-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5f2bdd60846d1b54aadcaf5a99ba506466e49a1c8e249810cbea7f63d5aebc56

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 363D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6dkMXNzx54PnRwuaqQwEsVBkp6-nkEh3JxpM3LjFc2R0JmRIMN8SfhVxnYm0lz7_SUJPJbfPrY-fIHyIMF2BsxLIZW6tx2R7-CGuMDigLNWFBR_tWKiiOEr27ePX_fgBkh9CszGIMzHhcj9a9xMB5RRVdCkgMmOhN1OsZu22jRqRnWjysMS88SA4mf9Caa6XL-OLF_CZLNQwtf7vpDqNuLjwyqBqhNs73bwGbkz5mWT1HHqUKVs61-MVzmdh_eMU916y6Spg8iCFHpYnnCMOJfcqRnKHW2uQqKHGuFSs000F8emDi5pi4IYQliWS-RtGtBTBdJITtuhPgD7mkqXo&sai=AMfl-YRKle9uq4Q3_lnJ3xbIC26KlBYU9wAantI6twjwRdSQFMjWa0UvwY50mQO2pTjnO_DBKhPZZ-MlpehZBcTFPJHP_2CnUxiWpNpl5Glf-KFD0hTslQXSQFif1UK9Kg&sig=Cg0ArKJSzGM3bmOt3fDcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:37:14 GMT
jload
pixel.adsafeprotected.com/ Frame 7C94 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=1629182692&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88b-a36b-11ed-8f23-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c46827537c3f87fcb66e818c319f46ee5cefd17816f5e2a9539fd9408d1e41dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 83F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdq70ZNn1LTcMe9C1jorlBMiyby0Kn7ZxZAqK5KcZ6keBy1W9nJe1EsxNc8Ce9UgcSICQyKyaCN5_S4Jz8AHcE8ScV1zaknewhXYSvJ5L7M6hNM3q_TBDOotnfZSJtnjWPdkXj2bTbN65GpGHyCtw_AuettSW3pAYGfvI8z2pF3cLPTnnIck7XF7JSuTkOuz9F5ahhqcuNkFS8czno_KWcW12wDMFkyt7JCilzN7SYWAYHI2EADBhgE2byOWzzPVvfhMG2hsdAYs8oiymptM7FQbOF7KZH_pjqlnXa3dMbC3oIj9haVLJWmGWIvVE03oz-QeEWYL65XdGY9XIJcWc&sai=AMfl-YS8zJ1erNNDhbIZHTNmwyIW5Szt6wS3guJVR_sz1Ooazj6KGXf171HVzCswlatB72KClIRVl7zsgJxdslvPYIJAcXsq_FeKJZH1zu3z90o0w6DEtGYwbt7kAY1tTA&sig=Cg0ArKJSzNSuDXoLKezCEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 03 Feb 2023 02:37:14 GMT
jload
pixel.adsafeprotected.com/ Frame 85D1 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629775&pubOrder=2553375348&cb=1972135267&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88c-a36b-11ed-8f23-0679fa08ad36
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e4a37b94d7bbf547075d6c7cebf79e2b82f7760f0aa3b95d93c271813d1429e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:14 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
generic1674383553611.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		487 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1674383553611.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09ef3185c70b92a89a42173554dcba0971bf6ff6807d8f2beb587eb211e38f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
0wZilUcGsyckGx01p39NxpbwhrSxV942
content-encoding
gzip
via
1.1 varnish
date
Fri, 03 Feb 2023 02:37:14 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
BD427RYGQVNVFYNW
x-cache
HIT
content-length
88281
x-amz-id-2
5NuUu+318siKICAQmBT+ZNcpxHgo0YMfxncgu6yL4Tzq3cl11oNjsWuUfGDHgBIpm7HDZpZTbI8=
x-served-by
cache-fty21346-FTY
last-modified
Sun, 22 Jan 2023 10:32:34 GMT
server
AmazonS3
x-timer
S1675391835.867893,VS0,VE0
etag
"e21656fa738b009380658ddab017d746"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
32
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
54e6a6cfbb4cf36d05726a7a52c191db73817eea3cbf7feeeb872f37a8d3efbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12483
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 2059 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:14 GMT
server
Kestrel
server-processing-duration-in-ticks
961922
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
0f14699d0298057271ff0fa169fd153e
content.api.news/v3/images/bin/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0f14699d0298057271ff0fa169fd153e?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6e76a4528def931cfaa2a3377dd71068c1a3e9d7182331e65dd4236b9535cf00

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:15 GMT
x-check-cacheable
YES
edge-cache-tag
0f14699d0298057271ff0fa169fd153e
content-length
10984
last-modified
Wed, 01 Feb 2023 23:33:17 GMT
server
Akamai Image Manager
x-serial
1434
etag
c4be6a762f4461096ee96b07e35683aa-0f14699d0298057271ff0fa169fd153e-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5086580
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 02 Apr 2023 23:33:35 GMT
1e502f0ef77129e32061267de3f2f88a
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1e502f0ef77129e32061267de3f2f88a?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4e1b0297f62ae96710443433369d0823b7731315f828f3a47153f10ad6ab746c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:15 GMT
x-check-cacheable
YES
edge-cache-tag
1e502f0ef77129e32061267de3f2f88a
content-length
10631
last-modified
Wed, 01 Feb 2023 21:45:43 GMT
server
Akamai Image Manager
x-serial
1447
etag
90768a0dbf5f9dea9193f6c0aedf4ecf-1e502f0ef77129e32061267de3f2f88a-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5080155
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 02 Apr 2023 21:46:30 GMT
ae55a64781794c2bee85171bd31f55be
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ae55a64781794c2bee85171bd31f55be?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e228750e013e837f3d430634c89fba1f673cdb1e2c3af36632c6b1aae97838d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:14 GMT
x-check-cacheable
YES
edge-cache-tag
ae55a64781794c2bee85171bd31f55be
content-length
8217
last-modified
Wed, 01 Feb 2023 23:15:30 GMT
server
Akamai Image Manager
x-serial
1343
etag
4fb181ef43aacd1c49d0290c66cf9e2b-ae55a64781794c2bee85171bd31f55be-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5085478
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 02 Apr 2023 23:15:12 GMT
main.19.8.385.js
static.adsafeprotected.com/ Frame 134D 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.385.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5083943881&pubCreative=138419571206&pubOrder=2553375348&cb=1801925643&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88e-a36b-11ed-8f23-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:29:24 GMT
x-amz-version-id
VUpTdNSw556u8DTxBoj61VmLffpEPAG9
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
1314472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 18 Jan 2023 19:44:57 GMT
server
AmazonS3
etag
W/"d4db5e05b3c00fb6a3a262869af20f38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
e2I0lBLRJ74Bekhcr01Yrh_yHUKVEqlwfyl-M45TGSPcFci8fTlBiA==
main.19.8.385.js
static.adsafeprotected.com/ Frame 7C94 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.385.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=1629182692&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88b-a36b-11ed-8f23-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:29:24 GMT
x-amz-version-id
VUpTdNSw556u8DTxBoj61VmLffpEPAG9
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
1314472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 18 Jan 2023 19:44:57 GMT
server
AmazonS3
etag
W/"d4db5e05b3c00fb6a3a262869af20f38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
9e8B_nvjYBnmD3uCuUiJCQWPS9jRnrJ7E_iESkBSSoOtceTt4cA7lA==
main.19.8.385.js
static.adsafeprotected.com/ Frame E8BE 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.385.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138419571206&pubOrder=2553375348&cb=154297514&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88d-a36b-11ed-8f23-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:29:24 GMT
x-amz-version-id
VUpTdNSw556u8DTxBoj61VmLffpEPAG9
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
1314472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 18 Jan 2023 19:44:57 GMT
server
AmazonS3
etag
W/"d4db5e05b3c00fb6a3a262869af20f38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TkumZTSUC_xwJww4EkfY4y6F6-gd-iPKW_rnqP-q3wUoF0c8dZrfiA==
main.19.8.385.js
static.adsafeprotected.com/ Frame 85D1 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.385.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629775&pubOrder=2553375348&cb=1972135267&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88c-a36b-11ed-8f23-0679fa08ad36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:29:24 GMT
x-amz-version-id
VUpTdNSw556u8DTxBoj61VmLffpEPAG9
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
1314472
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 18 Jan 2023 19:44:57 GMT
server
AmazonS3
etag
W/"d4db5e05b3c00fb6a3a262869af20f38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
RldPA-pfpCexibnrzrHkLcYDBA9HvAVh2sAG5AWZNfLlQNPm6dtcaw==
json
gum.criteo.com/sid/ Frame 2059 		457 B
580 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=www.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
443793c28d62535afc97ad2a5b96e59ca5e907ef201903e25128c6735345ce33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1454124
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1CBD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHk6lt_nBa3POjmVjzVckXUop6__DzZXDuYje9NqpE_9oMUonbi02GJc-aC5oV4tUguC-72Ew-81cLRn27q0azRKsjquhMQNAa1binm4kdjUVPECQc&sig=Cg0ArKJSzPR-H47wuh_PEAE&id=lidar2&mcvt=1000&p=464,1124,714,1424&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2405353167&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675391831437&rpt=2902&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOS4wLjU0MTQuMTE5IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJTb3V0aCBlYXN0IHwgTGVhZGVyIE5ld3NwYXBlcnMgU291dGggRWFzdCBNZWxib3VybmUgfCBMb2NhbCBDb21tdW5pdHkgTmV3cyBWSUMgfCBNb29yYWJiaW4gTGVhZGVyIHwgRGFuZGVub25nIExlYWRlciB8IEJlcndpY2sgTGVhZGVyIHwgQ3JhbmJvdXJuZSBMZWFkZXIgfCBIZXJhbGQgU3VuIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvc291dGgtZWFzdCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc1MzkxODM1NDM1IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODYxNTIyOWQxZWY2My0wNzg2MGMyNDE0M2EyYy02MDMyNWQ1Ny0xZDRjMDAtMTg2MTUyMjlkMWZmZDQiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtc3lkMSIsImFjY291bnRJZCI6IDEzMjIyMiwidXJsIjogImh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvbGVhZGVyL3NvdXRoLWVhc3QiLCJ3ZWJzaXRlSWQiOiAxMzIyMjQsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImU2ZTAtNGI2Mi02ZDIxLWVmYzMtYjY2MC1lNDE4LTRmZDctMTcxNiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjc1MzkxODM1NDI5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDM1MjYsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ5LjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ5LjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzUzOTE4MzU0MzUsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-tqjr
date
Fri, 03 Feb 2023 02:37:15 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Feb 2023 02:37:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 363D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsththMoDaUjohSI0bZQFTXgcshTReL9sbScrnOlwRblIou3oWVxPV0GA6Z48jr5oi5YtHA8lSpPQy2OGyjVfViDidMulXksx6SnQ2XZO-rMb9fHvGEy&sig=Cg0ArKJSzHh9cA5TaEaVEAE&id=lidar2&mcvt=1000&p=28,436,118,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1194512124&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675391831383&rpt=3239&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B18C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
399700
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 11:35:35 GMT
expires
Mon, 29 Jan 2024 11:35:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9769 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f105.1e100.net
Software
GSE /
Resource Hash
7d1254d578855924b2ad36b8bf4a9e3028c73125608410e8d827942a69fe2212
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hYmUGnP6yj8jWJaEvT8UYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-hYmUGnP6yj8jWJaEvT8UYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:15 GMT
expires
Fri, 03 Feb 2023 02:37:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8185 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
11617259
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EBMmIuMKgGZjxTmS2h1-Nra9tDZ_P2SagZONH-8XtXCEhkihiSPrhA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5083943881&pubCreative=138419571206&pubOrder=2553375348&cb=1801925643&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88e-a36b-11ed-8f23-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:dc811423-97ef-04e7-9965-e6ab9759a7d2,c:37AW2E,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-54f7f9fcd5-xw27p,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.3183.300.250,am:i,cc:1124.3183.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:711,mot:0,app:0,maw:0,fm:tuLroQe+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n*.10507%7C1n1%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:735,oid:ab388731-a36b-11ed-9a8a-7e2c8fdf59fd,v:19.8.385,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:15 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 6E98 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85485712&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6e461524c30bc69796118b255ca7780863aac30323c8dc89c96769f85322ef2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 03 Feb 2023 02:37:15 GMT
content-length
1961
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=dc811423-97ef-04e7-9965-e6ab9759a7d2&tv=%7Bc:37AW37,pingTime:-2,time:763,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:534,beZ:535,mfA:1245,cmA:1246,inA:1247,inZ:1251,prA:1251,prZ:1261,si:1269,poA:1270,poZ:1284,cmZ:1284,mfZ:1284,loA:1290,loZ:1292,ltA:1297,ltZ:1297,mdA:536,mdZ:1217%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:734%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:763,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:734,wc:0.0.1600.1200,ac:1124.3183.300.250,am:i,cc:1124.3183.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroQe+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n*.10507%7C1n1%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1n*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:735,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/southeast_3,google_ads_iframe_/5129/ndm.leader/local/southeast_3__container__,ad-block-300x250-2,newscorpau_ads-193,group_3_col-143subarea-2,group_3_col-143%5D,sinceFw:27,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=dc811423-97ef-04e7-9965-e6ab9759a7d2&tv=%7Bc:37AW3C,time:794,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:794,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:734,wc:0.0.1600.1200,ac:1124.3183.300.250,am:i,cc:1124.3183.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroQe+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n*.10507%7C1n1%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs,siq:735%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ Frame 9769 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023013001&jk=40545177360621&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
pagead2.googlesyndication.com/bg/ Frame B18C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 20:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
193269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 20:56:07 GMT
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame CE7A 		85 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 03 Feb 2023 02:37:16 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fty21347-FTY
x-timer
S1675391836.116535,VS0,VE16
Pug
simage2.pubmatic.com/AdServer/ Frame 861E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1310738631785163303&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1310738631785163303&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
34618501-0f15-47df-8c01-fdd1834d86cc
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 03 Feb 2023 02:37:16 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1310738631785163303&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
103.209.254.28; 103.209.254.28; 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame B509
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb
42 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 03 Feb 2023 02:37:16 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 9595
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yt78evvt5vl
1 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yt78evvt5vl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 03 Feb 2023 02:37:16 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=yt78evvt5vl
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 3E91
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cykl-2kABf6M9Y7ZXHPcYw
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cykl-2kABf6M9Y7ZXHPcYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=cykl-2kABf6M9Y7ZXHPcYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 20B0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 03 Feb 2023 02:37:15 GMT
expires
Fri, 03 Feb 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1139444
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
qmap
sync.crwdcntrl.net/ Frame 6E98
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=&ct=y
49 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=&ct=y
Protocol
H2
Server
18.136.33.92 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-33-92.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.24.6
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.26.207
content-length
0
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 6E98
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=586903E1-4ECA-4930-A45D-87D4977133F6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=586903E1-4ECA-4930-A45D-87D4977133F6
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=44adb3dd-c7ab-4469-9311-10a043e9e32f%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3cf35ab1-8e56-4a5c-905a-a885064eef9f&ttd_puid=44adb3dd-c7ab-4469-9311-10a043e9e32f%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3cf35ab1-8e56-4a5c-905a-a885064eef9f&ttd_puid=44adb3dd-c7ab-4469-9311-10a043e9e32f%2C%2C
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3cf35ab1-8e56-4a5c-905a-a885064eef9f&ttd_puid=44adb3dd-c7ab-4469-9311-10a043e9e32f%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
SPug
image4.pubmatic.com/AdServer/ Frame 6E98
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=586903E1-4ECA-4930-A45D-87D4977133F6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6UYTmoxE2uXIFh6jqZFWwFL59Zuoe7c-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6UYTmoxE2uXIFh6jqZFWwFL59Zuoe7c-~A&gdpr=0
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6UYTmoxE2uXIFh6jqZFWwFL59Zuoe7c-~A&gdpr=0
date
Fri, 03 Feb 2023 02:37:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6E98
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1408194508254203637
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1408194508254203637
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1408194508254203637
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 6E98
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=71b85244-c29a-4ecf-8818-a68eb80fa622&user_group=1&ssp=pubmatic&bsw_param=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4&gdpr=&gdpr_consent=&gdpr_pd=
1 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 02:37:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=06af8e0a-ace1-4bef-a79d-71b9a89ed0b4&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 03 Feb 2023 02:37:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6E98
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5ee483af5d9b2050&is_secure=true&networkId=17100&version=1&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALetRKwDrvewNLC5yEAAAAAAA&expiration=1675478237&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&...
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALetRKwDrvewNLC5yEAAAAAAA&expiration=1675478237&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 03 Feb 2023 02:37:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALetRKwDrvewNLC5yEAAAAAAA&expiration=1675478237&nuid=586903E1-4ECA-4930-A45D-87D4977133F6&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C4C8 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
11617260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VPUX_BBW2VnnTgpUI0FDvfiRis0dl55aBjcHY3jHdHof0kTAp4pxaQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629745&pubOrder=2553375348&cb=1629182692&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88b-a36b-11ed-8f23-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:ca1fea56-d502-01ab-4f16-166c4cb1c13f,c:37AW7a,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-54f7f9fcd5-hhglx,rg:sg,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:993,mot:0,app:0,maw:0,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l1%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1012,oid:ab388759-a36b-11ed-889d-de0b19ef2959,v:19.8.385,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AW7k,pingTime:0,time:1022,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1022,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l1%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AW7q,pingTime:-2,time:1028,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:414,beZ:415,mfA:1407,cmA:1408,inA:1408,inZ:1409,prA:1409,prZ:1422,si:1426,poA:1426,poZ:1435,cmZ:1435,mfZ:1435,loA:1440,loZ:1441,ltA:1442,ltZ:1442,mdA:415,mdZ:1397%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1028,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l1%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/southeast_0,google_ads_iframe_/5129/ndm.leader/local/southeast_0__container__,ad-block-728x90-1%5D,sinceFw:16,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AW7S,time:1056,type:e,env:%7Bar:self.0%7D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1056,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B62~100%5D,as:%5B62~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l1%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2F6C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
11617260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
rtwajjqgZNsS8KZnp4YcZL20aW3JqFaiohaRTHkSX7oNcNIjsw-OmQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138419571206&pubOrder=2553375348&cb=154297514&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88d-a36b-11ed-8f23-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c,c:37AW9H,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-54f7f9fcd5-vcnnr,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:990,mot:0,app:0,maw:0,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1001,oid:ab38d563-a36b-11ed-bba8-7e6872f2a46a,v:19.8.385,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AW9U,pingTime:0,time:1014,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1014,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B23~100%5D,as:%5B23~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWa0,pingTime:-2,time:1020,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:860,beZ:861,mfA:1851,cmA:1851,inA:1851,inZ:1852,prA:1852,prZ:1858,si:1862,poA:1862,poZ:1871,cmZ:1871,mfZ:1871,loA:1877,loZ:1878,ltA:1880,ltZ:1880,mdA:862,mdZ:1826%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1020,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B29~100%5D,as:%5B29~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/southeast_2,google_ads_iframe_/5129/ndm.leader/local/southeast_2__container__,ad-block-300x250-1,newscorpau_ads-191,group_3_col-142%5D,sinceFw:18,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame B18C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?j_9Kog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWbl,time:1103,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1103,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B112~100%5D,as:%5B112~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame BCEC 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/south-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ee464261ee466fae8314a91098b35372.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
11617260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
28irXziD7x5EisH0_SXFZ1J7-crE9JqxoGUQVCWaQ8zMapYAzuUq3Q==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5084295962&pubCreative=138347629775&pubOrder=2553375348&cb=1972135267&custom=index&custom3=168403511&adsafe_par&impId=a8d2f88c-a36b-11ed-8f23-0679fa08ad36&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:9048ad82-eebd-ac93-aab1-501dcab59f7e,c:37AWc3,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-54f7f9fcd5-f7pnl,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.6669.728.90,am:i,cc:436.6669.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1133,mot:0,app:0,maw:0,fm:tuLroT1+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1l*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1144,oid:ab3cf3ae-a36b-11ed-a9d2-064f13e5d234,v:19.8.385,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.11.26 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-11-26.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9048ad82-eebd-ac93-aab1-501dcab59f7e&tv=%7Bc:37AWcq,pingTime:-2,time:1167,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:492,beZ:493,mfA:1626,cmA:1626,inA:1626,inZ:1627,prA:1627,prZ:1633,si:1637,poA:1637,poZ:1645,cmZ:1645,mfZ:1645,loA:1650,loZ:1652,ltA:1659,ltZ:1659,mdA:493,mdZ:1586%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1144%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1144,wc:0.0.1600.1200,ac:436.6669.728.90,am:i,cc:436.6669.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroT1+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1l*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1144,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/southeast_1,google_ads_iframe_/5129/ndm.leader/local/southeast_1__container__,ad-block-728x90-2%5D,sinceFw:21,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9048ad82-eebd-ac93-aab1-501dcab59f7e&tv=%7Bc:37AWd1,time:1204,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1204,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1144,wc:0.0.1600.1200,ac:436.6669.728.90,am:i,cc:436.6669.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tuLroT1+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1144%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=dc811423-97ef-04e7-9965-e6ab9759a7d2&tv=%7Bc:37AWhc,pingTime:-10,time:1636,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675391836673%7C%7C9a462318f4c8cec09f4bf501b0b96e5f%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C14ecd941a1ef979c253057e25c4eb2ef%7C%7Cc8a7c2e6be2ce0b2ed816cf6beddfdfb%7C%7C4572e754339cec2dac6da937536470a1%7C%7C33d2d1583c772093fa00cfa4769b636a%7C%7Cdd5de68f2ff1d20b39f5c49c64cc03bd%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWkc,pingTime:-10,time:1652,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675391836673%7C%7C9a462318f4c8cec09f4bf501b0b96e5f%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C14ecd941a1ef979c253057e25c4eb2ef%7C%7Cc8a7c2e6be2ce0b2ed816cf6beddfdfb%7C%7C4572e754339cec2dac6da937536470a1%7C%7C33d2d1583c772093fa00cfa4769b636a%7C%7Cdd5de68f2ff1d20b39f5c49c64cc03bd%7C%7C1663701684,sca:%7Bspg:dc811423-97ef-04e7-9965-e6ab9759a7d2%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:16 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWnt,pingTime:1,time:2023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWnu,pingTime:1,time:2024,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWnu,pingTime:1,time:2024,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1030~100%5D,as:%5B1030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWnu,pingTime:1,time:2024,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1031~100%5D,as:%5B1031~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:731,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWq3,pingTime:1,time:2015,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2015,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1024~100%5D,as:%5B1024~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,sis:1188%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWq3,pingTime:1,time:2015,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2015,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1024~100%5D,as:%5B1024~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,sis:1188%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWq4,pingTime:1,time:2016,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2016,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1025~100%5D,as:%5B1025~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,sis:1188,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AWq4,pingTime:1,time:2016,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2016,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1025~100%5D,as:%5B1025~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,sis:1188,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=9048ad82-eebd-ac93-aab1-501dcab59f7e&tv=%7Bc:37AWto,pingTime:-10,time:2219,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675391836673%7C%7C9a462318f4c8cec09f4bf501b0b96e5f%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C14ecd941a1ef979c253057e25c4eb2ef%7C%7Cc8a7c2e6be2ce0b2ed816cf6beddfdfb%7C%7C4572e754339cec2dac6da937536470a1%7C%7C33d2d1583c772093fa00cfa4769b636a%7C%7Cdd5de68f2ff1d20b39f5c49c64cc03bd%7C%7C1663701684,sca:%7Bspg:dc811423-97ef-04e7-9965-e6ab9759a7d2%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWv7,pingTime:-10,time:2497,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675391836673%7C%7C9a462318f4c8cec09f4bf501b0b96e5f%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C14ecd941a1ef979c253057e25c4eb2ef%7C%7Cc8a7c2e6be2ce0b2ed816cf6beddfdfb%7C%7C4572e754339cec2dac6da937536470a1%7C%7C33d2d1583c772093fa00cfa4769b636a%7C%7Cdd5de68f2ff1d20b39f5c49c64cc03bd%7C%7C1663701684,sca:%7Bspg:dc811423-97ef-04e7-9965-e6ab9759a7d2%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:17 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 6E98 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 02:37:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWDB,pingTime:2,time:3023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2029~100%5D,as:%5B2029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:18 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWDC,pingTime:2,time:3024,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2030~100%5D,as:%5B2030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:18 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023013001&jk=40545177360621&bg=!srGlsfXNAAaq5O5FiuQ7ACkAdvg8WpjlZi8fcJJSnp7zUqGfYcumVVrBWZ2mqWVYg3qTNbAOplY_XgIAAABoUgAAAANoAQcKAIOX40HKjOgGIu1r7oRaVTDkA1WxefEjtC3vAHede-jXvWri9Nl_qeKvk1flGE5zfgyKLnFWlluDN6mRa8pU397nULg9q-m9O1lSkhlEaCVgNYAWdi-oQObZUHdNnenj0va29fWWqibjIpEo8svtNNgtsjAWS2NJQWvvpK_PCfEowPPi4JkCuR8TjY4-D27HoyicklAQGALt7SgolTPBJa3elZi2y0A3ubqbFU2_s1VBCxhwoHMX33a7Kpp0xcizvVacbukI76sRnwKlorcv9loBIMK5U-iPw6e7KoaTcij2BxfX9Y2rEoN5cNdKY1RdFG5fGayDL47V8vFj0WKv2Mp7DNz64DksXklL1P5whWGq4PRqLLS83sIRoGEWuQ7Zn0TjCtB54fTBjeMjbbMbSjCeur5OKO9TyyVamxqMqb5dQyuyedu4fSKphMbrnTZyJeACCEGTnetHPOhmHc11igAR3o-0A3Pm34tRQcMAd2-EOu0R4A-jrWefuR0joulamizvedGRYsc2V10rFkEKQE0SUkiY1724-tL5tNEYFB9QyHKmjFySBKAFFKeoSslMnUCrOt84C5UNAo16KeLAfjzi82fOYiloOSE4k8QbxA-UpAruimcIcJ-DrliR87BZFQDVSjXLO8wCV-i4FeNTMdTXT20h3J0Y_L3bDIvIRz79BlSgiQism2QyR4uOwEnMkwpg-lXCbk7pdXe4WWvMWd5oTUCJSU0m9km3FQfwMHsvjPzq_4Wi0_54d4phn4sPwikmEa1s8hrw7YUHxHb2oDg_yByxJgCtwI8OM3EZUcecFlgFpExF4wke10SoCzVPH9tfgrSRNYL51TaM6vZp9oEIp6l7q0R5UTQ4fJcz3JexPBO8oquZsgi5KSEtve0TxJg4ZyRcAZKMCeAy9jn7x1R_Gp4oXmFQDAWtPpHd98gcqdZUYLMv8k0QoVpKI_3qAcPQa1__CTBDBwsSSPxWCs4L9DYoGqF7c5AF4OleazxLQJ9vH-uiBOSAkN2NWK5KN63AurW7pQucmyXa37oyegu5sq_h7QlxTKoOHRJn-x2gN6YfGREdcc81UkWK0z50ujKmHAZ2oTLXWFBXyF8LCLM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWTJ,pingTime:3,time:4023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3029~100%5D,as:%5B3029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:19 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AWTK,pingTime:3,time:4024,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:4024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3030~100%5D,as:%5B3030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:256,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:19 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AX9R,pingTime:4,time:5023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4029~100%5D,as:%5B4029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:260,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:20 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AX9S,pingTime:4,time:5024,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4030~100%5D,as:%5B4030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:260,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:20 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AXpZ,pingTime:5,time:6023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5029~100%5D,as:%5B5029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:258,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:21 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AXpZ,pingTime:5,time:6023,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5029~100%5D,as:%5B5029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:258,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:21 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AXsz,pingTime:5,time:6015,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6015,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5024~100%5D,as:%5B5024~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:259,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,sis:1188%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:21 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=74c3c2ae-3a9b-aa79-59c6-6ca55b16a15c&tv=%7Bc:37AXsA,pingTime:5,time:6016,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1001%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6016,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1001,wc:0.0.1600.1200,ac:1124.464.300.250,am:i,cc:1124.464.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5025~100%5D,as:%5B5025~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:259,fm:tuLroSY+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1l.10507%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:1002,sis:1188%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:21 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AXG7,pingTime:6,time:7023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6030~100%5D,as:%5B6030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:258,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:22 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AXG8,pingTime:6,time:7024,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B6030~100%5D,as:%5B6030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:258,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:22 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fsouth-east&u=CiXNLeDDQXOVC3aFwR&d=heraldsun.com.au&g=36976&g0=local%2Csouth-east%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7530&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fsouth-east&b=10655&t=DQ3K_r1ecAABMUyOZBfHr2IB2bJU&V=139&tz=0&_acct=anon&sn=2&sv=DPEBW6BY3DAFDJu-DXBjqHxyClfEC4&sd=1&im=062b0732&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-231-107.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 03 Feb 2023 02:37:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AXWf,pingTime:7,time:8023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:8023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7029~100%5D,as:%5B7029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:259,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:23 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AXWf,pingTime:7,time:8023,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:8023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B7029~100%5D,as:%5B7029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:259,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:23 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AYcn,pingTime:8,time:9023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:9023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8029~100%5D,as:%5B8029~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:259,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:24 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AYcn,pingTime:8,time:9023,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:9024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8030~100%5D,as:%5B8030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:259,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:24 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AYsv,pingTime:9,time:10023,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:10023,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B9030~100%5D,as:%5B9030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:257,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:25 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ca1fea56-d502-01ab-4f16-166c4cb1c13f&tv=%7Bc:37AYsw,pingTime:9,time:10024,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:1012%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:10024,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1012,wc:0.0.1600.1200,ac:436.28.728.90,am:i,cc:436.28.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B9030~100%5D,as:%5B9030~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:257,fm:tuLroQg+11%7C12%7C13%7C14%7C1511%7C1512%7C15131%7C15132%7C15133%7C1611%7C1612%7C1613%7C171%7C18%7C191%7C1a%7C1b%7C1c%7C1d%7C1e11%7C1e12%7C1e13%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k*.10507%7C1k1%7C1l.10507%7C1l1%7C1m.10507%7C1m1%7C1n1%7C1n2%7C1o1%7C1p1%7C1p2%7C1p3%7C1p4%7C1p5%7C1p6%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v,idMap:1k*,rmeas:1,rend:1,renddet:IMG.qs,siq:1012,sis:1214%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.230.191.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 02:37:25 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/849c7ff
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/bWEo_/y/iC/S4K9/dMGCUN91/1NEiNQ8r1ciz/U2MDMBYB/SUQb/fQA2SS8

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| oncontentvisibilityautostatechange object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr undefined| $ function| jQuery function| admiral object| googletag function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| lazySizes object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| 4dm1r11545242527 object| app object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker function| rdt object| vidora_ns object| m object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| nca_ipsos object| dm object| ipsos_ready function| setImmediate function| clearImmediate object| ID5 object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore object| mready object| metrics object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc function| pbjsChunk object| _pbjsGlobals object| apsUnits object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| npt object| brandmetrics function| __assign object| KAMPYLE_EMBED function| __spreadArray object| _brandmetrics boolean| isAlloyConfigured function| GeaLoader object| ggeac boolean| apstagLOADED object| apscustom object| atsdetectionmodule object| atsenvelopemodule object| ats object| diagPixSentCodes object| __iasAdRefreshConfig object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| DotMetricsInitScript object| DotMetricsSettings function| omrhp function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| DotmetricsJSON object| DotMetricsObj object| Criteo object| UrlCache object| SUBSCRIPTIONS object| SWG undefined| oneTagObj function| ebDecode object| bsResponseObj function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| categoryData object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| GoogleGcLKhOms object| __IntegralASExec

172 Cookies

Domain/Path Name / Value
.heraldsun.com.au/leader Name: nk
Value: 9375a80c72660dfec484bc0ddce70d4e
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 9375a80c72660dfec484bc0ddce70d4e
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1675391818
.heraldsun.com.au/ Name: nk
Value: 9375a80c72660dfec484bc0ddce70d4e
www.heraldsun.com.au/ Name: lux_uid
Value: 167539182552609037
.heraldsun.com.au/ Name: bm_sv
Value: FB4A09BE6A028B9D51AAB5885C87EDBD~YAAQjUZYaNiAH+OFAQAAoHciFRJmi/JCdfSM2GMtocJEkSp0OVSrAQKcNKtc0tp1s9lT0kgxG8jBWAXdSkkHYGYycEUtSyPoTMFwH96hl7emHDHEj3wttJ+CfReGPY3bEAMgzskl9zNUtd8hWDeOSBw0YUZFkKkg1LCV5C6kf+e8P4r5bivH4kjvEqHPDd+n5zqegi4HH+zh6ypc3F3Rvyw1UFtzLP9+mBAsNhr8oY1TP6sXD5jz7R67wt6qPVQNDK9Ebzag~1
www.heraldsun.com.au/ Name: AWSALB
Value: FVVUzwYQmWZNmLceXvbkQSI0Q1tZ4w2IoiiKhf3vr/5bYnCOQOVkJCI02893sqtfArunxEglsn7qSsDN4fHXo2+zzFNVPlzorgjMu5h3+dRSNWE5rpYnuwSMC7bd
.heraldsun.com.au/ Name: ak_bmsc
Value: 13E11AA5D74998F7C3DC4E112322EEB2~000000000000000000000000000000~YAAQjUZYaOKAH+OFAQAAAHoiFRLCegxNdbetwItCazjEZZT+2hULndrH3OOuC4Ir9mCA3dLN63/OjnGciyTqBvMoZiZSP3P2MngVSb5QKysTajD1LgmcdQ5J7fHF3qVsIyC6ne69F+uHIuKKJuceH6i95zCoVRsFdSRi17RIN2JHy0At9esLOjVmYouE86cvAdxEjjULbUQITkvLMivtAJOIh+k8kT9sErf2qFew6PKYPrQIi9q4pLnVO08GOL/8jo2mLQVZFLgifqebJfNdeUogd0kF2Rf3cOeHjYVYagr0o+aiN49dkrCLMw0N0ikCGZP1CzEu0+f22baZojAb0GDi9wZDt0Kaf/mj/MwH+tPYavtTODGfkF/eKWVQHL26VdL/opoVtZCtYp7EMelYCxUFiTjy5YHmO05ZFxZE3TbTTsVV8U3n0T9G7B1dyjs6w/wfudOD2qSQUynxQ0kaqBfp0tkCrqYkApP2JySiDL+n0Bja3BKEbsR/THTMcq+kyko=
www.heraldsun.com.au/ Name: AWSALBCORS
Value: FVVUzwYQmWZNmLceXvbkQSI0Q1tZ4w2IoiiKhf3vr/5bYnCOQOVkJCI02893sqtfArunxEglsn7qSsDN4fHXo2+zzFNVPlzorgjMu5h3+dRSNWE5rpYnuwSMC7bd
.heraldsun.com.au/ Name: utag_main
Value: v_id:018615227a630019fbdd5d5a0f2403074002e06c00b08$_sn:1$_se:1$_ss:1$_st:1675393626531$ses_id:1675391826531%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.6118042313321028
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Aa654b1f0-a36b-11ed-8b8f-891c4b988ec6.7tS550Y46kOqVTd9tq%2BU%2F2LTt5MlfaldpIAvaeKnZkk
.heraldsun.com.au/ Name: _cb
Value: CiXNLeDDQXOVC3aFwR
.heraldsun.com.au/ Name: _chartbeat2
Value: .1675391827149.1675391827149.1.DPEBW6BY3DAFDJu-DXBjqHxyClfEC4.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncid
Value: b7554d56a70045152d7b51fd0a0de9fc
.heraldsun.com.au/ Name: _awl
Value: 3.1675391827.5-7b86c0de290805e84b87f10313446290-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1675391827843.1321885817
www.heraldsun.com.au/ Name: vidoraUserId
Value: ambsebggqfg1s8ha2vu9u2s89tom1r
.heraldsun.com.au/ Name: nol_fpid
Value: dwqo6hn4uqfxmh33xexoanwmqyvm01675391828|1675391828229|1675391828229|1675391828229
.demdex.net/ Name: demdex
Value: 63627653486276301132881381696468829956
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=ca55131e-f139-4790-b5fe-1a63d3838f99&Created=02/03/2023 02:37:08&UserMode=0&guid=d0622d95-d8d8-4b2d-909f-aad4341ee207&ver=1
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13214
Value: 1
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 330ea4ea-01bb-4cbe-b99f-51cd277a35ef.1675391827.1.1675391829.1675391827.ff24911f-1ffc-443c-952c-15d873f25ee9
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: VIC
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: jd5oOZ76cCot1noq7wuDLC0TLifG8JT2/lFnBAvaDOgAOGKJVSDRKWXJuxT1DGFZ4ZrrN3oaQzl8fuftNLSCu9z8QKnPCY0aIVvoQRAcEbyo0NrhMGCbtUN0DKEp
.newscgp.com/ Name: sp
Value: 15836771-1d1e-404f-b7b8-a9523374566c
.imrworldwide.com/ Name: IMRID
Value: a7b99921-a36b-11ed-928e-494d12ed3535
ads.playground.xyz/ Name: connect.sid
Value: s%3AsUPs7amHTJaVZUV6FOqO5-E08JIDQ_1K.wYy0DcnVs%2FNwfMWqtaPLh%2FFa7GICCtKYvwPKx39FRAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y9xzVQAAAFcgHgNW
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004c3mCYi0_
.serving-sys.com/ Name: G4
Value: 0009fM00Kb_
.serving-sys.com/ Name: OT2
Value: 0001DC1s0W
.serving-sys.com/ Name: u2
Value: b6f7c2cc-0589-406d-93d1-aa3d50cd784f4K.050
.id5-sync.com/ Name: 3pi
Value:
mfad.inskinad.com/ Name: azk
Value: ue1-6b70235e98c6414d890eded7bb5304a0
mfad.inskinad.com/ Name: azk-ss
Value: true
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C63606572942243986512878983405691016734
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEw1ebxngY4AUABSAEQ1ebxngYYAA..
.dpm.demdex.net/ Name: dpm
Value: 63627653486276301132881381696468829956
.rubiconproject.com/ Name: khaos
Value: LDNX1D2B-18-A6AV
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19392%7CMCMID%7C63606572942243986512878983405691016734%7CMCAAMLH-1675996629%7C9%7CMCAAMB-1675996629%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-1756449508%7CMCOPTOUT-1675399029s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19399%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_tbm
Value: true
.heraldsun.com.au/ Name: s_nr30
Value: 1675391829743-New
.heraldsun.com.au/ Name: s_tslv
Value: 1675391829743
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Clocal%7Cindex%7Csouth-east
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Clocal%257Cindex%257Csouth-east%2C16%2C16%2C1200%2C1%2C6
.heraldsun.com.au/ Name: s_cc
Value: true
.id5-sync.com/ Name: id5
Value: 55fecb9c-baa2-77fc-87d1-f693f7a6ce00#1675391829499#2
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898
.heraldsun.com.au/ Name: aam_uuid
Value: 63627653486276301132881381696468829956
.adsrvr.org/ Name: TDID
Value: 3cf35ab1-8e56-4a5c-905a-a885064eef9f
.adnxs.com/ Name: uuid2
Value: 1310738631785163303
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1174245713.1675391830
.linkedin.com/ Name: li_sugr
Value: 5eaa829a-e4b4-4ed4-b6c8-aef6c4f1508d
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&d592b4d3-b9a8-4871-8ff0-748c45a893b7"
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2498:u=1:x=1:i=1675391830:t=1675478230:v=2:sig=AQHGbqqo_SQ2oPWiRzaPkuWbWH6Z3OdX"
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY2MzYwNjU3Mjk0MjI0Mzk4NjUxMjg3ODk4MzQwNTY5MTAxNjczNFIOCLqSiqnhMBgBKgNPUjLwAbqSiqnhMA==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
www.heraldsun.com.au/ Name: ln_or
Value: eyIxNzY1MzgwIjoiZCJ9
.doubleclick.net/ Name: IDE
Value: AHWqTUlCJbKLbU3bMlmqARb7uegeeWB7A9Xu9cN9Qj8rLNhOkj9GUfo3Vy5WbiJS0hM
.casalemedia.com/ Name: CMID
Value: Y9xzVjypQMGwTbWOCYVRUwAA
.casalemedia.com/ Name: CMPS
Value: 4688
.casalemedia.com/ Name: CMPRO
Value: 4688
.turn.com/ Name: uid
Value: 7854299086110410743
.amazon-adsystem.com/ Name: ad-id
Value: AyK4p_rXhkIcuzDU7gS24S0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQLH3Z79IvOQnwAAAYYVIopZLhbkiAJwazjmeu0dfbMwC3m-jEnv2RtNvJ6vC5eR0jTylCe8JPGYxw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJdrco0jnNszAAAAYYVIopZ8qsAOw3PXVmLjRn-DkSqGTZQBLfPuSMcrens7sLvJoS3LQYdcSVKtqFogc_IkQ
.t.co/ Name: muc_ads
Value: 8ae4e363-aa0a-41b3-a67f-dbc0399ebb48
.eyeota.net/ Name: mako_uid
Value: 18615228bca-5a21000001085c5f
.eyeota.net/ Name: SERVERID
Value: 23647~DM
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202302030237104a484c9a-2284-4ccf-8deb-b015a43ee190AQFKVp-2iDSxKQJqqCn7CPuFxPaN3CNx"
.twitter.com/ Name: personalization_id
Value: "v1_NDHcOSYCWEMBSIfBUB081Q=="
.yahoo.com/ Name: A3
Value: d=AQABBFdz3GMCEMx35SbCMbaIpnRfLvp8IMQFEgEBAQHE3WPmYwAAAAAA_eMAAA&S=AQAAAuvUA7WvUgaT5RSbcK2e1vU
.bluekai.com/ Name: bku
Value: pSL99a5pls1SJO1/
.scanscout.com/ Name: uid
Value: CI-3f28078e36008389a565d193b038506f
.scanscout.com/ Name: UIAA
Value: 63627653486276301132881381696468829956
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1675391831163"
.heraldsun.com.au/ Name: __gads
Value: ID=3b3ed8598977f692:T=1675391830:S=ALNI_Ma8zVC2Tq4Qk4UBEomJhlXb3wXkXQ
.heraldsun.com.au/ Name: __gpi
Value: UID=00000bb407ca07dd:T=1675391830:RT=1675391830:S=ALNI_ManfN2jqrkROszDc41fSYuslh1bfA
.google.com/ Name: NID
Value: 511=FiJEMG07EdhlVBW-ISc3ZRqvd34esJE-8YqI2y79cZCY_OOdkfWdzVQIoLdUS7qmRxL6OgcbQlkXRsziJ_swMn_bbeu4vdUT5FYgffswrKWYsUa92-JaLR78TOnebhjxyrMIUfR4siXnvLtBKEPa5yT3fVJxYk45xpRH0YCbbkk
.demdex.net/ Name: dextp
Value: 358-1-1675391829569|470-1-1675391829674|481-1-1675391829774|771-1-1675391829875|903-1-1675391829976|19566-1-1675391830077|23728-1-1675391830178|30432-1-1675391830279|30064-1-1675391830379|66757-1-1675391830481|134096-1-1675391830582|144230-1-1675391830683|144231-1-1675391830784|144232-1-1675391830885|144233-1-1675391830987|144234-1-1675391831088|144235-1-1675391831188|144236-1-1675391831289|144237-1-1675391831487|147592-1-1675391831588|461447-1-1675391831688
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2GVMr/ThE!]td08i_jAez_UZ18%3FgHRA*8^#A:a+d]qJQHiKqi'hCE!>>.D$25A)(rF5k*pv7Pzr:U%[=qb%vhLj)fy)St/0tw
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 586903E1-4ECA-4930-A45D-87D4977133F6
.openx.net/ Name: i
Value: df745118-38e8-4118-9f8c-02ed6fa3fbe6|1675391831
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y9xzVQAAAFcgHgNW&KRTB&22978-Y9xzVQAAAFcgHgNW&KRTB&23194-Y9xzVQAAAFcgHgNW&KRTB&23209-Y9xzVQAAAFcgHgNW
.company-target.com/ Name: tuuid
Value: f1ee572d-27bb-4531-b8db-6eb1a3d8f132
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEPlbB0tni21uNV-y8Ki0Qbs&KRTB&22987-CAESEPlbB0tni21uNV-y8Ki0Qbs&KRTB&23025-CAESEPlbB0tni21uNV-y8Ki0Qbs&KRTB&23386-CAESEPlbB0tni21uNV-y8Ki0Qbs
.krxd.net/ Name: _kuid_
Value: PW0xBhur
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3cf35ab1-8e56-4a5c-905a-a885064eef9f&KRTB&22918-3cf35ab1-8e56-4a5c-905a-a885064eef9f&KRTB&23031-3cf35ab1-8e56-4a5c-905a-a885064eef9f
.simpli.fi/ Name: suid
Value: 7FE14D36BE24459E9346A9CA2266418E
.rlcdn.com/ Name: pxrc
Value: CNjm8Z4GEgUI6AcQABIFCOhHEAA=
.semasio.net/ Name: SEUNCY
Value: AAC6BEC661D2B1AD
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 3a6963dc-7358-4000-aeab-37894c329096
.dyntrk.com/ Name: dyn_u
Value: 03030001_63dc7358654ed
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:7FE14D36BE24459E9346A9CA2266418E
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:3a6963dc-7358-4000-aeab-37894c329096&KRTB&16736-uid:3a6963dc-7358-4000-aeab-37894c329096&KRTB&23019-uid:3a6963dc-7358-4000-aeab-37894c329096&KRTB&23114-uid:3a6963dc-7358-4000-aeab-37894c329096
.adform.net/ Name: uid
Value: 1408194508254203637
.spotxchange.com/ Name: audience
Value: a9fead95-a36b-11ed-8c60-183e48c20407
.zemanta.com/ Name: zuid
Value: JFO7CKyELK9z7Bd1IC8u
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIpLHr0LLmwjsQBRIVCgZnb29nbGUSCwiW4MrXsubCOxAFEhYKB3J1Ymljb24SCwjQotDSsubCOxAFEhkKCnJpZ2h0bWVkaWESCwjQotDSsubCOxAFGAUgBigDMgsI0JrT_8jmwjsQBUIPIg0IARIJCgV0aWVyMhABWgd2cmdlczZuYAE.
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLhH4sOv+xPUyKB0+A8/5Oadyb9tf73/CBWX3sO0dNTRPy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe5ElgYJ7z+6k=
.pippio.com/ Name: did
Value: MMoJ75FNVZiBrO9K
.pippio.com/ Name: didts
Value: 1675391832
.pippio.com/ Name: nnls
Value:
.company-target.com/ Name: tuuid_lu
Value: 1675391832
.pippio.com/ Name: pxrc
Value: CNnm8Z4GEgQIAhAAEgYI7OsBEAA=
.gammaplatform.com/ Name: _aCMR_1
Value: 5
.gammaplatform.com/ Name: _aGeoIp
Value: KR|Seongnam
.gammaplatform.com/ Name: _aUID
Value: 11yc4ck14x5i
.quantserve.com/ Name: mc
Value: 63dc7359-97e3b-3d334-cc4c2
.linksynergy.com/ Name: rmuid
Value: 77e79ac4-5b67-4f28-a5fe-8228af8712ea
.linksynergy.com/ Name: icts
Value: 2023-02-03T02:37:13Z
.rlcdn.com/ Name: rlas3
Value: FlTO8eNbM8UcKCfpB0X+Mmz6T+u18L53EMWjDGHsy7I=
.bidr.io/ Name: bito
Value: AADSUU7HuOcAACCIBTRpRw
.bidr.io/ Name: bitoIsSecure
Value: ok
.heraldsun.com.au/ Name: s_tp
Value: 7530
.criteo.com/ Name: uid
Value: 38d6e262-8366-4366-bab0-a25cb37ee487
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: e6e0-4b62-6d21-efc3-b660-e418-4fd7-1716
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1675391835429
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 91.3917484926412
.heraldsun.com.au/ Name: cto_bundle
Value: RMenN196STRwZ2RvcWIzeVI3MXNPN0ZRJTJCV21ZQnFNb3A4TW43UlVvQ1RCOFFIS2hpRkpKZmUyYkQlMkZMRGUyNEJ0U2VOUndJU2RyWXgxU0lBaU9DVzNwa2JYV3lSVlhpRnNvTFdYampFMm5yTndnUVd0SHJMRW05UVRSbWdSJTJGbjNpcHZEdTBDbkl3dUcxZm5qWjNQWTA5aSUyQlB5cDhUSDVIbWp4UTMzYSUyRk5NSVh3cUdnJTNE
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1676592000%3A226_245_201_197%7C1675987200%3A164_248
.pubmatic.com/ Name: SyncRTB3
Value: 1675987200%3A223_15%7C1676246400%3A63%7C1676592000%3A7_247_220_71_54_22_8_96_56_21_13_3%7C1676678400%3A35
.quantserve.com/ Name: d
Value: EMABEgGaKPijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~29s2:175w~29s2:18z8~29s2"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb&KRTB&19420-iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb&KRTB&22979-iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb&KRTB&23403-iGKM24li3YGTaN_djTPFi9pi24yTMouM3WOK4iqb
.pubmatic.com/ Name: PugT
Value: 1675391836
.pubmatic.com/ Name: SPugT
Value: 1675391836
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1408194508254203637&KRTB&23263-1408194508254203637
.tapad.com/ Name: TapAd_TS
Value: 1675391836272
.tapad.com/ Name: TapAd_DID
Value: 44adb3dd-c7ab-4469-9311-10a043e9e32f
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1310738631785163303&KRTB&23339-1310738631785163303
.ambientdsp.com/ Name: _aGeoIp
Value: HK-Hong_Kong
.ambientdsp.com/ Name: _aUID
Value: yt78evvt5vl
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.c.appier.net/ Name: _auid
Value: cykl-2kABf6M9Y7ZXHPcYw
.bidswitch.net/ Name: tuuid
Value: 06af8e0a-ace1-4bef-a79d-71b9a89ed0b4
.bidswitch.net/ Name: c
Value: 1675391836
.bidswitch.net/ Name: tuuid_lu
Value: 1675391836
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

8 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=896047869697.0488?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=b7554d56a70045152d7b51fd0a0de9fc&timewithTz=2023-02-03T02:37:06.544Z&country=au&newsconnectId=&fpid=9375a80c72660dfec484bc0ddce70d4e
Message:
Failed to load resource: the server responded with a status of 500 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6dx1a9j5h2xzt9ktn0b9otvca7gog1675391828.nuid.imrworldwide.com
8228261.fls.doubleclick.net
94676c5ead8f10d7bc9f1a01d3a626ed.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
beacon.krxd.net
bedsberry.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.speedcurve.com
cdn1.adoberesources.net
check.analytics.rlcdn.com
cm-supply-web.gammaplatform.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.api.news
d.turn.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
match.adsrvr.org
match.prod.bidr.io
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.mediaiqdigital.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.company-target.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
www.morningtonpeninsulaleader.com.au
x.bidswitch.net
login.newscorpaustralia.com
103.229.10.192
103.229.206.240
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.71.26.125
104.16.87.20
104.18.33.19
104.18.36.94
104.22.53.86
104.244.42.3
104.244.42.69
104.254.148.251
104.254.151.120
104.69.39.62
107.178.244.193
107.178.254.65
119.9.108.180
13.107.42.14
13.113.223.36
13.214.10.7
13.228.154.11
13.251.185.52
13.33.30.231
13.33.79.24
13.33.88.28
13.33.88.96
13.33.91.15
13.35.15.213
13.35.8.13
13.35.8.40
13.35.8.51
13.35.8.74
13.35.8.94
13.35.8.99
139.162.38.30
139.5.84.243
142.250.4.155
142.250.4.156
142.250.4.94
142.251.10.132
142.251.10.155
142.251.12.105
142.251.12.149
142.251.12.155
142.251.12.94
142.251.12.97
15.197.193.217
151.101.129.175
151.101.194.217
151.101.194.49
151.101.65.108
151.101.65.44
157.240.235.1
157.240.235.35
162.19.138.83
162.19.80.92
165.69.249.4
172.217.194.138
172.217.194.154
172.64.101.9
172.64.151.162
172.64.154.237
18.136.169.219
18.136.33.92
18.138.18.111
18.140.11.26
18.140.27.177
18.155.68.45
18.155.68.56
18.155.68.87
18.158.147.33
18.161.111.89
18.180.3.9
18.213.217.104
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
185.84.60.30
199.127.207.188
199.232.44.157
199.36.158.100
23.195.152.111
23.195.152.191
23.213.140.211
23.213.141.29
23.44.27.174
23.72.44.196
23.72.44.233
3.213.18.11
34.102.253.54
34.120.155.137
34.160.169.226
34.232.231.107
34.96.71.22
34.98.64.218
34.98.67.3
35.190.60.146
35.213.12.39
35.241.45.82
35.247.47.28
42.99.140.160
44.230.191.33
50.112.50.233
50.116.239.135
52.199.119.40
52.220.229.2
52.46.128.147
52.63.107.165
52.74.13.196
52.76.199.184
52.88.128.19
52.95.128.122
54.192.111.40
54.80.166.41
59.151.164.106
63.140.36.104
67.199.150.86
67.220.228.200
69.173.158.64
69.173.158.65
70.42.32.31
74.118.186.44
74.125.24.101
74.125.24.149
74.125.24.156
74.125.68.132
74.125.68.156
8.43.72.98
89.207.22.76
96.17.72.42
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03c210296b15a85a4e280c79130809fa58c68604a36be582c37ef087249fd468
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ef3185c70b92a89a42173554dcba0971bf6ff6807d8f2beb587eb211e38f8a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d41f19c0ba4882d625087353df062e66059f1f0e3e897abd12ecfcfb28a083b
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e978d238d5c41225bcd905cf8add12e444e2cf30f04691a949cebe0789f174c
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
116d4af50fad649c491f01832a39482a07434355db986e3a290926c8b1f634ef
1431791464cf8495adfa004a07f5c87595a33293f25f31da947316e9c670f455
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
160dc3f617a48b081c3c9d31417362e233efb525ed9760dd87aaf488cf71d658
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
1a47d16fe5f85db6c4fa5ba896ee860a0a9bf5e5dafafd23670de1dbd38c0948
1ceba1d3b2b7a7e4d00bb536f73d6a2c9824e013cc2947c6d303c6e501d01458
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a5baae6d38fe1223a342d58b5ba94c1a01fa93f98b4cdd39bb8a18201d9488b
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c9c87e2bc688728bc92018e5b0c49899ad5ac6b9df0ba2989669ed997e4bef8
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f3e28cb913fc9229304149e55fc4cabf206f707d068f05554692f38ea2f358
33765ffc9d5eaaca51acbc275a845a0b4e1bda54e9a87ac05e09aa5803816c61
3528195e6af4e53d97fa596f8c6e62b517d884e584bfb3e4d5de348447842c59
35d44d15b9f1029b1481b4c44c9148aaee06dac3851a72f0ff02105b0ab91041
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dad3b6839ad8a9e97d9051034caf09cdd4d0cf2cb7ae17eec47c5b27329bfae
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
436c8410120df712d7af6adada0356658b4f72086231b700c67c09510c769889
4403f7382d1fcbf91864d21c598189e987f75eeb7ddd72b1fbf87a2efb670fa1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443793c28d62535afc97ad2a5b96e59ca5e907ef201903e25128c6735345ce33
4468d08891fca625d4051ab4e7a33725527fe4174864c8c6866c93a88defe88a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1b0297f62ae96710443433369d0823b7731315f828f3a47153f10ad6ab746c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
510426d114ecbe4989ce66138f3c6b1011200d25710a8038f9f11a794e2119f2
5374aa7362e004cb6158fd95a42f43817798fde09a2b9836e49237ef2186e860
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1a14472fd940eef27a1a152d9cd23aa2f9e51b1760f432b407c7e629ad3b3
54e6a6cfbb4cf36d05726a7a52c191db73817eea3cbf7feeeb872f37a8d3efbf
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566adb623a1723b23ca4f800a75a4af52d6daeb3750afba98498f832180319c8
5835d900a8aac3dc4d5fcd332fdb8bb71079feaa371ae7a02b11a8d284120bc6
594e37072e43b53217558bedf3fae181ed790890be59151566d0e7f3b81f5193
5a4dde3e7a535ddb496bc1a74b0fc98c252b544f6e729dab07da890363aad7cc
5c95897de08e24b0189631976b2f0f780ba34067303f2e74979f7f660220ca5c
5d1756c2ccdc67363e14db3d40eeae1ec3765618c31624a398a858e42bf2d584
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f2bdd60846d1b54aadcaf5a99ba506466e49a1c8e249810cbea7f63d5aebc56
5f38af9f576dc1e7ee4eaaad9abdbacfc19550e8c631ed0b1d02e90dbdd50ce5
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
618843158ccc24172fe7ac6ab8b755bf371cf5965c469407613041778e43e503
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63dd49b6cbd1a890e9e23fb5bf3fbe94921dfb6b5c4e5937a8ea5c8b5b2dd36f
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68f274e5330a1431b6e07a6a979209097633d713576cf9620bee34a6bd898ad7
698e4e698960fd9a90f537fea9068212a3ce3dd4b208fbab3510378aeb20d3f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b05bc799e111097866a5f021cc4d5e10fecce1878c42331ddbfebfab0d54960
6cc6f6a3ec5a5d3a671bc0f8cc9f90e97904ab2d94c9ad51d4c4df2808a6eeea
6cdbe3cb7727207a2e9750f463f38e42c05d78989448e818efe0807d91b26153
6d67bc44e2840e82222dbbf991345abae73322333031960388ed5ba7a8b4d93b
6e461524c30bc69796118b255ca7780863aac30323c8dc89c96769f85322ef2a
6e76a4528def931cfaa2a3377dd71068c1a3e9d7182331e65dd4236b9535cf00
71d408a39baa0dc4581e93d6cf7848f232f487f221329208403d10ba8398f885
727f7ed7ae7bf7e9ed17e13cf3a3aaa4ce9e6de796767b63ebc28c08fc65a336
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
733a823eb03134ff9ba848ac7775304a82874815017be1a75b4a29f00dffc44c
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
73d7194f51616ea395b52934db721b5cb4de766c0aaf33f05ea197379686654c
746ae9f89257f50641aa689285d9cc6f17e3d6758ba9b44763e6418964921fd0
75ff226055d5212f77f5adb9a64d1eca0ff433e8085a259366a82924da1cdc20
76487be22ec765c569bbac54534007bef88147a46504cf07c6e26090a1696dc9
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d1254d578855924b2ad36b8bf4a9e3028c73125608410e8d827942a69fe2212
7dc091b494e9d47c250418034694238654ce3857d3c805233614d29c672d8389
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
812f463038896467c4aacef0dfba212a46ca856a4813ac2d75747c67993d68bd
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88c7b0c4d2267189bba94aecac6e21455cc88bd62fd36f9657fd517a8dd3d078
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8cc28ac27a3fe14720d82c5b681f8531381764074a669aa3e0ee58bc86bfabc7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
94a00f3def7a4bb093181c62b376c224db3afec5f61fb284e737b458f98a2566
96df4756b1894bcb35909a02bc4cdb400f51ee7ff56a2bae8ac03dcb1ef1f777
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0be7d10e21d3fd03e2b95ee182d36963a110f8b1b5dcbe0f62ece1e7a1c84a
9a421d7cf16a54029a14eeee9dfe3cba2293bfb393d90a06cb44a71fa80aa626
9f5918f6686ae77c26da80bf85577f4769407707b8fc7a1ab374897bdf1893d7
9f6f87beb81bc2cb7076a5724b0aea23e100d3498ddfec97989242c848fc6c0c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a135d6ea10042caa5883447a78127593ad94d07469ef759796c6af2b66e1eaff
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b40fa1401d2875418cb7fad10e8ebe10a276198e4bb9b3ef62c28cd81ac4f4
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
abad9f745e3e1be5b494d8470cedda22a59039a173b8b60f1778a3eaa6551dbe
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aeaaed2b24cadcd68b58fb476b9cf270ee49780ec6014af3356451618bae3a09
aff56c416d498cf41875e7f59dc71d9e90d15017624b28d29a1e6d8f23810fac
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b84b369629ea444349e15b466381ac73a251acd189e612852d0726ee9fdf9fa4
bba6184ca3466d203d56449dc641c78b6573d3302e16694076a14c9e3f402843
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c46827537c3f87fcb66e818c319f46ee5cefd17816f5e2a9539fd9408d1e41dd
c84ca0c4bc0abf83cb058ec027ee7cb18f2ba78258929a14067aa0c1dd246f46
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc1a4504e9b52dfdbe77c1648b2f57a4854a2161eaeeecb3c51c83a9efcc559b
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfd67866cb98d6c5e15120c5375a527e8d01625fcdd160ac42d83dbdcbb223b4
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1ed1677dc75607eb6865e91977014c05346e13285475a93ba4e8fcec5239a3a
d36c9b8c84b929ef11b8a54d2afe666a5d04921d5bce65fba05f4fecca491c0b
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
d68c9072babf3b3aa7dfbe791d90ee5efa24365b99e6ffdd492381a01fc6bc48
d896e2c2a4867aef9f1f702c2b930379a006b59bcd4e85d84529c407fed79add
d9ec00e3b0328992e3e7db3b5249d2ed079f355bb54fb95a42ebf118eb996b53
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
daa4df33ea24a3e54322fc617686953d34fb41d80311bb57bcc1eff3859490a9
db73998268fdc7f9a21918983c90d44f13efceccff11761fcf3fd3d954479d93
dc30942e2d331ad94fc36a66ae5fc814f6f9433db557e7fd1109331b44029f41
dc729ae9f3214d872b219ceb393d41ed5b5fd27501cea76e65dffca063faf05d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddf2ad17e709e9e544ba6670ba4414e65c8293634795e9be79fcad3b5998e8bb
df1fbfbbbb5692c3acbcbec81d63dbda128469530ea1c941dbe91772815b6e30
e2082d2b2816c3bebdfa271bd867571605683415cc6e157e5e5a3ba01531d5f0
e228750e013e837f3d430634c89fba1f673cdb1e2c3af36632c6b1aae97838d5
e3a2bfeffec6c30f62dcd1308aa925ca3f364948fed41dd6fb6beac2ee0af3d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330
e4a37b94d7bbf547075d6c7cebf79e2b82f7760f0aa3b95d93c271813d1429e4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e7473c9f2a9669a45104b31ad19fc9c8570a8c0b710112402275fd686fda81c3
e7aee80bf929f063b2aa268d0bf3df277f374b6413e1bf27278f4b809becce2c
e91492ef520a27b3adbd0b71b16e38a345514eb2bcce34f26e269e5c5bb01035
e9c8af6755216f945f88eca733d513e7b44eda285fa6498eee4d25921427e5bf
ec6044651e922931c0e49bcc72f729bc33c6f43829b239105952fc1252e35185
ed511662ff938514f98c554f217e5a5e29903b147ad177677c3e4e6349520109
edf9a3f33d78b7d3701acfc2691565060b222ff1273d80dc8c3bd7e3df64158e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef0d911d6be498dc03632eeabe223294384bac7c51b041035f0c2d7d27b3ee51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2129b09da882dacd2ab77d22221a8cb0dd94adf70c1a93b2002010797f713a
ef96338dbe7fe031b9901ba29d1ccce7a528eb4138f1895afc6fb73d40d561cc
efb3993ebf016577434feeddbfd074c4ef77be7b119298c4419aff5357e4c766
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f4e132f5b8c7a6d55e69438c4c1e36dc89fce75d573f90d3d384b766da1cf89f
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5cebfaca1abdd284a890585812ed668edf6b3d1ab00f51b88c0402f57d87b6f
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
ff5df18424cdb4cb408ebf6c6b3d05d94522197f4b85d4e08593de70161fd790