urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.195.152.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Submission: On December 15 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 129 IPs in 13 countries across 112 domains to perform 475 HTTP transactions. The main IP is 23.195.152.111, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 240081.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 43 23.195.152.111 16625 (AKAMAI-AS)
1 11 23.195.152.191 16625 (AKAMAI-AS)
14 23.52.112.182 16625 (AKAMAI-AS)
1 151.101.66.217 54113 (FASTLY)
1 18 151.101.1.44 54113 (FASTLY)
1 52.95.128.46 16509 (AMAZON-02)
5 142.251.10.132 15169 (GOOGLE)
1 3 13.33.88.129 16509 (AMAZON-02)
1 172.64.133.15 13335 (CLOUDFLAR...)
3 18 141.226.229.48 200478 (TABOOLA-AS)
2 34.160.169.226 15169 (GOOGLE)
1 199.36.158.100 54113 (FASTLY)
3 104.69.108.119 16625 (AKAMAI-AS)
4 23.54.56.153 16625 (AKAMAI-AS)
7 108.139.243.37 16509 (AMAZON-02)
2 54.192.150.76 16509 (AMAZON-02)
1 172.217.194.149 15169 (GOOGLE)
1 13.33.35.226 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
2 18.155.68.45 16509 (AMAZON-02)
2 18.213.217.104 14618 (AMAZON-AES)
2 151.101.1.175 54113 (FASTLY)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 23.72.44.233 16625 (AKAMAI-AS)
18 74.125.24.156 15169 (GOOGLE)
3 13.33.79.24 16509 (AMAZON-02)
1 13.35.8.87 16509 (AMAZON-02)
2 104.26.6.155 13335 (CLOUDFLAR...)
2 184.28.235.202 20940 (AKAMAI-ASN1)
3 13.33.88.25 16509 (AMAZON-02)
8 74.125.200.156 15169 (GOOGLE)
1 172.217.194.157 15169 (GOOGLE)
2 3.94.97.242 14618 (AMAZON-AES)
1 14 54.186.19.92 16509 (AMAZON-02)
1 54.67.90.31 16509 (AMAZON-02)
1 1 124.146.215.45 2514 (INFOSPHER...)
2 2 18.193.28.75 16509 (AMAZON-02)
1 3 23.106.127.165 59253 (LEASEWEB-...)
10 15 69.173.158.64 26667 (RUBICONPR...)
12 24 74.125.68.157 15169 (GOOGLE)
16 103.231.98.194 62713 (AS-PUBMATIC)
12 19 3.33.220.150 16509 (AMAZON-02)
1 2 209.191.163.209 32475 (SINGLEHOP...)
1 74.214.196.131 19189 (PULSEPOINT)
1 52.20.240.11 14618 (AMAZON-AES)
2 2 182.161.73.146 55569 (CRITEO-AS...)
10 14 162.19.138.116 16276 (OVH)
6 11 104.254.151.69 29990 (ASN-APPNEX)
5 6 107.178.244.193 15169 (GOOGLE)
3 4 185.84.60.20 198622 (ADFORM)
2 3 119.9.108.191 45187 (RACKSPACE...)
4 4 103.229.206.241 30419 (MEDIAMATH...)
2 2 89.207.22.105 41041 (VCLK-EU-SE)
7 7 35.213.12.39 15169 (GOOGLE)
3 3 35.227.202.26 15169 (GOOGLE)
1 1 35.77.191.155 16509 (AMAZON-02)
2 2 18.158.185.48 16509 (AMAZON-02)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 2 35.71.178.8 16509 (AMAZON-02)
1 54.200.252.46 16509 (AMAZON-02)
3 3 23.23.131.203 14618 (AMAZON-AES)
1 35.214.223.115 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
1 13.35.8.32 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
1 104.16.89.20 13335 (CLOUDFLAR...)
4 54.192.150.97 16509 (AMAZON-02)
1 141.226.230.50 200478 (TABOOLA-AS)
3 157.240.235.35 32934 (FACEBOOK)
1 9 172.217.194.139 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
1 141.95.33.111 16276 (OVH)
4 52.64.107.36 16509 (AMAZON-02)
1 13.33.88.28 16509 (AMAZON-02)
1 13.33.30.231 16509 (AMAZON-02)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 6 104.18.33.19 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 34.102.253.54 396982 (GOOGLE-CL...)
4 69.173.158.65 26667 (RUBICONPR...)
2 34.225.154.76 14618 (AMAZON-AES)
1 52.89.238.92 16509 (AMAZON-02)
2 63.140.36.179 16509 (AMAZON-02)
1 1 175.41.181.206 16509 (AMAZON-02)
2 18.138.175.196 16509 (AMAZON-02)
1 54.192.150.93 16509 (AMAZON-02)
2 10 52.46.143.56 16509 (AMAZON-02)
1 13.251.75.90 16509 (AMAZON-02)
3 3 50.116.239.135 6336 (TURN-US-ASN)
1 63.140.36.137 16509 (AMAZON-02)
4 23.72.44.196 16625 (AKAMAI-AS)
2 4 172.64.154.237 13335 (CLOUDFLAR...)
7 54.251.86.170 16509 (AMAZON-02)
1 1 199.127.207.180 26120 (RHYTHMONE)
2 2 18.140.27.177 16509 (AMAZON-02)
1 18.155.68.99 16509 (AMAZON-02)
2 182.161.73.129 55569 (CRITEO-AS...)
1 74.125.24.157 15169 (GOOGLE)
3 142.251.12.157 15169 (GOOGLE)
1 1 34.196.251.50 14618 (AMAZON-AES)
1 52.24.114.105 16509 (AMAZON-02)
2 2 23.73.13.201 16625 (AKAMAI-AS)
12 13 151.101.130.49 54113 (FASTLY)
5 52.84.228.218 16509 (AMAZON-02)
1 146.75.112.157 54113 (FASTLY)
2 42.99.140.139 4637 (ASN-TELST...)
2 142.251.12.97 15169 (GOOGLE)
2 23.72.44.183 16625 (AKAMAI-AS)
2 4 142.251.12.148 15169 (GOOGLE)
1 142.251.12.154 15169 (GOOGLE)
1 3 104.254.148.252 29990 (ASN-APPNEX)
4 23.15.148.136 16625 (AKAMAI-AS)
15 74.125.24.132 15169 (GOOGLE)
8 142.250.4.103 15169 (GOOGLE)
1 13.33.33.75 16509 (AMAZON-02)
1 2 103.71.26.126 132134 (SPOTX-AS-...)
2 103.231.98.196 62713 (AS-PUBMATIC)
1 74.118.186.45 26120 (RHYTHMONE)
1 16 139.5.84.243 27381 (CASALE-MEDIA)
1 5 175.41.190.36 16509 (AMAZON-02)
2 2 23.106.69.72 59253 (LEASEWEB-...)
1 18.155.68.96 16509 (AMAZON-02)
1 1 13.248.144.210 16509 (AMAZON-02)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 13.33.33.87 16509 (AMAZON-02)
5 6 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
9 172.217.194.94 15169 (GOOGLE)
1 142.251.12.94 15169 (GOOGLE)
2 3.114.23.93 16509 (AMAZON-02)
1 104.18.36.94 13335 (CLOUDFLAR...)
2 52.28.196.126 16509 (AMAZON-02)
4 6 52.74.162.2 16509 (AMAZON-02)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 2 54.255.22.33 16509 (AMAZON-02)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
2 2 43.206.26.247 16509 (AMAZON-02)
2 2 18.138.91.242 16509 (AMAZON-02)
2 2 34.111.151.213 396982 (GOOGLE-CL...)
1 67.220.228.200 16509 (AMAZON-02)
2 2 103.229.10.192 16509 (AMAZON-02)
1 13.229.254.84 16509 (AMAZON-02)
1 1 185.183.112.148 60350 (VP)
6 6 50.31.142.255 23352 (SERVERCEN...)
1 172.64.151.162 13335 (CLOUDFLAR...)
1 1 31.220.27.155 39572 (ADVANCEDH...)
2 2 20.127.253.7 8075 (MICROSOFT...)
9 142.251.12.113 15169 (GOOGLE)
16 52.42.28.243 16509 (AMAZON-02)
5 13.33.88.94 16509 (AMAZON-02)
4 103.231.98.195 62713 (AS-PUBMATIC)
2 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
1 1 18.138.18.111 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 2 35.213.93.179 15169 (GOOGLE)
475 129
43    23.195.152.111 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
11    23.195.152.191 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-191.deploy.static.akamaitechnologies.com
tags.news.com.au
14    23.52.112.182 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-182.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
18    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
images.taboola.com
match.taboola.com
1    52.95.128.46 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
5    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
3    13.33.88.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-129.sin2.r.cloudfront.net
sb.scorecardresearch.com
1    172.64.133.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
18    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sg-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
2    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
3    104.69.108.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-108-119.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.54.56.153 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-153.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
7    108.139.243.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-243-37.mxp63.r.cloudfront.net
static.adsafeprotected.com
2    54.192.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-76.sin2.r.cloudfront.net
assets.vidora.com
1    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
ad.doubleclick.net
1    13.33.35.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-35-226.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
2    18.155.68.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-45.sin52.r.cloudfront.net
au.tags.newscgp.com
ncg.tags.news.com.au
2    18.213.217.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-217-104.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.1.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.72.44.233 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-233.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
18    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
googleads.g.doubleclick.net
3    13.33.79.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-79-24.sin2.r.cloudfront.net
c.amazon-adsystem.com
1    13.35.8.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-87.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.6.155 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    184.28.235.202 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-28-235-202.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    13.33.88.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-25.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
8    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
pagead2.googlesyndication.com
1    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
googleads4.g.doubleclick.net
2    3.94.97.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-97-242.compute-1.amazonaws.com
ping.chartbeat.net
14    54.186.19.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-19-92.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    54.67.90.31 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-90-31.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    124.146.215.45 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    18.193.28.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-28-75.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    23.106.127.165 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
15    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
24    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
cm.g.doubleclick.net
16    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
19    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    209.191.163.209 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    52.20.240.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-240-11.compute-1.amazonaws.com
e1.emxdgt.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
14    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
11    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
6    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
4    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    89.207.22.105 (Singapore, Singapore)

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-usadmm-ds.dotomi.com
inmobi-match.dotomi.com
7    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
odr.mookie1.com
1    35.77.191.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-191-155.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
2    18.158.185.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-185-48.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    54.200.252.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-252-46.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
3    23.23.131.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-131-203.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    13.35.8.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-32.sin5.r.cloudfront.net
cdn.adsafeprotected.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    54.192.150.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-97.sin2.r.cloudfront.net
au-script.dotmetrics.net
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
9    172.217.194.139 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f139.1e100.net
news.google.com
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lbs.eu-1-id5-sync.com
4    52.64.107.36 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    13.33.88.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-28.sin2.r.cloudfront.net
au.audience.newscgp.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
6    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    34.225.154.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-154-76.compute-1.amazonaws.com
mfad.inskinad.com
1    52.89.238.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-238-92.us-west-2.compute.amazonaws.com
newscorpau.demdex.net
2    63.140.36.179 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-179.data.adobedc.net
metrics.heraldsun.com.au
1    175.41.181.206 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-181-206.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
2    18.138.175.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    54.192.150.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-93.sin2.r.cloudfront.net
mympeeh9knwdnfucj98dyqgozqs8o1671073257.nuid.imrworldwide.com
10    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.251.75.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-75-90.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
1    63.140.36.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-137.data.adobedc.net
edge.adobedc.net
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
4    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum.casalemedia.com
7    54.251.86.170 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    199.127.207.180 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    18.140.27.177 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    18.155.68.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-99.sin52.r.cloudfront.net
rm-script.dotmetrics.net
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com.au
3    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
adservice.google.com
1    34.196.251.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-251-50.compute-1.amazonaws.com
usermatch.krxd.net
1    52.24.114.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-114-105.us-west-2.compute.amazonaws.com
beacon.krxd.net
2    23.73.13.201 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
13    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
ad.adsrvr.org
1    146.75.112.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    42.99.140.139 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-139.pacnet.net
snap.licdn.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
2    23.72.44.183 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
8228261.fls.doubleclick.net
1    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
www.googleadservices.com
3    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
4    23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
15    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
8    142.250.4.103 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f103.1e100.net
www.google.com
1    13.33.33.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-75.sin2.r.cloudfront.net
check.analytics.rlcdn.com
2    103.71.26.126 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
16    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
5    175.41.190.36 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-190-36.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    23.106.69.72 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    18.155.68.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-96.sin52.r.cloudfront.net
choices.truste.com
1    13.248.144.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: add6899546c4d0e61.awsglobalaccelerator.com
jp1-bid.adsrvr.org
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    13.33.33.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-87.sin2.r.cloudfront.net
cdn.linkedin.oribi.io
6    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
9    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.gstatic.com
www.google.com.au
1    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
2    3.114.23.93 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-23-93.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    52.28.196.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
6    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    54.255.22.33 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-22-33.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
2    43.206.26.247 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-26-247.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    18.138.91.242 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-91-242.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
2    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    13.229.254.84 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-254-84.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
6    50.31.142.255 (Itasca, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
9    142.251.12.113 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net
play.google.com
16    52.42.28.243 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-28-243.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
5    13.33.88.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-94.sin2.r.cloudfront.net
choices.trustarc.com
4    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
Apex Domain
Subdomains		 Transfer
44 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 256843
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
207 KB
36 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1066
trc-events.taboola.com — Cisco Umbrella Rank: 1667
trc.taboola.com — Cisco Umbrella Rank: 693
sg-trc-events.taboola.com — Cisco Umbrella Rank: 35347
images.taboola.com — Cisco Umbrella Rank: 1685
sync.taboola.com — Cisco Umbrella Rank: 972
match.taboola.com — Cisco Umbrella Rank: 3484
sync-t1.taboola.com — Cisco Umbrella Rank: 1270
pips.taboola.com — Cisco Umbrella Rank: 1593
cds.taboola.com — Cisco Umbrella Rank: 1674
215 KB
31 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 544
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3344
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com — Cisco Umbrella Rank: 535
301 KB
29 google.com
news.google.com — Cisco Umbrella Rank: 5941
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 16
74 KB
27 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 657
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
image5.pubmatic.com — Cisco Umbrella Rank: 94128
ads.pubmatic.com — Cisco Umbrella Rank: 470
image2.pubmatic.com — Cisco Umbrella Rank: 882
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage4.pubmatic.com — Cisco Umbrella Rank: 1198
image4.pubmatic.com — Cisco Umbrella Rank: 805
31 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum.casalemedia.com — Cisco Umbrella Rank: 1328
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
dsum.casalemedia.com — Cisco Umbrella Rank: 1329
22 KB
26 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
token.rubiconproject.com — Cisco Umbrella Rank: 551
eus.rubiconproject.com — Cisco Umbrella Rank: 547
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3120
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 973
35 KB
25 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
js.adsrvr.org — Cisco Umbrella Rank: 1391
insight.adsrvr.org — Cisco Umbrella Rank: 576
jp1-bid.adsrvr.org — Cisco Umbrella Rank: 40816
ad.adsrvr.org — Cisco Umbrella Rank: 1809
61 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
188 KB
25 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 240081
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
525 KB
19 api.news
content.api.news — Cisco Umbrella Rank: 63380
238 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
acdn.adnxs.com — Cisco Umbrella Rank: 579
secure.adnxs.com — Cisco Umbrella Rank: 430
32 KB
16 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 941
id5-sync.com — Cisco Umbrella Rank: 448
54 KB
15 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206
newscorpau.demdex.net — Cisco Umbrella Rank: 127173
19 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
57 KB
14 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1046
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
3 KB
14 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 117863
93 KB
14 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 56079
mhr.talk.news.com.au
ncg.tags.news.com.au — Cisco Umbrella Rank: 144640
237 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
4 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
179 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
4 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
4 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
www.linkedin.com — Cisco Umbrella Rank: 643
4 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
1 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2592
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7938
mympeeh9knwdnfucj98dyqgozqs8o1671073257.nuid.imrworldwide.com
67 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 132610
au.pixel.newscgp.com — Cisco Umbrella Rank: 182320
au.audience.newscgp.com — Cisco Umbrella Rank: 195796
49 KB
5 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 714
18 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 785
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3869
idsync.rlcdn.com — Cisco Umbrella Rank: 335
1 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 50995
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6235
41 KB
5 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 700
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
8 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1992
bs.serving-sys.com — Cisco Umbrella Rank: 1257
lm.serving-sys.com — Cisco Umbrella Rank: 1889
43 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
187 KB
4 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 78998
www.google.com.au — Cisco Umbrella Rank: 24852
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 667
us-u.openx.net — Cisco Umbrella Rank: 395
612 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 639
2 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 979
24 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1154
ad.turn.com — Cisco Umbrella Rank: 743
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
289 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
1 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 951
805 B
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1157
2 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 803
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 563
1 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4253
udc-neb.kampyle.com — Cisco Umbrella Rank: 2327
87 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
18 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2173
964 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 696
612 B
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1553
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
1005 B
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1541
385 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 718
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 752
575 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1503
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 491
465 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887
367 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 998
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 592
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
104 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
5 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 541
stags.bluekai.com — Cisco Umbrella Rank: 516
966 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1354
beacon.krxd.net — Cisco Umbrella Rank: 549
529 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
57 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 949
1 KB
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 31292
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3817
405 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
695 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 350
740 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 937
1 KB
2 dotomi.com
inmobi-match.dotomi.com — Cisco Umbrella Rank: 10837
624 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 843
1 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3397
633 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1247
401 B
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3408
18 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 17566
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 17038
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 180614
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 107064
21 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3583
32 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3997
389 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24745
650 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 12019
324 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1431
667 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1464
181 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 557
395 B
1 t.co
t.co — Cisco Umbrella Rank: 511
378 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 707
10 KB
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
99 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 627
15 KB
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29685
698 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7117
829 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
2 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1713
466 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
155 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 827
386 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 424
514 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 770
67 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 526
728 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 917
870 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1024
539 B
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4949
27 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 23356
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1361
24 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 207577
2 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 849
12 KB
1 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5090
7 KB
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
475 112
Domain Requested by
24 cm.g.doubleclick.net 12 redirects www.heraldsun.com.au
eus.rubiconproject.com
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
22 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
19 content.api.news www.heraldsun.com.au
16 dt.adsafeprotected.com www.heraldsun.com.au
16 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
16 match.adsrvr.org 11 redirects 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
js.adsrvr.org
eus.rubiconproject.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
tpc.googlesyndication.com
14 id5-sync.com 10 redirects tags.news.com.au
cdn.id5-sync.com
www.heraldsun.com.au
14 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
14 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
resourcesssl.newscdn.com.au
13 sync-tm.everesttech.net 12 redirects www.heraldsun.com.au
11 ib.adnxs.com 6 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
11 simage2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
11 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
ads.pubmatic.com
10 pixel.rubiconproject.com 5 redirects www.heraldsun.com.au
js.adsrvr.org
eus.rubiconproject.com
9 play.google.com www.gstatic.com
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
8 www.google.com securepubads.g.doubleclick.net
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
www.heraldsun.com.au
tpc.googlesyndication.com
8 pagead2.googlesyndication.com ad.doubleclick.net
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
7 x.bidswitch.net 7 redirects
7 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
7 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
6 b1sync.zemanta.com 6 redirects
6 ups.analytics.yahoo.com 4 redirects js.adsrvr.org
6 www.gstatic.com news.google.com
www.gstatic.com
6 pixel.tapad.com 5 redirects ads.pubmatic.com
6 sync.taboola.com 3 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
5 choices.trustarc.com choices.truste.com
www.heraldsun.com.au
choices.trustarc.com
5 px.ads.linkedin.com 4 redirects eus.rubiconproject.com
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
tags.news.com.au
js-sec.indexww.com
5 token.rubiconproject.com 5 redirects
5 sg-trc-events.taboola.com www.heraldsun.com.au
4 www.googletagservices.com securepubads.g.doubleclick.net
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 fastlane.rubiconproject.com tags.news.com.au
4 au.pixel.newscgp.com au.tags.newscgp.com
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 sync.mathtag.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
4 trc-events.taboola.com www.heraldsun.com.au
3 idsync.rlcdn.com 2 redirects
3 www.google.com.au www.heraldsun.com.au
3 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
3 ads.pubmatic.com s.amazon-adsystem.com
tags.news.com.au
ads.pubmatic.com
3 secure.adnxs.com 1 redirects www.heraldsun.com.au
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
3 www.facebook.com www.heraldsun.com.au
3 sync.srv.stackadapt.com 3 redirects
3 u.openx.net 2 redirects www.heraldsun.com.au
3 odr.mookie1.com 3 redirects
3 uipglob.semasio.net 2 redirects ads.pubmatic.com
3 sync-t1.taboola.com www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 cdn.ampproject.org www.heraldsun.com.au
2 a.sportradarserving.com 2 redirects
2 pippio.com 2 redirects
2 image4.pubmatic.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.inmobi.com 2 redirects
2 cms.quantserve.com 2 redirects
2 dmp.brand-display.com 2 redirects
2 pm.w55c.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 ad.turn.com 2 redirects
2 um.simpli.fi 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 lm.serving-sys.com secure-ds.serving-sys.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 cdn.linkedin.oribi.io snap.licdn.com
2 gu.dyntrk.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 snap.licdn.com www.heraldsun.com.au
snap.licdn.com
2 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net tags.news.com.au
static.criteo.net
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 metrics.heraldsun.com.au tags.news.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 inmobi-match.dotomi.com 2 redirects
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 ssbsync.smartadserver.com 1 redirects www.heraldsun.com.au
2 ih.adscale.de 2 redirects
2 match.taboola.com www.heraldsun.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 mhr.talk.news.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
1 tags.rd.linksynergy.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 udc-neb.kampyle.com
1 s.uuidksinc.net 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 stags.bluekai.com 1 redirects
1 sync.adotmob.com 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 fonts.gstatic.com news.google.com
1 www.linkedin.com 1 redirects
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 ad.adsrvr.org 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
1 jp1-bid.adsrvr.org 1 redirects
1 choices.truste.com 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
1 sync.1rx.io www.heraldsun.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 us-u.openx.net www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 static.ads-twitter.com www.heraldsun.com.au
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 adservice.google.com.au securepubads.g.doubleclick.net
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 d.turn.com 1 redirects
1 bs.serving-sys.com secure-ds.serving-sys.com
1 mympeeh9knwdnfucj98dyqgozqs8o1671073257.nuid.imrworldwide.com www.heraldsun.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cds.taboola.com cdn.taboola.com
1 cdn.jsdelivr.net tags.news.com.au
1 pips.taboola.com cdn.taboola.com
1 cdn.adsafeprotected.com tags.news.com.au
1 t.adx.opera.com www.heraldsun.com.au
1 csync.loopme.me www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 aa.agkn.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 tg.socdm.com 1 redirects
1 jadserve.postrelease.com www.heraldsun.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 images.taboola.com www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
475 189
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
bedsberry.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-23 -
2022-12-22		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure-ds.serving-sys.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.postrelease.com
Amazon		 2022-11-29 -
2023-12-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-12-11 -
2023-03-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh

This page contains 62 frames:

Primary Page: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Frame ID: 017A9720EF8AA491E8A6CAB5C45F7FF5
Requests: 217 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=JZkrNxFeDr1xsV5v2sOTH-6STvfYC6VA&nonce=0TGCgPAD7ns-2XHzhA3-cJZGh_cOGmoV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 513C44348EA5A5AD4D4246985E78DFAD
Requests: 3 HTTP requests in this frame

Frame: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Frame ID: AA18817BE4CA8F461E857B568960BA96
Requests: 24 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 8D6215DC6C79824401ED979791F66085
Requests: 3 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 4FCE7B28C659D9ED1D3BE987A0D31866
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 95AE9503FAB60F6F4F1A79168712381B
Requests: 22 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 92F4E075F4D064A9670229DA95E82E72
Requests: 1 HTTP requests in this frame

Frame: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB117AAE6DCC59080C9ADA93E190D32C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: BC945A57FBCE5DF8B5E8574CC61D64F9
Requests: 1 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: E443715CE3D0BE3DD7CEE5755A0889BA
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 3C911346AAF6C49E64AE86A19976BD29
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 39411E42CA74E93A75612753CE4C95C6
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 61E73DF9B05F13460CB9616C7CAED28B
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 341CEA1391E87142E2957D28BFE626BB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 390694AD703D05D8E39B1387B9597078
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023
Frame ID: 331387F222B28EBF7784CFF6B94A3EBB
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996
Frame ID: AA22D09563EDD57F31F9206825BE130C
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: 4599CC73A26DA0DF61F6B16D28896971
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 397291031A44A7A78DEA02C74B014657
Requests: 4 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
Frame ID: 3D601DA9098A397C78F442AD2550D4B3
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Frame ID: A3C3A6DD4D2E60CA6BB94A6345AEDAF2
Requests: 16 HTTP requests in this frame

Frame: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F361F3DA885934B0D545342B4877BE9E
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 6755D3A880BB2C1E699E3A58E5831E90
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 7E6E0A095AF88FC56CB7173092E4038C
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 5F3041B52F78A8AA1BAC202EC5974806
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJPeGK18TfJAAH3O6IvbjKcH7gDOfwIRT4aIddGIJHFosHFy0mg0mQGDFPLuejEHFrrRGRJxb_Mtp62RqNc9ndoAVDmxYEtk7tBO2tnFVUkRA_A6uo4opZ97d7vLxbtToMnWG53yCFUmj2MGFFvUg1CBsXDHVqTlEfIwmxMb-mJP7k5JtOl8Fy6RRYm9p0K4qN6kVyDq4RudQsh7a-8rzYRv3TSQ8yx9YdV4wTeWVdm9_088u3TjC2Mmq3tUEmIw68YVC9qWwhiBREO4LpfCiyARqVKCP13FRpEv2wOgBvzylnFamTKYfj6gqf5rTAHA&sai=AMfl-YQPxSXwO3mFRYVmqpErm5kbPVJP7rWhw0l2RSaixTdk6s7jjVttmG3kEhvwkiGVyjQa1xz6EBktAftyFvuGTnKz2aumeZFuRFFQrENt3-Ba6xUb1cMEC3CcsCBwXxb3&sig=Cg0ArKJSzOYwSIv3MK1UEAE&uach_m=[UACH]&adurl=
Frame ID: A2F516E1D06004852CA70B372CF762F8
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX4J3sTyLOjDJNGdu4lia5KdSVW1PVp0HNakcoV1aHOD748DwuvnV6ZiAR0kb8hkTdu5tJLjWfxa5yDULMHow-hyXXqZykUs3sUAbH55CNGlwpTUeoRPm7lqwvmFeGCYdG2lTy6KbaXH8cWAsCHWAxmg-yiXiKycmssO_eLlbEsz04uxF1saPJ28LkbbkLIHpBFaN_IaKPIxKwqhwDltQVAgH11xuKg-Xtn6MeBbtw4c3jp-qc8f0cxE4LdBoI_XNSp5h3CCXSMHCtnXsyyDv5pBGrD2dfBOb5nKnOmF3X8A7z_6HQFqZFN8imhNbfNg&sai=AMfl-YQULczrjkcT9gT8_cgaOZhfyF8vJQWmQjxdCVaKnAcsb2aJqCSJARN6k4X6RNi5LAHXOEYvlIejyKP74EdL5aWzwPgGH3aYkMuTJitLclhKwpgGnXBRjGYnl3o04lPg&sig=Cg0ArKJSzJGM2nclI_BPEAE&uach_m=[UACH]&adurl=
Frame ID: AC04E8C9E10B5C40AE144B4E8CAE53BC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwexFs8ucQNkKE1obvGK77F5HQUI7G6tIwXe8JAw6PvTIMmgfb3jLK8p9a2rMOfBOeUZLtpuTLVfUIAg7XsWOpFkiVfda5VohuB4PacqODZjzjePdtfO0Hs7-qUhWMUuVgCqwhrmAMiMx0qmrtzQgNXb3513g2Sa8YyCI0LwOaC8fSRWgWmQC8AsIIhDH6qvaxCxpPf3I7KRLLGVDfAldDDoPZUvgCxZB0klFU_JtkAFg-A11_8pV7--Vd03agie1kHcRb2FsIQ73VtMskkgmXqwDnNUcWAlCDC-LE3gNY8rzmtfTguPire-lX4wd-9g&sai=AMfl-YS1mVYcBkcwi0rZpMdNWLqUExkTaTYGhLdNSLAB0Rp99oOFisOhiTAictgN1PP7q4sQxxUb-BDHBzP3FkTBBWHaOYh03MLyU-f9TeEnwcNxTQgElFGRR6XTwkE2E8VN&sig=Cg0ArKJSzLKoy0MO9fjaEAE&uach_m=[UACH]&adurl=
Frame ID: B9B7087EAD790661C8DBEA272E690D5D
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1776038364&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 05A61A1221DFE355420A56DC42859B6C
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x600|1&pubId=36557831&chanId=171638111&placementId=6111071037&pubCreative=138405043710&pubOrder=3082546051&cb=400376169&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: DAA0A0F85402FFB1D889D1187758C084
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: D705B0226D99D2FCC0CF5288A2328CB2
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: C766890F9226B443FD137346AF925026
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=406959658&custom=homepage&custom3=168400391&adsafe_par&impId=
Frame ID: 41D6AA2A7213AAF704DF2D6115432CE3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1172075E1CEE0525A4B3BDCFA461C75B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 192294A2CB48E261ED08963FABBE19A2
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 4A2F7CD2C673925FA4C61712708D894C
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F95B2C95F26091658E6A951C14A735DB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: D8536C42956061616B84DE32639FFC59
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 33778E864D0BFCA8F639C2F4410C35A7
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
Frame ID: 37B5FFF96879A0BCF1D536EDE009DB81
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Frame ID: D092F84BA358AB31094BF2772B00CE94
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
Frame ID: E277CE42837E50ED3BCDE5CF6BE0DEC5
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
Frame ID: 81863EC11E6823F64AD4F799F343EC98
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Frame ID: 0E3A4CD329B6CC37B027789A07B52001
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&gdpr=0&gdpr_consent=
Frame ID: 2A12F397A7A82AE2E9BFB39C9B681C73
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA496590C-CD53-4C00-A22E-F491C8E08283
Frame ID: 482B5B0D1F12F38B31E67F2BD24C60F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FECAC22AC7EECCBEC98CFBD22DD2A0C7
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A046B4CAA65A84E4BDC6116591C10A9F
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7DD892BC50DA2182985D8A0C432B5A33
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E4A83036FB872C6468D870AB1ED2E5B8
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E25070A3DA6FE59BCCD8B3023C77F5B7
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 889F0F3CB73DF16A560F6E9E0D6E6C2C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 95369B714A7D04221345E77A5A129B8F
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=
Frame ID: 192C0EFC258B56643EAA0C7F53BEC67C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo&gdpr=0&gdpr_consent=
Frame ID: 3047F66AFB670B272B930A505DD8070F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5711704266829546018&gdpr=0&gdpr_consent=
Frame ID: A0D238C4CD29C4DF44ADB8B0F1C01F79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wne0vf75i
Frame ID: 6A9E09C838C7677D1E8BE5875156BBD6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV
Frame ID: 8B4513692A1C1A9A4844EB3EE0B1D333
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 6C76F3714EFAA0F172E36952F0A68DE1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xOXMLYEKT9pqQr-VUqFuDq310UA
Frame ID: A39079D9A8A34246BCF15E58188BE397
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 270D45A826BF76947A70502419C87F58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F600CBB81E4925BE49D05F8F4C44B726
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&167... HTTP 302
    https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

475
Requests

80 %
HTTPS

0 %
IPv6

112
Domains

189
Subdomains

129
IPs

13
Countries

3608 kB
Transfer

10384 kB
Size

215
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1671073250288562011 HTTP 302
    https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073254539&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073254539&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 118
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073256580 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073256580
Request Chain 120
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qN6cCo8YMAANMN8xIAAAAA HTTP 302
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qN6cCo8YMAANMN8xIAAAAA&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3DY5qN6cCo8YMAANMN8xIAAAAA&isDirect=0
Request Chain 121
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=5c60fa8eeff74cddb93e5ee87fcf2c18 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=5c60fa8eeff74cddb93e5ee87fcf2c18
Request Chain 123
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOHVE10-19-G9LT
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ0iFrMuROtSsfcRezudVvE&google_cver=1
Request Chain 126
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Request Chain 127
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=06d040af-ef1d-4487-a8d6-dac3227f162d
Request Chain 128
  • https://ce.lijit.com/merge?pid=42&3pid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 132
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8f1e82ef-a93a-4848-a87c-41c36584f10e
Request Chain 133
  • https://id5-sync.com/s/464/9.gif?puid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5711704266829546018&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/5/3.gif?puid=ce55df98-9f90-48b7-96af-3926790a1b1f&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=06d040af-ef1d-4487-a8d6-dac3227f162d&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/3/5.gif?puid=198305352654688975&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/2/6.gif?puid=A5B998A0CF5F7BB&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F1%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/1/7.gif?puid=bd7b639a-8dee-4700-a333-49986a6c0328&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=34f1278d7c7c226f&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/822.gif?puid=AAAJpBgttVUfzwMB9b5FAAAAAAA&expiration=1671159666&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ
Request Chain 134
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bcea6027-73a4-4020-a71d-4fc66eb80d27&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10521675378516247703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtaboola%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10521675378516247703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtaboola%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ce55df98-9f90-48b7-96af-3926790a1b1f&ssp=taboola&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10521675378516247703&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304366001973358&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10521675378516247703&ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e79e48f1-54d6-48b8-a24d-32d8511a94e8
Request Chain 135
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=099f349a-99ea-4dbb-a7d7-98a64f46340c HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=099f349a-99ea-4dbb-a7d7-98a64f46340c&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3D099f349a-99ea-4dbb-a7d7-98a64f46340c&isDirect=0
Request Chain 136
  • https://u.openx.net/w/1.0/sd?id=543998486&val=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=
Request Chain 137
  • https://eb2.3lift.com/xuid?mid=7772&xuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 139
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xOXMLYEKT9pqQr-VUqFuDq310UA
Request Chain 140
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://csync.loopme.me/?partner_id=1196&uid=e79e48f1-54d6-48b8-a24d-32d8511a94e8&vt=
Request Chain 142
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ce7559ff-ef27-463e-b3ed-c3e88af274a4
Request Chain 188
  • https://cm.everesttech.net/cm/dd?d_uuid=85793023098690139623774678943660983358 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qN7AAAADy4fAN1
Request Chain 191
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 197
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5711704266829546018
Request Chain 199
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7619285204745209379
Request Chain 200
  • https://token.rubiconproject.com/token?pid=6404&puid=85793023098690139623774678943660983358&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOHVELL-26-6UKJ?gdpr=0
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODU3OTMwMjMwOTg2OTAxMzk2MjM3NzQ2Nzg5NDM2NjA5ODMzNTg= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIp4s0mICQ571657J9vFK4I&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 204
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=06d040af-ef1d-4487-a8d6-dac3227f162d
Request Chain 206
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qN7H1z69dcFREniGNvYQAA%264689
Request Chain 209
  • https://dt.scanscout.com/ssframework/uid?UIAA=85793023098690139623774678943660983358&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-049e3f9d0574ade467c934697d114e19
Request Chain 210
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=85793023098690139623774678943660983358&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=85793023098690139623774678943660983358&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 218
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=85793023098690139623774678943660983358 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=85793023098690139623774678943660983358
Request Chain 220
  • https://tags.bluekai.com/site/43981?id=85793023098690139623774678943660983358&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 221
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y5qN7AAECsv8OAAo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxTjdBQUVDc3Y4T0FBbw==&_test=Y5qN7AAECsv8OAAo
Request Chain 222
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y5qN7AAECt-8EwAo HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qN7AAECt-8EwAo&expires=90&_test=Y5qN7AAECt-8EwAo
Request Chain 223
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5qN7AAAAWT8MgAo
Request Chain 225
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y5qN7AAAADy4fAN1
Request Chain 232
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023
Request Chain 233
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996
Request Chain 236
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
Request Chain 240
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qN7AAAADy4fAN1
Request Chain 243
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Request Chain 250
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qN7AAECsv8OAAo&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qN7AAECsv8OAAo&img=1&__user_check__=1&sync_id=b52140b6-7c24-11ed-b900-1a1db0130307
Request Chain 272
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qN7AAECsv8OAAo&t=2592000&o=0
Request Chain 274
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5qN7H1z69dcFREniGNvYQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHNGkvZrKowBOsR0c-U99oA&google_cver=1
Request Chain 278
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06d040af-ef1d-4487-a8d6-dac3227f162d&expiration=1673665261&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_cver=1
Request Chain 281
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711704266829546018
Request Chain 283
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711704266829546018
Request Chain 284
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_639a8dee6158f&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639a8dee6158f
Request Chain 289
  • https://jp1-bid.adsrvr.org/bid/feedback/google?t=1&iid=e7dd9ee0-f8b5-4de2-828c-833f04886016&crid=z9un93v3&wp=Y5qN7AACoL4KcgiUAABl_nsGp4Q3G_Z_5p8Hzw&aid=1&wpc=USD&sfe=15d20dec&puid=CAESENbBMQ_7O3AEMpKejSpgNFg&tdid=&pid=9a7i05c&ag=lbbeyk5&adv=qrt89ew&sig=1CTGnkNetolvcmfGEaq0j2gE_SKox3f4jjklxmE1Vuqg.&bp=2.15915213180287&cf=4262364&fq=0&td_s=www.heraldsun.com.au&rcats=&mste=www.heraldsun.com.au&mfld=2&mssi=&mfsi=&uhow=110&agsa=&rgz=2018&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=&svpid=pub-9172700587175332&did=&rcxt=Other&lat=-33.910000&lon=151.200000&tmpc=22.75&daid=&vp=0&osi=&osv=&bffi=41&mk=Google&mdl=Chrome%20-%20Windows&c=CglBdXN0cmFsaWESL05ldyBTb3V0aCBXYWxlcyAtIFN5ZG5leSAtIENpdHkgQW5kIElubmVyIFNvdXRoGgAiClN5ZG5leSBDQkQ4AVABeACAAQCIAQGQAQGwAQC6AQQIDBgE&dur=CjgKHmNoYXJnZS1hbGxHcmFwZXNob3RCcmFuZFNhZmV0eSIWCPb__________wESCWdyYXBlc2hvdApECiljaGFyZ2UtYWxsRGlzcGxheVZpZXdhYmlsaXR5QmlkQWRqdXN0bWVudCIXCJr__________wESCnEtYWxsaWFuY2UKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucwpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCKCNBhgM&durs=bgpsHS&crrelr=&fpa=255&pcm=3&vc=2&said=5PT7HjRIcpC5%2BH78YBN1uQ%3D%3D&auct=1&im=1&mc=33ba9a5a-e988-47ff-86ff-3191711189a2&tail=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDZkMDQwYWYtZWYxZC00NDg3LWE4ZDYtZGFjMzIyN2YxNjJk&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Request Chain 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073261475&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073261475&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671073261475%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073261475&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5ebddafa-fa7f-4722-8976-10ccbb5b4c13 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5ebddafa-fa7f-4722-8976-10ccbb5b4c13&_expected_cookie=9d39c308f9938702fc79ba6011c60175
Request Chain 333
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5711704266829546018
Request Chain 336
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 337
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ewWXwVJE2uJZjwkSRkGOf8DMbf7mKJY-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
Request Chain 338
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDZkMDQwYWYtZWYxZC00NDg3LWE4ZDYtZGFjMzIyN2YxNjJk&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Request Chain 339
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
Request Chain 340
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ewWXwVJE2uJZjwkSRkGOf8DMbf7mKJY-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDZkMDQwYWYtZWYxZC00NDg3LWE4ZDYtZGFjMzIyN2YxNjJk&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Request Chain 343
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBOHVELL-26-6UKJ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBOHVELL-26-6UKJ&ex=d-rubiconproject.com&status=ok
Request Chain 344
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pJZZDM1TTACiLvSRyOCCgw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 347
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A496590C-CD53-4C00-A22E-F491C8E08283 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ce55df98-9f90-48b7-96af-3926790a1b1f%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=06d040af-ef1d-4487-a8d6-dac3227f162d&ttd_puid=ce55df98-9f90-48b7-96af-3926790a1b1f%2C
Request Chain 348
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=&ct=y
Request Chain 349
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A496590C-CD53-4C00-A22E-F491C8E08283&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A496590C-CD53-4C00-A22E-F491C8E08283&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQ5NjU5MEMtQ0Q1My00QzAwLUEyMkUtRjQ5MUM4RTA4Mjgz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECbw5OtAGvxiAXwy2serrqA&google_cver=1
Request Chain 352
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41EF5E6989944D009502CE21C4DC34FA
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=
Request Chain 355
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd7b639a-8dee-4700-a333-49986a6c0328
Request Chain 356
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7619285204745209379
Request Chain 357
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
Request Chain 358
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC5Ek7HNRwAACDnJGjgYQ&expiration=1672282863
Request Chain 359
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YSihaeO71P5Euy5
Request Chain 361
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
Request Chain 362
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSFZFTEwtMjYtNlVLSg==
Request Chain 363
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tXwVwYd1QNmRvKVb9i_63A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tXwVwYd1QNmRvKVb9i_63A
Request Chain 364
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WrUJGYABB8-4nhjyPb4llcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.ayM2TlE2oLsQrtlajTUhKrhh8MyDrlTAAfIgQ--~A
Request Chain 366
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTI2YzgwNDc3YWUzMjA2NjY3MjYwMDc4OWVmOWEzZmU4OGFhZjhjMg
Request Chain 367
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOHVELL-26-6UKJ
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFjDXbScIUd4OvHsldfSCNA&google_cver=1
Request Chain 374
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8CCE11E1A55541BEB1AA4A0541ED7B45
Request Chain 385
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qN7AAECsv8OAAo
Request Chain 386
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3vYHtNChW7PF9wbnifITtt33W-PF_Vvt0PC8P997
Request Chain 388
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=xOXMLYEKT9pqQr-VUqFuDq310UA
Request Chain 389
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
Request Chain 390
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Request Chain 391
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=WmO89iNeLWpT_COGNRec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2V3NJ44DS2KOMVGFO4CUL5BU6R2OKJSWG HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2V3NJ44DS2KOMVGFO4CUL5BU6R2OKJSWG HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WmO89iNeLWpT_COGNRec
Request Chain 394
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJA1Vl5jzekCreF6bAIDRUk&google_cver=1&google_push=AavPq0MGwu7B7DuOudc8OzNlEF6_QbnQEy71ZutAxFOo786sC_AOPf4nkPR9bUENzdY40t_HoTMZDgYRmUJKGKaPRrdyj2GDRmw2y1WpSNfDYDKR4S3tz5Pzpadspel6cgozpjoJx0BwOr4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0MGwu7B7DuOudc8OzNlEF6_QbnQEy71ZutAxFOo786sC_AOPf4nkPR9bUENzdY40t_HoTMZDgYRmUJKGKaPRrdyj2GDRmw2y1WpSNfDYDKR4S3tz5Pzpadspel6cgozpjoJx0BwOr4w
Request Chain 395
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAJS3SzRUXXQ6eVxyVMimnI&c_param1=AavPq0O8Ab7P7MZAgt_FRb-113Mcvon18nSNiL3mpBGOWPi0gBKnpmWjej699tRBn0QZdYeK2TzjWC5cQG9AiZLtCDyjTKoT1iMlwvBaohKgEJ-RCp8Wbby_5eIXxyHnXnGUar5QOUZQBy78&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0O8Ab7P7MZAgt_FRb-113Mcvon18nSNiL3mpBGOWPi0gBKnpmWjej699tRBn0QZdYeK2TzjWC5cQG9AiZLtCDyjTKoT1iMlwvBaohKgEJ-RCp8Wbby_5eIXxyHnXnGUar5QOUZQBy78
Request Chain 396
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECxjbGdUXSZFeAQlkccj-Hk&google_cver=1&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cMD6EbA2DPCX_WuIOcQEJ0_YZlt8TFGLXZ2UORnhjiOnzyPoMV5FQnutvxEWg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECxjbGdUXSZFeAQlkccj-Hk&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cMD6EbA2DPCX_WuIOcQEJ0_YZlt8TFGLXZ2UORnhjiOnzyPoMV5FQnutvxEWg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cMD6EbA2DPCX_WuIOcQEJ0_YZlt8TFGLXZ2UORnhjiOnzyPoMV5FQnutvxEWg&google_hm=eUtqUzIzeEROQU9TRGl1UUtraEI=
Request Chain 397
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_cver=1&google_push=AavPq0N8oCRylviHPDzyuoPqbcVY_ITO-KBtdyn2kkKyqCTcEJMcFvXGte9pX1A3CDxXh9_d4v7rzqwYQvI8_6GMxRo_1wQDs_gZg0Bg_PdUhZgh1E8H9IORBTS7_tmakd9k_9ZRh15jNLaY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_hm=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&google_nid=index&google_push=AavPq0N8oCRylviHPDzyuoPqbcVY_ITO-KBtdyn2kkKyqCTcEJMcFvXGte9pX1A3CDxXh9_d4v7rzqwYQvI8_6GMxRo_1wQDs_gZg0Bg_PdUhZgh1E8H9IORBTS7_tmakd9k_9ZRh15jNLaY
Request Chain 398
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHmqbVt8NMRTHgMC0qyxppI&google_cver=1&google_push=AavPq0PVqdLKK6JKDXg51l0_vBIkHqBfVctsMzvo0mNVoUEdc9CDkf9uVq-vvT3IU47WQN5Ajy1mKHRP9E65yXD15JqSkdflsoxpQLTGYraaVgjUJvlLeWAhgo53rBehujMBcm8jiOYzCu4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0PVqdLKK6JKDXg51l0_vBIkHqBfVctsMzvo0mNVoUEdc9CDkf9uVq-vvT3IU47WQN5Ajy1mKHRP9E65yXD15JqSkdflsoxpQLTGYraaVgjUJvlLeWAhgo53rBehujMBcm8jiOYzCu4&google_hm=NDEyNzI5MTA1MTYwNzQ2MzAyOA%3D%3D
Request Chain 399
  • https://sync.inmobi.com/gob?google_gid=CAESEB9vlzw7iQ4Iib0sE55ivL8&google_cver=1&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-eAyL2zPPQSmYBSPziKskHTIUVIw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-eAyL2zPPQSmYBSPziKskHTIUVIw HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-eAyL2zPPQSmYBSPziKskHTIUVIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=V_VtfZhk6ErOv_0stEbO&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-eAyL2zPPQSmYBSPziKskHTIUVIw&google_nid=inmobi_new_eb
Request Chain 400
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESECSDbKCBxf3mMuFsOAN7S7g&google_cver=1&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQmcK2IrOMxwQo_jXe971D3nofNbeZnEfXLNZAHIRRAZRY21hJ7tjVx-Eq9xkXrlLWNc-Oxw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESECSDbKCBxf3mMuFsOAN7S7g&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQmcK2IrOMxwQo_jXe971D3nofNbeZnEfXLNZAHIRRAZRY21hJ7tjVx-Eq9xkXrlLWNc-Oxw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQmcK2IrOMxwQo_jXe971D3nofNbeZnEfXLNZAHIRRAZRY21hJ7tjVx-Eq9xkXrlLWNc-Oxw&google_hm=VGFxb0szSGp5U0YzSnlLdGFiUGM=
Request Chain 458
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo&gdpr=0&gdpr_consent=
Request Chain 459
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5711704266829546018&gdpr=0&gdpr_consent=
Request Chain 460
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wne0vf75i
Request Chain 461
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV
Request Chain 462
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 463
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xOXMLYEKT9pqQr-VUqFuDq310UA
Request Chain 464
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd7b639a-8dee-4700-a333-49986a6c0328
Request Chain 465
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A496590C-CD53-4C00-A22E-F491C8E08283 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEE0OTY1OTBDLUNENTMtNEMwMC1BMjJFLUY0OTFDOEUwODI4MxAAGg0I8pvqnAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI85vqnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI85vqnAYSBAgCEABCAEoA&google_gid=CAESEItN6RyEmiKGumY7kcyHO4Q&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=87cb4abc-42ec-4ce7-9cc2-ac9eb684d226
Request Chain 466
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A496590C-CD53-4C00-A22E-F491C8E08283&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VM4WapNE2uUoxvYNe8LWulo2MsS2f_M-~A&gdpr=0&gdpr_consent=
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1ce506f-10f5-448d-af7c-5e4d7689d6a5&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e79e48f1-54d6-48b8-a24d-32d8511a94e8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 468
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=198305352654688975
Request Chain 469
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7619285204745209379&gdpr=0&gdpr_consent=&us_privacy=

475 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1671073250288562011
  • https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
524 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
c283b4a2f4fdce45f2f81726236368f16f2293b96cb359b4eb16a67add422eb5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:00:52 GMT
expires
Thu, 15 Dec 2022 03:00:52 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 535813 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d363ddfc9c6147d6559d33e5c37c8d4a9-1671073251&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=363ddfc9c6147d6559d33e5c37c8d4a9
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Thu, 15 Dec 2022 03:00:51 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
expires
Thu, 15 Dec 2022 03:00:51 GMT
location
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4VFNVPXJT1D02W0C
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=103549
accept-ranges
bytes
content-length
11472
x-amz-id-2
4uO6i4l63P3DNlB0tW3K2bdAjOLd3xyco9qrYSl7SZSnILDGDrgUyc9FaquYDLsV5es7sIoqweY=
expires
Fri, 16 Dec 2022 07:46:43 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
7H6DNWJR8XFXB459
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=583077
accept-ranges
bytes
content-length
12052
x-amz-id-2
lHWHL2qpmY04V7fzoJ+nsOIn7dzQf4BfyEJjcP6qNYtp19y7KNQNyCQPrDRXbsXXod83Knp4Rnc=
expires
Wed, 21 Dec 2022 20:58:51 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3Z0GHM044FR4D820
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=62513
accept-ranges
bytes
content-length
12440
x-amz-id-2
2YrJF17m3YFqg4u+b0bGyR1eyKvaQLDDf4Ev+7Hkwp5R3fsidxJ04Onc1TnT7lN8qvXJyrKX0D8=
expires
Thu, 15 Dec 2022 20:22:47 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
7X7T428JPY46HNHE
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=350893
accept-ranges
bytes
content-length
11372
x-amz-id-2
qUs/d/Ic2YoKrRJT36hdvlaLY6ZbhAp2uy18zKrNVn+7r6E5BdZIXwXl4DVjEM7jV1n3jSbfzG8=
expires
Mon, 19 Dec 2022 04:29:07 GMT
lux.js
cdn.speedcurve.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
777
date
Thu, 15 Dec 2022 03:00:53 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
3300
x-cache
HIT
content-length
7152
x-served-by
cache-syd10171-SYD
last-modified
Thu, 15 Dec 2022 02:05:53 GMT
server
Apache
x-timer
S1671073254.764071,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Dec 2022 02:05:53 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:53 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:53 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2967
x-rq
sin1 0 2 9980
last-modified
Wed, 30 Nov 2022 04:28:24 GMT
server
nginx
etag
W/"6386dbe8-1d74"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:01:09 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
kix1 0 2 9980
last-modified
Mon, 05 Dec 2022 05:56:06 GMT
server
nginx
etag
W/"638d87f6-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=16
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:59 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
nrt1 0 2 9980
last-modified
Thu, 24 Nov 2022 01:45:33 GMT
server
nginx
etag
W/"637eccbd-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=6
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:54 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:04 GMT
server
nginx
etag
W/"63844cfc-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		240 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
375fa7d646eb52c53c4973a0ba502e5edc41e5a455c57232dc290b36ae1436e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
IstAHiwhym5ISyDMzMegzMRg_TKE0MT6
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:00:53 GMT
x-amz-request-id
HSHGX6GHAYFK21AG
age
9036
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
7
content-length
36720
x-amz-id-2
AEiRlpGvxUDnjdUx9ddTrLxK4H1kaqbpSwlQhwfVEclKPvf3L+yeQRCamr3M4XEHZLTauWPZ/80=
x-served-by
cache-syd10141-SYD
last-modified
Thu, 15 Dec 2022 00:30:18 UTC
server
nginx
x-timer
S1671073254.763970,VS0,VE0
etag
"f60bccb2c268e8c50c3b700f9e6fd3d14ab4b36b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
9
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
8
2fd7680d
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/2fd7680d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7bc5ef548dbde54ff0472e34814e5a79a711865437493388d8d01e7eb7f7220e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:54 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 15 Dec 2022 03:00:54 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8769
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"7b4d7d1120aa2895971692d6e636333bfa8f9d3c44ac48cdb16e64ebd0efcf52"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f2fd7680d&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=2fd7680d&session=363ddfc9c6147d6559d33e5c37c8d4a9
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Fri, 13 Jan 2023 07:34:26 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2522013
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
K7Q77N69686DWRDS
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=202034
accept-ranges
bytes
content-length
16112
x-amz-id-2
EB7QAIVZ6OIyPK1MBzX5+1sn8EqlGJsU2/7MUbJddtKgZPL2PyetFh+aDSJDBBJnH5R17aAzZL8=
expires
Sat, 17 Dec 2022 11:08:08 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
63PJEVSTV4SQC4J6
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=491775
accept-ranges
bytes
content-length
15948
x-amz-id-2
7LWlVawAUmj3Lyb/cmUBmBBNzHixh616MPrdm2RM1ajwfbi3WjHpNF8ar4RGe9KpjuzcIQdYFas=
expires
Tue, 20 Dec 2022 19:37:09 GMT
eb90adb5b0ba6a21931e5b431d21ddc7
content.api.news/v3/images/bin/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/eb90adb5b0ba6a21931e5b431d21ddc7?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3ea88a5558a347613994d2481d2a4df03083290c6b887d93c63092842e327db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
x-check-cacheable
YES
edge-cache-tag
eb90adb5b0ba6a21931e5b431d21ddc7
content-length
18458
last-modified
Thu, 15 Dec 2022 02:59:18 GMT
server
Akamai Image Manager
x-serial
1535
etag
6484694a9f7d964f543decf7f93e1a74-eb90adb5b0ba6a21931e5b431d21ddc7-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183851
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 02:58:24 GMT
96330df88a1d58ec9ada87e3cbba08b4
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/96330df88a1d58ec9ada87e3cbba08b4?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bb0c14cd339c6a54d0a34d590e897937afc38109202bca355cb1ffd06b2701b0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
x-check-cacheable
YES
edge-cache-tag
96330df88a1d58ec9ada87e3cbba08b4
content-length
3975
last-modified
Thu, 15 Dec 2022 00:10:35 GMT
server
Akamai Image Manager
x-serial
1281
etag
d51002a08c58bc0f7b3807d0017daec0-96330df88a1d58ec9ada87e3cbba08b4-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5173780
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 00:10:33 GMT
f6e34f4774f54fed37a6d6081ab5f481
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f6e34f4774f54fed37a6d6081ab5f481?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1e343140fba50863f9a58310f2917a6a081b047af98a6f38a319b9e7987dd286

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
last-modified
Thu, 15 Dec 2022 01:11:01 GMT
server
Akamai Image Manager
etag
4fb90516e0e329ce50c0982937bb622e-f6e34f4774f54fed37a6d6081ab5f481-150
edge-cache-tag
f6e34f4774f54fed37a6d6081ab5f481
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177241
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4736
expires
Mon, 13 Feb 2023 01:08:14 GMT
a69c8cfc88f6670714200bd80db0d14e
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a69c8cfc88f6670714200bd80db0d14e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
da75b108ff1ca812d896c648f2aef586fbd65374274dec7890fb9fc411bb7d14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
last-modified
Thu, 15 Dec 2022 01:13:28 GMT
server
Akamai Image Manager
etag
2be1fbbfe10ec955811980490e9f962e-a69c8cfc88f6670714200bd80db0d14e-150
edge-cache-tag
a69c8cfc88f6670714200bd80db0d14e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177421
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3986
expires
Mon, 13 Feb 2023 01:11:14 GMT
46a9f1701d5dda4e3fedfaf2fa3c5ad1
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/46a9f1701d5dda4e3fedfaf2fa3c5ad1?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
68ba68fdbe01e94c9f187960f9aecd379d993e725f2a3f04f9e0c36cee41ce30

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
last-modified
Thu, 15 Dec 2022 00:43:02 GMT
server
Akamai Image Manager
etag
a046e53ac4757d14a961f8549349a10d-46a9f1701d5dda4e3fedfaf2fa3c5ad1-150
edge-cache-tag
46a9f1701d5dda4e3fedfaf2fa3c5ad1
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5175717
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5677
expires
Mon, 13 Feb 2023 00:42:50 GMT
605af6d2a074a245de4cc83f1258d9d5
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/605af6d2a074a245de4cc83f1258d9d5?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dbd3a8ebc22466c0a20ddf58489252b8ef30dad1f4d1c4e577b0b324b00db77c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
x-check-cacheable
YES
edge-cache-tag
605af6d2a074a245de4cc83f1258d9d5
content-length
5140
last-modified
Thu, 15 Dec 2022 01:18:00 GMT
server
Akamai Image Manager
x-serial
1725
etag
5d3b2f8f3f4010d35af2f33337a05bc1-605af6d2a074a245de4cc83f1258d9d5-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177682
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 01:15:35 GMT
031e6619433cbd8dca7b8b07507347b8
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/031e6619433cbd8dca7b8b07507347b8?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
dea5d793682ff6a99a6b9f9898a04b2aefb899340d1562ae7fb29b0804ba3f88

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
x-check-cacheable
YES
edge-cache-tag
031e6619433cbd8dca7b8b07507347b8
content-length
4636
last-modified
Thu, 15 Dec 2022 01:39:54 GMT
server
Akamai Image Manager
x-serial
1718
etag
9f09cf15d7d15423f0e91166c28454d8-031e6619433cbd8dca7b8b07507347b8-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5179178
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 01:40:32 GMT
209f9da936d61a908fe7da7c61b762d4
content.api.news/v3/images/bin/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/209f9da936d61a908fe7da7c61b762d4?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bc727e9522d980b6d047a6555aa711399b89c8980a2175c1226169b0337c95df

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
last-modified
Thu, 15 Dec 2022 02:43:27 GMT
server
Akamai Image Manager
etag
e792042d50b1e360bfbcf8677a5ad9f4-209f9da936d61a908fe7da7c61b762d4-650
edge-cache-tag
209f9da936d61a908fe7da7c61b762d4
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5182850
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
25856
expires
Mon, 13 Feb 2023 02:41:43 GMT
3a9d7e0df0fe970352278d04ab86d7fc
content.api.news/v3/images/bin/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3a9d7e0df0fe970352278d04ab86d7fc?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8b346f5da4ac6be488bb5c02a6742c845cdb51ad17c64669f376af02cfae0250

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
last-modified
Thu, 15 Dec 2022 01:24:24 GMT
server
Akamai Image Manager
etag
857281c34e406428127379b27f6f8ca6-3a9d7e0df0fe970352278d04ab86d7fc-650
edge-cache-tag
3a9d7e0df0fe970352278d04ab86d7fc
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5178174
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
28145
expires
Mon, 13 Feb 2023 01:23:47 GMT
fb9a950c48e56171ef60381dc958327b
content.api.news/v3/images/bin/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fb9a950c48e56171ef60381dc958327b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4245c9317bdd03c399c7d209333549e525906f02f649a11cbd5707ef2782af03

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:53 GMT
x-check-cacheable
YES
edge-cache-tag
fb9a950c48e56171ef60381dc958327b
content-length
37558
last-modified
Thu, 15 Dec 2022 01:24:22 GMT
server
Akamai Image Manager
x-serial
1171
etag
8f5353b1f8050b6c9ac68bf56954d11a-fb9a950c48e56171ef60381dc958327b-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178102
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 01:22:35 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
SWNT12DB6ZNXK5WK
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=69985
accept-ranges
bytes
content-length
540
x-amz-id-2
h7K/ZSK7Z3mo4BebhbA5fX0FzPTGOvWcNDQwzgPqUV6v8oOOWlLyl+A5leCJX/IwWbSz6G2os0o=
expires
Thu, 15 Dec 2022 22:27:19 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.128.46 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:00:54 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
P1XSTENNVYR8CNEC
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
TMf/KRGGXhQmxckKi+f9Mqtrc8/Zhw6bpO7Q8aWCglAT4kh+V75xvamGj/niAf1cDK9BxoxhDqw=
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Fri, 13 Jan 2023 08:42:43 GMT
date
Thu, 15 Dec 2022 03:00:53 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2526110
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:00:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 03:00:54 GMT
/
www.heraldsun.com.au/_static/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGRuaGBoVEWAK9DIhM=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 15 Dec 2022 03:00:53 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 20:10:12 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 15 Dec 2022 03:00:54 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
QTKD2FK8G6JBAXZE
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=123981
accept-ranges
bytes
content-length
535
x-amz-id-2
N5hQXRsxV46lWiw3iggR/R0Hq6kbWa8gWdkI70DU7DsNg/sA/WNIiTcqUqAzABhQ7PmMumtC15o=
expires
Fri, 16 Dec 2022 13:27:15 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=465916
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Tue, 20 Dec 2022 12:26:10 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:00:53 GMT
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=68446
content-length
102
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Dec 2022 03:00:54 GMT
x-amz-request-id
769Q37HT361EJFAE
age
31
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
tYdPMngv710tMSP6xQi7thZP+hgpno/vIuX2wz0Hkx5Gi1OeC9MsQuoSoynYmXr+kliP05dZYf8=
x-served-by
cache-lax10664-LGB, cache-syd10141-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1671073254.335376,VS0,VE0
etag
"1a868d280f9424f5d82876d6cf0c46b9"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
2, 2
impl.20221213-28-RELEASE.js
cdn.taboola.com/libtrc/ 		697 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Lrl1e2Aw8HzCg9OgpbTX6ln5I5_T3ZPx
content-encoding
br
via
1.1 varnish
date
Thu, 15 Dec 2022 03:00:53 GMT
x-amz-request-id
N624879947PWDVVD
age
12311
x-cache
HIT
content-length
147906
x-amz-id-2
tPZBpqt3ILdR+NPrbTWYoJrD2welhEef7VMEN934ReaQzORsvx21pbF3ptx6Guu4GrX/BGL1Ht0=
x-served-by
cache-syd10141-SYD
last-modified
Tue, 13 Dec 2022 15:34:28 GMT
server
AmazonS3-br
x-timer
S1671073254.987559,VS0,VE0
etag
"a4495474400267464c5d5703cfb4ef74"
vary
Accept-Encoding
content-type
application/javascript
abp
41
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
11440
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-129.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 15:57:46 GMT
content-encoding
gzip
via
1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
39788
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
BiQCCqgpsX8o8eoBr0cY8AOvgq94juoIAb8t4sjB_ZZhQKOf8G2V9A==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8W8XE7H63ACAA50Q
age
1267550
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
WEpywNY9kINKGzy3pyUEoGXebdnrAVg/EQfwsrJ8pRbMrgTqp78ek4dm1Sb0dOyG5JgO70t9rfY=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QneHSsgHZ2lhhWOTi0kztox0M5YYjAicv9%2B8PF6YpY7trQTmX%2BDRwGeD30nUMPYGf7aB3GvSiYARVyKhc2nPX%2Fx2zBXIzpHyjp%2FtLfasr5ShRymYtiCXC7pPYdqYwYC2pAWoEauI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
779bee823ca648e8-SIN
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.263&type=info&msg=https%3A%2F%2Fwww.heraldsun.com.au%2F&llvl=2&id=3158&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427997
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8ee22a19fcce4512e3f6c7f81d0b75e97a0ad242425927e196551c7d5f153804
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 15 Dec 2022 03:00:54 GMT
x-datacenter
gce-asia-east1
etag
"e318ec5b06b0d633aa5cd0fc97b5b2398e2cdf243d74a5a19f147a7921b2d9e7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-b5lx
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=03%3A00%3A54.384&lti=deflated&data=%7B%22id%22%3A331%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1670946107109%2C%22vi%22%3A1671073254381%2C%22cv%22%3A%2220221213-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11136%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1329.0625%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03fa6cd8afa5c5b3803fa1a0089cc38d99cb9568bfc8add3574d2bdcdd4018d5

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
169
date
Thu, 15 Dec 2022 03:00:54 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-syd10141-SYD
server
nginx
x-timer
S1671073254.440012,VS0,VE169
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.378&type=info&msg=https%3A%2F%2Fwww.heraldsun.com.au%2F&llvl=2&id=6218&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427997
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.378&type=info&msg=%7B%22mode%22%3A%22thumbnails-midrail-native%22%2C%22container%22%3A%22metro-tops-taboola%22%2C%22placement%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=6501&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427997
debug
trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.383&type=info&msg=Desktop%20Mid%20Rail%20Home%20Native%20thumbnails-midrail-native&llvl=2&id=685&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
427997
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:01:27 GMT
date
Thu, 15 Dec 2022 03:00:54 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
"63844cfe-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=33
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Thu, 15 Dec 2022 03:00:54 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1056
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 15 Dec 2022 03:18:30 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-syd10176-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1671073255.672732,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
209328
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:01:11 GMT
date
Thu, 15 Dec 2022 03:00:54 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29864
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-182d6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=17
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:55 GMT
date
Thu, 15 Dec 2022 03:00:54 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:00:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 03:00:54 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
c98c20916f12f74e43f885162eb285c213a978a45c76769a2517e4b8c6d4b1ae
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:00:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16115
x-xss-protection
0
server
sffe
etag
"6fc2662babd12b8e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Dec 2022 03:00:54 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Dec 2022 03:00:54 GMT
x-amz-request-id
CBJAXHHVTDDK1AH7
age
21402089
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
T+SO3zzAu/vI3ID3zGGjDx2/OWdNCwfDObUAO4AV3bMqhIR2V9jGe9Y4TcERARxY+Vu0wOuMQqY=
x-served-by
cache-sna10723-LGB, cache-syd10141-SYD
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1671073255.506746,VS0,VE0
etag
"b7fcedf037c57085d364b689ca46f32e"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 26585
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073254539&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073254539&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073254539&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.33.88.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-129.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
via
1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-amz-cf-id
NG8W8CD6zT0BDqP5c5xRF0hU1OfOqm0xj5FJT3MZWDgjPullMVsMow==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671073254539&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Thu, 15 Dec 2022 03:00:54 GMT
via
1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
content-length
0
x-amz-cf-id
HdZJ-ZF1sO8n6ZO_Ubks0lYcljuzgmHo7WC1JVHVKAuc77eLyDtuoQ==
x-cache
Miss from cloudfront
userx.20221213-28-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221213-28-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392df454db433937cbd9eab9124a901bbdfa8309483d629420f4f177237a3bef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
37d5eleN_6OaHEk3s7Shzw66j8sfEa21
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:00:54 GMT
x-amz-request-id
HJCQNBQDHMBBVN8V
age
25
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
peWUOxbv2bGtrWHppAKxSTymak7LUwfEUmQ2jcuNeIy1x73PCefQHcnh4O6Tl0spBCcDbe3HXXI=
x-served-by
cache-syd10141-SYD
last-modified
Wed, 14 Dec 2022 10:01:56 GMT
server
AmazonS3
x-timer
S1671073255.732250,VS0,VE0
etag
"387419e6bca348b851c6311c87a7394b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
12
debug
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.673&type=info&msg=Start%20Rendering%20Desktop%20Mid%20Rail%20Home%20Native&llvl=2&id=1738&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
422384
debug
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.677&type=info&msg=Finish%20Rendering%20Desktop%20Mid%20Rail%20Home%20Native&llvl=2&id=1430&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
422384
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&lti=deflated&ri=9f119d646a8bf917b5a05efe21cf5fe4&sd=v2_fe2de144b73be13360c87a8333f420bd_3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366_1671073254_1671073254_CIi3jgYQgPNHGO2X6Z3RMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiQ8oHT17O4ql1wAQ&ui=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&pi=/&wi=873729681997272865&pt=home&vi=1671073254381&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A00%3A54.680&id=9589&llvl=2&cv=20221213-28-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 15 Dec 2022 03:00:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
date
Thu, 15 Dec 2022 03:00:54 GMT
via
1.1 varnish
x-amz-request-id
JC91BP2JQ28V5KMY
age
8133
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
G4eyqL9eH/PW5fQ6BSslf4KbqY0dfvjpFhoRZLmaJ+Urb5/+YMWAIR6OEj3azhAXZKdpNmy7jYg=
x-served-by
cache-syd10141-SYD
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1671073255.736219,VS0,VE0
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
content-type
image/png
abp
39
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
168
debug
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A00%3A54.708&type=info&msg=Finish%20Rendering%20Desktop%20Mid%20Rail%20Home%20Native&llvl=2&id=7678&cv=20221213-28-RELEASE&lt=deflated&pct=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
422384
iStock-909208170.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/12/iStock-909208170.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2da9d0d3371ada92fe5f99ad6f4fc8e6ee39b61b8a9baf48381e0f7369d7116b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 15 Dec 2022 03:00:54 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//origin.go.dailytelegraph.com.au/wp-content/uploads/2022/12/iStock-909208170.jpg
age
767808
edge-cache-tag
295629393342920346579086867560932026993,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
295629393342920346579086867560932026993,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
357
req-referer
https://www.heraldsun.com.au/
content-length
9986
x-request-id
aae09aecfb7f589b7067450dcb6b32d3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200069-IAD, cache-iad-kcgs7200072-IAD, cache-chi-klot8100026-CHI, cache-iad-kiad7000080-IAD, cache-syd10141-SYD
last-modified
Tue, 06 Dec 2022 05:42:12 GMT
server
nginx
x-timer
S1671073255.776422,VS0,VE1
etag
"79d9d87c6afd0982c968941d2b0176c2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
campaigns
resourcesssl.newscdn.com.au/indies/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
f782453376c8eafe4712af01d339385534774c44b0ebdb57ed5eadf96d49e859
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Dec 2022 03:00:55 GMT
x-powered-by
Express
content-length
720
x-served-by
cache-qpg1253-QPG
server
Google Frontend
x-timer
S1671072683.966956,VS0,VE359
etag
W/"774-Gz0BfRPqOiT4UaGn9yqXPba+ckw"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f6dba6a030812f9a0b90ea340acc0eb8
cache-control
private, max-age=1231
function-execution-id
r4n56pohv5hf
accept-ranges
bytes
x-orig-accept-language
en-US,en;q=0.9
x-country-code
SG
expires
Thu, 15 Dec 2022 03:21:26 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Thu, 15 Dec 2022 03:00:55 GMT
expires
Thu, 15 Dec 2022 03:30:55 GMT
function-execution-id
q01ree94uonz
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
2bc34ecb542bb9760444d790d7061808
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1226-QPG
x-timer
S1671073255.832963,VS0,VE346
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=d8a4c386a9b019351beb2a9c7894ea24,0acdf20082a9a9e864eea826e4e6d491,694271b3edea797dd155c91b91112553,e452fab25b988f03184ee3f83d34eb66,afa8e6bf423c08a06b3b144e7ffd1ad8,f4515d3a1626a52090abd3df9741a8c6,fff69647aae2d2f25730afd5c32c889d,a0fddd7dd7be79015bf63e48f0cae4e2,14c5878bd9d8eb545fa3aba707a69982,26fb867e9be9410343d09fc971eb24aa,b8c0552dcddff92b356b57131ff53feb,9058a547bf63318ea30734a607f62395,71d6ba0068a7953235d3fc84a4a9cf62,83ad7e17de8db18b8c4129ab2aa2696b,2b987142ef5f21052497622999e7b07a,11fdd4c38ac6594563a3302e2b0035d7,58e373030198ec6bab10fac8c3a055a9,ff0ec866d5daa9a0a3db89fb68e8493f,a9ef3b044855817d0de00e8fee0c173d,4ffdefac657dfcebc8138c1692c881e4,38ddb968355d700320bc4301c449fbd8,11b5b0198f770618adf8a9cf20be3e3f,e979c3c47891249c9ada8e5c5d4ea4ba,14ec0e4f539d8258b675e049e5c7b240,a77116bc5acebbf02a1e364ee35f7281,4cf9df54798686096526b7fca4d04780,fd3777e08a3ec15e20854e9ebefab5c2,a38c4b2cd6ae2a466fce6c4ddf3d016e,f29ef8063914c9a3b3cf6f47e8d0e138,7f3d18c0df7151e40bb2e40fe2daa974,047751ba3e5408cd15c60119c2fb2d27,154067ae831d538827d3d23896d85108,9384b8cba8b2318beb7b886cf174a2b0,a018ac2b580c483ecc9a11d1c72267bf,848479f42854d5e58e89b382a32964dc,639cf4a816c691074ad58d301df95ec3,6d28c339ca7a6b3326addf6e17b71011,c64a238fba8fb01cac7051e8bef01f83,da86db486f131f5fca444c59cb783471,86744ce4a7e17b34f9f9d44ed525cfef
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
3687399516733927a932d97f42b3f7a5b124e1d21c7cf7cff2a110e8174ad30d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:00:55 GMT
server
nginx/1.20.1
etag
W/"5dc-tGcR5qhnYLWokXFHli4fSb/mNbM"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
abeee360-7c24-11ed-8854-cd7fa50f7c8e
content-length
857
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6e906a5435a480c2208bb5fecf5327f7eb6bf2b77e7c5747e574ef342ecef03d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 15 Dec 2022 03:00:54 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1692
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=50
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Thu, 15 Dec 2022 03:01:44 GMT
1a9b6e7d4f9f03388987468c9a0caa95
content.api.news/v3/images/bin/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1a9b6e7d4f9f03388987468c9a0caa95?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
707d2c0e6f2ebf60d6f8555335382ee4b51f7577298d08a7f7b357e0efa33adc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
last-modified
Wed, 14 Dec 2022 21:28:49 GMT
server
Akamai Image Manager
etag
8f69cbcc0c2eb35b3e7d9ba1f5e3ccf5-1a9b6e7d4f9f03388987468c9a0caa95-150
edge-cache-tag
1a9b6e7d4f9f03388987468c9a0caa95
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5164120
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5420
expires
Sun, 12 Feb 2023 21:29:34 GMT
ad585a5dfc408c0117c406b39c7cce45
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ad585a5dfc408c0117c406b39c7cce45?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f165a9d06f5fa4a94dde100488e8932c15f31013058fe53aecf6828378b73035

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
x-check-cacheable
YES
edge-cache-tag
ad585a5dfc408c0117c406b39c7cce45
content-length
8202
last-modified
Tue, 13 Dec 2022 00:48:27 GMT
server
Akamai Image Manager
x-serial
259
etag
af7f9a06bd1eec563c2ca3fe17dc639a-ad585a5dfc408c0117c406b39c7cce45-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5003122
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 11 Feb 2023 00:46:16 GMT
c3aac69b3b321934118cb867c9e93520
content.api.news/v3/images/bin/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c3aac69b3b321934118cb867c9e93520?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e1623e1451248e9a54e49b3fbc7290db5e5e620756f4c8933efeece19abc5816

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:54 GMT
x-check-cacheable
YES
edge-cache-tag
c3aac69b3b321934118cb867c9e93520
content-length
6621
last-modified
Wed, 14 Dec 2022 03:40:20 GMT
server
Akamai Image Manager
x-serial
1049
etag
6b9afaabc430fda4777ee8b5a1fe47c0-c3aac69b3b321934118cb867c9e93520-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5099860
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 03:38:34 GMT
authorize
login.newscorpaustralia.com/ Frame 513C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=JZkrNxFeDr1xsV5v2sOTH-6STvfYC6VA&nonce=0TGCgPAD7ns-2XHzhA3-cJZGh_cOGmoV&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
8b50b8a520efc94544080fd1b6220cb13c91fba7cd02aa3bec590d44da790638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
779bee89b9a42e80-SIN
content-encoding
gzip
content-length
816
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Thu, 15 Dec 2022 03:00:56 GMT
expires
Thu, 15 Dec 2022 03:00:56 GMT
ot-baggage-auth0-request-id
779bee89b9a42e80
ot-tracer-sampled
true
ot-tracer-spanid
52d72b1c64a2006b
ot-tracer-traceid
20ec23ea03aabe8e
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000020ec23ea03aabe8e-52d72b1c64a2006b-01
tracestate
auth0-request-id=779bee89b9a42e80,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 543 0 pmb=mTOE,3
x-auth0-requestid
b641cfcd37d1b0e1b6e8
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1671073257
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:49 GMT
server
AkamaiNetStorage
etag
"edd094a83833400340dd04039cdd122f:1670479309.994367"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Thu, 15 Dec 2022 03:05:55 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:50 GMT
server
AkamaiNetStorage
etag
"173d1f23698ee8297b151a48bdea9d96:1670479310.123213"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21334
expires
Thu, 15 Dec 2022 03:05:55 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		192 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:02:06 GMT
date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45762
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 04:54:40 GMT
server
nginx
etag
W/"638d7990-30150"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=71
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:00:59 GMT
date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3442
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-21ad"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=4
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
26139773
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
iEnqqvx9DY1mo8u1CE4XXv5CmmRt5rJkYtpVyLOPIpTrmFe0TDb5Rw==
fb2f3e951cc5c5252803e6620f68a29f
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/fb2f3e951cc5c5252803e6620f68a29f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2e29f9b139b8d969decbd30d8d27b2ca29053a0d2bf60f9be5731e215fef26c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
x-check-cacheable
YES
edge-cache-tag
fb2f3e951cc5c5252803e6620f68a29f
content-length
4293
last-modified
Thu, 15 Dec 2022 02:21:54 GMT
server
Akamai Image Manager
x-serial
1778
etag
369418ff8d8829389786332f3b3f85b3-fb2f3e951cc5c5252803e6620f68a29f-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181597
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 02:20:52 GMT
746fbda76810cf5454d04ab1f20edee3
content.api.news/v3/images/bin/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/746fbda76810cf5454d04ab1f20edee3
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
291a3d79990d83388695cb991d16245105d67f77d4b1c82cba26c2f156583a3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
last-modified
Thu, 15 Dec 2022 01:46:56 GMT
server
Akamai Image Manager
etag
e25bb139ae5df1ec3668aa3e297a838b-746fbda76810cf5454d04ab1f20edee3-0
edge-cache-tag
746fbda76810cf5454d04ab1f20edee3
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5179529
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
32074
expires
Mon, 13 Feb 2023 01:46:24 GMT
pixel_2fd7680d
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_2fd7680d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/2fd7680d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Thu, 15 Dec 2022 03:00:55 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_2fd7680d&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_2fd7680d&session=363ddfc9c6147d6559d33e5c37c8d4a9
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
cd02296291f1681030fda3fd3fbd60c1
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/cd02296291f1681030fda3fd3fbd60c1?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4dee19d7dd0581c179a55c4accb3012dd4bee4ea86acd9948a1487f76e40bf66

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
x-check-cacheable
YES
edge-cache-tag
cd02296291f1681030fda3fd3fbd60c1
content-length
4432
last-modified
Thu, 15 Dec 2022 02:34:39 GMT
server
Akamai Image Manager
x-serial
460
etag
c12cb410ff167821133d22e9d8cd213c-cd02296291f1681030fda3fd3fbd60c1-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182544
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 13 Feb 2023 02:36:39 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 23:05:38 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
14118
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
O8kBbI3ztcJ0u6i1K9Trn5ur00hxiVShKVCdOm0iC6VpQv3ggPxVxA==
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b890e2fe66bddbfcf0aad772997478817d1ee529a7d79bc58d296a33a68970fa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Mon, 19 Dec 2022 04:51:19 GMT
date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
31250
x-rq
nrt1 0 2 9980
last-modified
Sun, 04 Dec 2022 22:07:54 GMT
server
nginx
etag
W/"638d1a3a-79f6"
vary
User-Agent
content-type
image/png
cache-control
max-age=352224
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16710732557010.2303545038402306
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Thu, 15 Dec 2022 03:00:55 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/x-javascript
date
Thu, 15 Dec 2022 03:00:55 GMT
cache-control
max-age=66133
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
cafe /
Resource Hash
eb189c29ae0dac68da188b50c8b1502ca7de898304049d0d8fa606ca3ba71aad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12625
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.35.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-35-226.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:36:38 GMT
content-encoding
gzip
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
SIN2-P1
age
5057
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
s21-7epTP9SpAAfCkBNKFxMj3xqJgGtcTspLpYXylJyArdcinGuegg==
expires
Fri, 16 Dec 2022 01:36:38 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=68388
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=61135
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 03:00:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0dtP5SkORjWGw82y/HNooirinqhpjOX66ma9xfcpyl5ZqBpG4n/NhspcficzNh/fMn1EYbOTq5hrZFbvLqpMqA==
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-45.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 02:38:13 GMT
Content-Encoding
gzip
Via
1.1 1b42f8a12f90ea0a7f04e17b988d6830.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
1364
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
P3idpEtB1Yv1TvDfUYiKaNiXoQdUF8mlad-SAX42S-9pTkvuRwqytw==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-12-15T03%3A00%3A55.719Z&country=au&newsconnectId=&fpid=363ddfc9c6147d6559d33e5c37c8d4a9
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
4d3ad473c42805ec9684c6724af832f7ee7f7853426d713ff0455d2da85050a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
UMrEOOoRVoPiBBX.XHkgU0Lo2Jl9BQ7R
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:00:56 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ740X792WN4M9N
x-cache
HIT
content-length
520
x-amz-id-2
dyRXwCFfuyLEyiKBxhe0MP6ZJf1JgnDEyhFPm93wlxrhsLFMv2BuMtgZpBGNpvJD3g9O+wO/tuo=
x-served-by
cache-syd10126-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671073256.214055,VS0,VE0
etag
"1e637b4fd7dec49af4390ec7ed24432b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
1325313
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
ZEFRP9MDBRZY2GGC
age
1535
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bee8b5ff9a895-SYD
x-amz-id-2
7Ps8oYuNSV2woceheiiCzZHjbO7U6EXZQUeFd+Lzh1Ga3/Ovgv1+gRYbMV+QytEeZlHhkAx7eOs=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.72.44.233 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-233.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 03:00:56 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Thu, 15 Dec 2022 04:00:56 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f1604ee8add5dbb6f8ce1e3a4b7711de:1669603221.223968"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=28945
content-length
2297
tad.js
tags.news.com.au/prod/tad/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ada52adfc48f667e35362bd9e99165d1:1670478883.668009"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=72873
content-length
33851
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
302a3ee15481d46de80e54cc0346e438fab8948f0f062f37bc03f9a544694c17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27543
x-xss-protection
0
server
sffe
etag
"1422 / 474 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 03:00:56 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:36:08 GMT
content-encoding
gzip
via
1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront), 1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3, SIN2-P2
age
1488
etag
W/"909ff158818033daa43a2d271ecda3db"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
HP36EVuwTq4fOALhm6nQsnP8AJ8_itzUXrxLwqa0w_SpwbJwH5OOfQ==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=54761
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-87.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:05:07 GMT
x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
etag
W/"964c4cc68e0d531d901baf0d73f36918"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
age
3350
x-amz-cf-id
4pl5q198qFFz9TiOb_mWYU93_Lgqak3jA8o4_tX3gNz3xGwubD3h8g==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b9045a036305d0268317898151e53de:1667439593.577923"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=25176
content-length
5801
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 15 Dec 2022 02:57:54 GMT
server
cloudflare
age
182
cf-polished
origSize=5866
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDxSR6M7XmfuoOa3t%2B04%2FkFcdIfn6XdF0jxyRWOWbPSO9MVIzw44NGqsxrJcdoo52Mjc3YIDhR0keOCkfezcWKxbxq8At%2F1O%2FsISvCYZJoA%2FjjVBFK5czJ%2B0POkpZASDUOltAY2K"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bee8ddaa7a956-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:55 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Fri, 30 Dec 2022 03:00:55 GMT
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
97
pragma
no-cache
date
Thu, 15 Dec 2022 03:00:55 GMT
via
1.1 varnish
x-served-by
cache-syd10141-SYD
server
nginx
x-timer
S1671073256.780060,VS0,VE97
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		1 KB
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:20:09 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Dec 2022 03:00:55 GMT
last-modified
Fri, 25 Nov 2022 07:11:01 GMT
x-timer
S1670908410.580240,VS0,VE347
etag
"b1ca29a23e5260534bf5bac85850f27c26008d0db91e6f95dc58f6ba485b4e12"
x-i
true
vary
Accept-Encoding
x-served-by
cache-qpg1242-QPG
content-type
text/css; charset=utf-8
cache-control
max-age=1154
accept-ranges
bytes
content-length
482
x-cache-hits
0
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e1f33bea29d3a3031701b094adb902ff0e8609f9629c6bee9d9ee45bdfe78bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 03:24:19 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Dec 2022 03:00:55 GMT
last-modified
Fri, 25 Nov 2022 07:11:01 GMT
x-timer
S1670908409.392753,VS0,VE258
etag
"456051da5149d639dd12231e1f147753d0bd2cb193079988e6aac163b80e871c"
x-i
true
vary
Accept-Encoding
x-served-by
cache-qpg1278-QPG
content-type
text/javascript; charset=utf-8
cache-control
max-age=1404
accept-ranges
bytes
content-length
7797
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 15 Dec 2022 03:00:55 GMT
via
1.1 varnish
x-amz-request-id
R49A95MEAARZDWRY
age
12822
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
OwQO4r3NRn2mobB8qX5KI65TenVKTAqHjn3l8Eljsiqz/LERXHRjxQ8w1JWWw1vGRMYpafcYhZ8=
x-served-by
cache-syd10141-SYD
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1671073256.873549,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
39
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2729
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.202 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-202.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:57 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 12:49:58 GMT
server
AmazonS3
x-amz-request-id
VBSGRMDGRMTATJDJ
x-amz-cf-pop
ATL58-P1
etag
"35540205d0226005e7cee3000c54ae8f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
EUbtxkrcE1cKQzu7ZKs1tD2beamQSVDnt1xDcYZja63v86LbG_BGNw==
x-amz-id-2
l/gSRa5XquhGfXrcUKta7HP7iDuMtOTx8XKIN+IsOqP1UxdcsJYoJpFXlDIZt2GxhLkxqy5DkAo=
content-length
21840
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202212080601&cb=1671073255987
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.56.153 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-56-153.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 15 Dec 2022 03:10:56 GMT
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-25.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Fp2yHOl1Q6EBCrmf.6.R4BH9p6d4MB1Q
content-encoding
gzip
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 02:42:46 GMT
last-modified
Tue, 13 Dec 2022 07:19:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
1092
x-amz-server-side-encryption
AES256
etag
W/"c4a50f37b02f511ddc08ff3c6fe94ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
u8LTUv32larciGCi4DN_2zmbTaYzVHFwFwQR_tkS0URP0jHcPl4qdQ==
title-arrow-blue.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		168 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-blue.svg
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
last-modified
Wed, 14 Sep 2022 05:11:08 GMT
server
AmazonS3
x-amz-request-id
7VD1F2KASBC180EH
etag
"66be3d1dd6a8e48ce691f235e6119f50"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=439926
accept-ranges
bytes
content-length
168
x-amz-id-2
qGYvGNza8WYBm/sYs5tfjvFlJ2AIwWQ6l0dc9co210oWvpZM1dvYI+XZBQemgjTZDbvP5dx0HHM=
expires
Tue, 20 Dec 2022 05:13:02 GMT
query
www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/ 		26 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.13.1)%3B%20Browser%20(lite)&x-algolia-api-key=&x-algolia-application-id=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bb77be46b4359e4b331fe51146a8a6169a5752acd7517ca8e496e9308f4968a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

expires
Thu, 15 Dec 2022 03:00:56 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Thu, 15 Dec 2022 03:00:56 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
content-disposition
inline; filename=a.txt
x-opw
4
content-length
26392
pragma
no-cache
x-alg-pt
31
server
nginx
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:41:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
4767
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Dec 2022 01:41:30 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLqO2CWXjzKzJx5aKYA5kl-2J_Z7i5vPROzma4iSKCxmG_1MYkoWrSAfz1lOF_qmO0naQOfQDay3q_b-tednpV5basFukWlD6w2m5t_vFSYkYqBwtZ8AUtMHQchNNM_0Vh3q52BRgeEVSnB2wc&sai=AMfl-YQxv4U6sSaXeCQu1exYXLhNoDGmG0QS91IWi_pfEPW2_w8fIljrbEiLF2LYSwloXtuoZxfWitKih2ehYm6pAA&sig=Cg0ArKJSzN8LqrL9wFBJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221207.05538&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:00:56 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers
6e39d52e
login.newscorpaustralia.com/akam/13/ Frame 513C 		0
0
c-UQ8C
login.newscorpaustralia.com/tUl-ebg4aorK3/xmiFn1M/SJEre60/maEbcLXN9S5D/YhJzb2w0Ag/bFEwZn/ Frame 513C 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN52-C2
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
C7UKOgddxyLDLADXK4CgbCDG0pUJAIQ6oDHyfbw4ZvWwAeD_2FBSLg==
content-length
66268
comments-count
mhr.talk.news.com.au/api/v1/ 		116 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=0e3d39e675c1c34bfe07dcb218774b8e,%20728b7a63bcc39b6f8aa80e671767ca6e,%20ba8ba24f0c7cb07b331e6121134825f0
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
cf8afe3a3b0417b7b55c00f55ff021f31ec8f1021d1462b21a806b73fb1c14cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 03:00:56 GMT
server
nginx/1.20.1
etag
W/"74-p0zRBt0Q/dK66eRpwQEtB+UnBEQ"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
aca51400-7c24-11ed-9de1-c1202bb9c6a7
content-length
108
x-xss-protection
1; mode=block
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CtTHbJB_hW0a8AMWI&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11807&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=7435&t=Du2p1VDlaFvLwlCdrU4D0TB3V24u&V=139&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=uojhOD4mOG2DTXRWsBBlQCNDkyyS6&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.97.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-97-242.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:00:57 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073256580
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073256580
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073256580
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a15e335621556b69f7878b439a6e154567172e9321ca4f9f0ebad8c7d602a8a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-04144b8bf.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
LpMsXgPVSkc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1557
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v041-02dcf106d.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
hCkBZb0SS+k=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671073256580
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
101956
jadserve.postrelease.com/suid/ Frame AA18 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.90.31 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-90-31.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:57 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
rtb-h
match.taboola.com/sg/supershiprtb-display-network/1/ Frame AA18
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qN6cCo8YMAANMN8xIAAAAA
  • https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qN6cCo8YMAANMN8xIAAAAA&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3DY5qN6cCo8YMAANMN8xIAAA...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qN6cCo8YMAANMN8xIAAAAA&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3DY5qN6cCo8YMAANMN8xIAAAAA&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1671073259.502730,VS0,VE131
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10141-SYD

Redirect headers

location
https://match.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=Y5qN6cCo8YMAANMN8xIAAAAA&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3DY5qN6cCo8YMAANMN8xIAAAAA&isDirect=0
date
Thu, 15 Dec 2022 03:00:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
428065
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame AA18
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=5c60fa8eeff74cddb9...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=5c60fa8eeff74cddb93e5ee87fcf2c18
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=5c60fa8eeff74cddb93e5ee87fcf2c18
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
428217

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=5c60fa8eeff74cddb93e5ee87fcf2c18
date
Thu, 15 Dec 2022 03:00:58 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame AA18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame AA18
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOHVE10-19-G9LT
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOHVE10-19-G9LT
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073258.073137,VS0,VE93
x-cache
MISS
accept-ranges
bytes
x-served-by
cache-syd10141-SYD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=LBOHVE10-19-G9LT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame AA18
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ0iFrMuROtSsfcRezudVvE&google_cver=1
0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ0iFrMuROtSsfcRezudVvE&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
108
date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073258.943733,VS0,VE108
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10141-SYD

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJ0iFrMuROtSsfcRezudVvE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame AA18 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:00:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame AA18
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
date
Thu, 15 Dec 2022 03:00:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
428099
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame AA18
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=06d040af-ef1d-4487-a8d6-dac3227f162d
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=06d040af-ef1d-4487-a8d6-dac3227f162d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073258.150761,VS0,VE94
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10141-SYD

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=06d040af-ef1d-4487-a8d6-dac3227f162d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame AA18
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:00:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:00:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame AA18 		49 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-AU
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-547db7d84-rhhhv
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame AA18 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.165 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame AA18 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-11.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame AA18
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8f1e82ef-a93a-4848-a87c-41c36584f10e
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8f1e82ef-a93a-4848-a87c-41c36584f10e
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
428217

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8f1e82ef-a93a-4848-a87c-41c36584f10e
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
937480
content-length
0
expires
Thu, 15 Dec 2022 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame AA18
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=5711704266829546018&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/5/3.gif?puid=ce55df98-9f90-48b7-96af-3926790a1b1f&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=06d040af-ef1d-4487-a8d6-dac3227f162d&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/3/5.gif?puid=198305352654688975&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F2%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/2/6.gif?puid=A5B998A0CF5F7BB&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F1%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/1/7.gif?puid=bd7b639a-8dee-4700-a333-49986a6c0328&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://inmobi-match.dotomi.com/match/bounce/current?DotomiTest=34f1278d7c7c226f&is_secure=true&networkId=98193&version=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/822.gif?puid=AAAJpBgttVUfzwMB9b5FAAAAAAA&expiration=1671159666&is_secure=true&gdpr_consent=&gdpr=0
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
431179

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ
date
Thu, 15 Dec 2022 03:01:06 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame AA18
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=bcea6027-73a4-4020-a71d-4fc66eb80d27&ssp=taboola&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10521675378516247703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10521675378516247703&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=ce55df98-9f90-48b7-96af-3926790a1b1f&ssp=taboola&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10521675378516247703&ssp=taboola&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=232363304366001973358&ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10521675378516247703&ssp=taboola&gdpr=0&gdpr_consent=
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e79e48f1-54d6-48b8-a24d-32d8511a94e8
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e79e48f1-54d6-48b8-a24d-32d8511a94e8
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
431657

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e79e48f1-54d6-48b8-a24d-32d8511a94e8
Date
Thu, 15 Dec 2022 03:01:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame AA18
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=099f349a-99ea-4dbb-a7d7-98a64f46340c
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=099f349a-99ea-4dbb-a7d7-98a64f46340c&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3D099f349a-99ea-...
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=099f349a-99ea-4dbb-a7d7-98a64f46340c&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3D099f349a-99ea-4dbb-a7d7-98a64f46340c&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1671073261.819453,VS0,VE131
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10141-SYD

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=099f349a-99ea-4dbb-a7d7-98a64f46340c&tbid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&query=taboola_hm%3D099f349a-99ea-4dbb-a7d7-98a64f46340c&isDirect=0
date
Thu, 15 Dec 2022 03:01:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
432092
sd
u.openx.net/w/1.0/ Frame AA18
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:59 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame AA18
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 03:00:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 15 Dec 2022 03:00:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame AA18 		49 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.252.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-252-46.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:59 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
16
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame AA18
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xOXMLYEKT9pqQr-VUqFuDq310UA
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xOXMLYEKT9pqQr-VUqFuDq310UA
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
432092

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=xOXMLYEKT9pqQr-VUqFuDq310UA
Date
Thu, 15 Dec 2022 03:01:00 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
/
csync.loopme.me/ Frame AA18
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=453&user_id=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&gdpr=0&gdpr_consent=&us_privacy=
  • https://csync.loopme.me/?partner_id=1196&uid=e79e48f1-54d6-48b8-a24d-32d8511a94e8&vt=
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1196&uid=e79e48f1-54d6-48b8-a24d-32d8511a94e8&vt=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
115.223.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
server
_

Redirect headers

Location
//csync.loopme.me/?partner_id=1196&uid=e79e48f1-54d6-48b8-a24d-32d8511a94e8&vt=
Date
Thu, 15 Dec 2022 03:00:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame AA18 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame AA18
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ce7559ff-ef27-463e-b3ed-c3e88af274a4
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ce7559ff-ef27-463e-b3ed-c3e88af274a4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
432677

Redirect headers

date
Thu, 15 Dec 2022 03:00:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=ce7559ff-ef27-463e-b3ed-c3e88af274a4
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:00:56 GMT
x-amz-request-id
X0ZYP01DBVFV8BGR
age
2023
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
4Kz0IYrYemcpVmkh7tqXAdNXHjnvoIBG0gj4fKylvZEutp7Kxoecb4kvf6bm3AoltdeGYgepo18=
x-served-by
cache-syd10141-SYD
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1671073257.732954,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
39
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4997
eid-encv2.es5.js
cdn.taboola.com/scripts/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid-encv2.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221213-28-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb2ab5b5cdfb45aad4d8911147a322e9546a12881682d80eaaa9040e77d63288

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
5Ow5rm4wA7Q0UhOZ9VP078H429HAqiL6
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:00:56 GMT
x-amz-request-id
T8QXA0JT6CXJY0E8
age
1147
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5616
x-amz-id-2
Un+NQSXDhhNGyoubzoFfJbinyaWiJlzEKkhl7dXGJtWRKGVBY+xmevYD7lwz4BclbMQg1Hg2xGg=
x-served-by
cache-syd10141-SYD
last-modified
Wed, 14 Dec 2022 10:39:25 GMT
server
AmazonS3
x-timer
S1671073257.733190,VS0,VE0
etag
"ff9bbfda54628457069031e22f7300f5"
vary
Accept-Encoding
content-type
application/javascript
abp
39
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2878
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-32.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 10:28:21 GMT
Content-Encoding
gzip
Via
1.1 893b2f924f02b6d97b78b13c14301c76.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
405158
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
77Uo6Ak7JYrkmzdK1dNf51tBxfnBCiEp8ECcXS_8PE5KZRzxX93HrA==
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:56 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 15 Dec 2022 02:58:15 GMT
server
cloudflare
age
161
cf-polished
origSize=47101
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOCyuVpkKj9DgVRJyukIsq54PdQle3FfSoGOxRureq0I6KhbX7bNC%2F04ScclN038PTwmsQx8x2DzvHJT%2BVQSHUmWtVUPBMIdjLlv22lnXmJv%2F8p4HsDWgEG%2FgcCFl0lXkpWzBWil"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779bee8ebc21a956-SYD
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
00963888aa539b10793484d1b020aac609a909c06f08441b3cb0b3cc37e9635f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Dec 2022 03:00:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85936
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Bm5DGJCZR0x7NGDqbIdMB1BECS0HXkTKQoL/m3dpit6S0+VzY6MHbzQlpf0Ae5qN5yzlzM2I0AZy/YlVBNSNlg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.191 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-191.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:57 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Thu, 15 Dec 2022 03:00:57 GMT
v2oqjPefC8fxrgoRQQsl0Anv1U7hwkSOhNk_FO3UytBxFxP3dN79FuybEH4Sm5tVNSa_ji9jq
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2oqjPefC8fxrgoRQQsl0Anv1U7hwkSOhNk_FO3UytBxFxP3dN79FuybEH4Sm5tVNSa_ji9jq
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
56718fe205f03227dac3660f162430c0de1cd5d110910bff2150c1c9c977a7a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 15 Dec 2022 03:00:57 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-b5lx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 15 Dec 2022 03:00:56 GMT
/
pips.taboola.com/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-syd10137-SYD
date
Thu, 15 Dec 2022 03:00:57 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=cda018fcac01b5223cb6233771d63e9f&timewithTz=2022-12-15T03:00:55.719Z&country=au&newsconnectId=&fpid=363ddfc9c6147d6559d33e5c37c8d4a9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.217.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-217-104.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221215
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:00:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39606
x-jsd-version
1.0.1556
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4577-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-7f8qDY2VEq3Tg9Q/RU9Vxgw1xIU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS5eV5HaJT2NOqEy4zvtl%2FCAAhz76jH3gLNoH%2BI0oOSd%2BDd%2Fzl1m12d27GPv%2F9tUMjnaum5pOzPb%2B0XGCOwH5dTtsdzPCrizwoEikJ4TrwyxJcfmAz%2B5RrAB4ebOPMstuls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
779bee91a9c8a823-SYD
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
0f4eabc49d62cfc8b79f5ce1f18d38111a8eff9d4c47088d72103ddb7d05354d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:59 GMT
content-encoding
br
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13062...218.2022121503"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
4dUoFEZ4v6FfgxU_tz70uFkhpuc3EqVKShhqu7hloTydiybBBDVx1Q==
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 02:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Dec 2023 02:48:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:00:57 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:35:57 GMT
via
1.1 869c20a0b6637fa4614a52064a4bf808.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P2
age
1500
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
yakg-wvGLtv624oaclb8BjKwI7L6KClywqut3VAtDmpoN2HVQU0CdQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-79-24.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 05:16:35 GMT
x-amz-cf-pop
SIN2-P2
age
78269
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
UthkCmRQJwq4v7D63hgJxg3Br41JEkUDga7-OZGnuFBldy4_A_MPGQ==
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 03:00:57 GMT
cache-control
no-store
server
nginx
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-25.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 02:42:06 GMT
x-amz-cf-pop
SIN2-P2
age
1132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
sdYAREKlLA1FwtOkqspUFfWxovmu8tu_3ZPx1R_6TjOqONahZzTgeQ==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1671073257346&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671073257344.1989198692&it=1671073256715&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 03:00:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
swg.js
news.google.com/swg/js/v1/ 		149 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
sffe /
Resource Hash
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46777
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 18:33:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:08:07 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
80504624e0123fbef466ad7ac5dc90ff1f848c2145ad560e84c5f6173bf7351b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:00:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
0a00d8aecffe58a7c59595fbfa02ac4d0fbf351f9fcf1226f67ed56df4a9ed7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:00:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.28.235.202 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-202.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
date
Thu, 15 Dec 2022 03:00:58 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"4a5e4a11bf4a74aeb574379e169fa679"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=436
accept-ranges
bytes
content-length
18049
x-amz-cf-id
_fRpZ6SHxLfhjoYE1VaiYtt_rCfphK9oFWIW70n8U3x_zG6uwl9OUQ==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 8D62 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-25.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
3366
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 15 Dec 2022 02:04:52 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 aba5c115363c1a37b7337fdb5a449b1e.cloudfront.net (CloudFront)
x-amz-cf-id
brr1QEtEoK8K4jJOR7tz11lPBBtVbGz1TVwBOq2N5hK_hDrjda-5oA==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:00:58 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 15 Dec 2022 03:00:58 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 4FCE 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-45.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
1726
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 15 Dec 2022 02:32:13 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 574188a928e9091a61842b1bf8314b56.cloudfront.net (CloudFront)
X-Amz-Cf-Id
EIgvG4Y9incPBQlf9kd4sd-aBiAvWb7lRNAD-2fao-L4yvLJ4T_sqg==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=363ddfc9c6147d6559d33e5c37c8d4a9&&bust=16710732577540.08970069444945983&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-28.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
bfb126c9294d121adcf8a2d092e434f724673f6bd3787368808c23ffc0247b45

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 519f4b1ac97b08b10023540bb9e7e006.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
0UIQm4e-JznqbrpuMNkvOTeaBcu6ZcvS_aaepqOXwB-TpX-RkG5XDg==
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1671073257849&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.2.1671073257344.1989198692&it=1671073256715&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Dec 2022 03:00:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
5041bd1dae9efd30f005cb6dd2680d9c0c18532e6ed77585acb3fdbfada59a96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		113 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=OxvKGJJNfqQci&cb=0&ws=1600x1200&v=22.1201.834&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 efb1b7f3f8c49c642a3c171f148004fe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
IEPRnu0hxTVkUGeo0Q_2a9u5qiCXBEJAeU-NGJljlpUonrQzFVd09A==
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
validate
assets.vidora.com/v1/ 		0
301 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 12b038d4c98d16c65897122b6ac31b54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
wRpxJXGQ8Ow8qEpr1HOFOAKELe1wLZSY5ogYyW1zeqDBAkVYSzyOPQ==
expires
Thu, 15 Dec 2022 03:00:57 GMT
cygnus
htlb.casalemedia.com/ 		36 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22141bcf9491a294%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22217cb8931acc2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%225a7bd3b2da09b7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%227abc96aed7ae2f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%22836db05146143%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f534583676f2f6a56b4bd08e25ef5918757e9a923bf237f7fed8949c24aa78b8

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63wyIEReuG6BBM%2FJ0PJEr2208%2FVa6obCYfGFk%2BNt4gvS%2FPj5oppqhV1ia81iAI8I0EVuI7w5eYtXBo3lQJB83kI4%2B8zLqDfTZUcEtctSg%2Bwtio5pdbnjfGpqSsLBU07yEWDHInpK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
779bee97ecc2550f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:00:58 GMT
AN-X-Request-Uuid
3e47a3b1-04f6-4795-afe7-ac19909219ad
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=76230525810
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:00:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:00:58 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.playground.xyz/host-config/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
34677ccf-105f-4338-b0c2-de531a6d2081
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=7d2e1b83-700a-411a-80b8-e122665d7022&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.2367044299391421
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2bd454b16687895517d2ba8834ecbf1028d92551bedebf558686e55ed2ae44ce

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
407
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2bff2abb-6b74-4973-8ba7-3c2815a7ea61&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.3184196568277724
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0b36d7e6e1286e31bb02c1335349aecbd65630d4f2be3faa0be3bcc5a40b24a6

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
406
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=bf9b169e-0947-45df-ad58-20c9e466f044&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.8198076173530771
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
70d17624752332e852a6966da108581028de05b7ec26152a826bb05695e1c878

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		386 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=2ad393f7-7f1f-4206-b70d-782cda6f8d1d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.03785366282247904
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c9b0b930c43b48a96609458d91bdf49cafa1952c2ae4b64d1be7d5f3124cae2

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
386
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
mfad.inskinad.com/api/ 		162 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-154-76.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
9086c8f0eb6ae0e5a20cecf2be8ea388db1a8288876bc905bb4a0225e19b8f30

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"a2-Z0ONgYPDOJmRh5Z+cEhkLN8eAi8"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
162
x-served-by
bifrost-production-shard001-us-east-1e-i-017d7e49ec562bdb8
dest5.html
newscorpau.demdex.net/ Frame 95AE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.238.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-238-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v041-0f1add7c1.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Uc5zqXImSzk=
content-encoding
gzip
date
Thu, 15 Dec 2022 03:00:58 GMT
last-modified
Fri, 28 Oct 2022 11:03:12 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=85768951851445849123777068475930645796&ts=1671073257990
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-179.data.adobedc.net
Software
jag /
Resource Hash
22fbe69e61c44a64abaaa249db9c79247f3047b2c1e2a09722a0366a4525c704
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y5qN7AAAADy4fAN1
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=85793023098690139623774678943660983358
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qN7AAAADy4fAN1
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qN7AAAADy4fAN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-07d138af2.edge-usw2.demdex.com 10 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bX3i6uRQR1w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5qN7AAAADy4fAN1
Date
Thu, 15 Dec 2022 03:01:00 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 8D62 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=mympeeh9knwdnfucj98dyqgozqs8o1671073257&c16=sdkv,bj.6.0.0&uoo=&fp_id=lu3hu9ndx1ai3v70oslzoaqodxnjf1671073257&fp_cr_tm=1671073257718&fp_acc_tm=1671073257718&fp_emm_tm=1671073257718&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:58 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
mympeeh9knwdnfucj98dyqgozqs8o1671073257.nuid.imrworldwide.com/ Frame 8D62 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mympeeh9knwdnfucj98dyqgozqs8o1671073257.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-93.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:09:29 GMT
via
1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
78689
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
0Fjs_kVKyjj9ttrHrlh7NZzi25dpU3RGjkydcTqgoECXpjf31WSegA==
iu3
s.amazon-adsystem.com/ Frame 92F4
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 03:01:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VP8ZTCEQ75RGS768V972

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:00:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0VYW82QK9MS24R6217SW
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Thu, 15 Dec 2022 03:00:58 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 03:00:58 GMT
Server
nginx
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=6690074376045525446&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D8184107255992563958$$&ns=0&rnd=09920787556764399&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.75.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-75-90.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b1566fba3c2306241c6a5c539183c7335e9f17ec87f8ba307d606bbb6debef2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2309
expires
Sun, 05-Jun-2005 22:00:00 GMT
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f349add9b1c14d35ed99c20eed4e8c2a4355f93a5e82c0f65ff971702ae5e430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:00:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=85768951851445849123777068475930645796&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01363ddfc9c6147d6559d33e5c37c8d4a9%011&ts=1671073258832
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3e0ae9560cf3289080bf319fbd7b99b49605f667b32e10e8fe9ecb15037f5899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v041-0a0ce6a7d.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
nDoKwoqeRSY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1558
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=358&dpuuid=5711704266829546018
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=5711704266829546018
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5711704266829546018
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0e47d093b.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vnIm2/0yTbc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:00:59 GMT
AN-X-Request-Uuid
82e2e758-2883-46f6-8317-d63166dc65d5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5711704266829546018
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s96662738515860
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s96662738515860?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=15%2F11%2F2022%203%3A0%3A59%204%200&cid.&newsnkidcookie.&id=363ddfc9c6147d6559d33e5c37c8d4a9&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=363ddfc9c6147d6559d33e5c37c8d4a9&mid=85768951851445849123777068475930645796&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D75&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=2%3A00%20PM%7CThursday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=75&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=363ddfc9c6147d6559d33e5c37c8d4a9-00000000000000000000000000000000-1671073255985-635887&v110=2022-12-15%2003%3A00%3A51&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.179 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-179.data.adobedc.net
Software
jag /
Resource Hash
4a574944ece0952bd03fbe37af17c37b49ccdf68669c02299f9f4c230a10c02c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-aam-tid
RQKEg2mNSNE=
date
Thu, 15 Dec 2022 03:00:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-2-v041-0c2a4518b.edge-usw2.demdex.com 9 ms
pragma
no-cache
last-modified
Fri, 16 Dec 2022 03:00:59 GMT
server
jag
etag
3588602499303899136-4619601313901147307
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 14 Dec 2022 03:00:59 GMT
ibs:dpid=470&dpuuid=7619285204745209379
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7619285204745209379
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7619285204745209379
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0cbd595e4.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cCAUYILlST0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7619285204745209379
pragma
no-cache
date
Thu, 15 Dec 2022 03:00:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=481&dpuuid=LBOHVELL-26-6UKJ
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=85793023098690139623774678943660983358&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOHVELL-26-6UKJ?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOHVELL-26-6UKJ?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0e391b570.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hYqcmCw2QNM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBOHVELL-26-6UKJ?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?id5id=ID5*2wh7izGnDFZCDvUepF2XgFHtKjJOON30uXUs5kPENiYv9YxBDRQzUDPhogdqxJ84&o=api&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 15 Dec 2022 03:00:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		725 B
829 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=805ff5df-ee65-4b85-a84d-919141ac1aa3
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-137.data.adobedc.net
Software
jag /
Resource Hash
1370cce3362a561640e5d69a2137a8a0f715d065df37a3242b495bc4c65b1248
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
x-xss-protection
1; mode=block
x-request-id
805ff5df-ee65-4b85-a84d-919141ac1aa3
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.11.2:836cd9b5
ibs:dpid=771&dpuuid=CAESEIp4s0mICQ571657J9vFK4I&google_cver=1
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODU3OTMwMjMwOTg2OTAxMzk2MjM3NzQ2Nzg5NDM2NjA5ODMzNTg=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIp4s0mICQ571657J9vFK4I&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIp4s0mICQ571657J9vFK4I&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-07786c86f.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
N5P3j0fhS7k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIp4s0mICQ571657J9vFK4I&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=06d040af-ef1d-4487-a8d6-dac3227f162d
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=06d040af-ef1d-4487-a8d6-dac3227f162d
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=06d040af-ef1d-4487-a8d6-dac3227f162d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0a5c37adc.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qTMIdIBVQNI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=06d040af-ef1d-4487-a8d6-dac3227f162d
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 95AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=Y5qN7H1z69dcFREniGNvYQAA%264689
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qN7H1z69dcFREniGNvYQAA%264689
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qN7H1z69dcFREniGNvYQAA%264689
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-074787a83.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
q0k8rrFNQnI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv96YhbJOWalvGmFvRdKB7stZ6shsff633Au6cVNjmo3cHhHN96Z8FCocGKkJhGOzN7C9z9v5Ju3dqDoFnFqW%2Fl7kyaLQa3t9RsH7sNGBHolumhBrIxcOV16MHnGmQlFdidUlx9L"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5qN7H1z69dcFREniGNvYQAA%264689
cache-control
no-cache
cf-ray
779beea62ae0a961-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=lu3hu9ndx1ai3v70oslzoaqodxnjf1671073257&fp_cr_tm=1671073257718&fp_acc_tm=1671073257718&fp_emm_tm=1671073257718&ve_id=&sessionId=mympeeh9knwdnfucj98dyqgozqs8o1671073257&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,665g0rfiawf7lyfruw8m8kgkhgulo1671073258&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16710732577156294&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1671073256027&c3=st,c&c64=starttm,1671073259&adid=1671073256027&c58=isLive,false&c59=sesid,&c61=createtm,1671073259&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1671073259&rnd=257026
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:00:59 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
pub
pixel.adsafeprotected.com/services/ 		775 B
1013 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=4ca4e4eb-2c34-5f0d-4009-415372883400&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2d9e072a58d9d0799c0be5878c3c39d7254d228efab605b6d9db45fd05af81b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
server
nginx
x-server-name
app04.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
ibs:dpid=30432&dpuuid=CI-049e3f9d0574ade467c934697d114e19
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=85793023098690139623774678943660983358&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-049e3f9d0574ade467c934697d114e19
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-049e3f9d0574ade467c934697d114e19
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0e437cb12.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oYB3NiGDSiA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-049e3f9d0574ade467c934697d114e19
Date
Thu, 15 Dec 2022 03:01:00 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=85793023098690139623774678943660983358&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=85793023098690139623774678943660983358&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-0ee19a6a4.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nO/DAdKiQY8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Thu, 15 Dec 2022 03:01:00 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1671073259927&pvs=1&pvid=2b59f5f7-0d9d-4ca6-b8c1-4c28d8653afd&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
dotmetrics-hit-status
01 OK
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
Mj8EJBp9HKDu4JqBoqg6ro__VuYM5GfYzK44lxvsVwIn54Xmb9JMNg==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1671073259927&pvs=1&pvid=2b59f5f7-0d9d-4ca6-b8c1-4c28d8653afd&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-99.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 00:42:07 GMT
via
1.1 d5f29441dead372cd342d7cb881976ce.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-P1
age
8334
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
tve2FUhiKgbbRqb7VLrvZQQaC6aeDfja3Rtr0aCkYTo64I7UOJIcJA==
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 03:01:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		178 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4048661842352804&correlator=2354905506683836&hxva=1&scor=3819768927809358&eid=31071094%2C31071145%2C31071221%2C44761477&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refreshed%3Dfalse%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%7Cpos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D363ddfc9c6147d6559d33e5c37c8d4a9%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%26abtest%3Da%26pvid%3D363ddfc9c6147d6559d33e5c37c8d4a9-00000000000000000000000000000000-1671073255985-635887%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1671073259999&lmt=1671073259&dlt=1671073252971&idt=4885&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=28%2C462%2C10218%2C11086%2C4028%2C11807&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x11825&msz=728x133%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=617479356.1671073260&ga_sid=1671073260&ga_hid=2082570065&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
7c79e7e23f841f8fed4f0862fad76a6e693d54a0031698682f0a4b05015c9b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31006
x-xss-protection
0
google-lineitem-id
-1,6111071037,5275743052,-2,5275743052,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138405043710,138415583330,-2,138348077551,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB11 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:00 GMT
expires
Fri, 15 Dec 2023 03:01:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch.gif
beacon.krxd.net/ Frame 95AE
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=85793023098690139623774678943660983358
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=85793023098690139623774678943660983358
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=85793023098690139623774678943660983358
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.24.114.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-114-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
beacon-n011-pdx-prod.krxd.net
date
Thu, 15 Dec 2022 03:01:01 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1671073261
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=85793023098690139623774678943660983358
date
Thu, 15 Dec 2022 03:01:00 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=218
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
br
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 15:20:21 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d90406186815f7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
MIortg3ypUX-4_fboFLYJm_Lg_zGWQiIi4tNLuRPKDP6NL3szfdVzg==
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=85793023098690139623774678943660983358&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v041-0cbd595e4.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1JxzbnBYRCw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Thu, 15 Dec 2022 03:01:01 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxTjdBQUVDc3Y4T0FBbw==&_test=Y5qN7AAECsv8OAAo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxTjdBQUVDc3Y4T0FBbw==&_test=Y5qN7AAECsv8OAAo
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073261.832662,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVxTjdBQUVDc3Y4T0FBbw==&_test=Y5qN7AAECsv8OAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y5qN7AAECt-8EwAo
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qN7AAECt-8EwAo&expires=90&_test=Y5qN7AAECt-8EwAo
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qN7AAECt-8EwAo&expires=90&_test=Y5qN7AAECt-8EwAo
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073261.819400,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5qN7AAECt-8EwAo&expires=90&_test=Y5qN7AAECt-8EwAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5qN7AAAAWT8MgAo
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5qN7AAAAWT8MgAo
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
550
x-timer
S1671073261.832529,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
1201

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1671073261.506085,VS0,VE223
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y5qN7AAAAWT8MgAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pr
s.amazon-adsystem.com/v3/ Frame BC94 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
dcbaf6e4c960d5d6153e5f9d597405d183caae8a3de21076979bec3a9c3b3d22
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 03:01:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
6HW1N8F5R0STCFERTQZH
setuid
ib.adnxs.com/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y5qN7AAAADy4fAN1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y5qN7AAAADy4fAN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:00 GMT
AN-X-Request-Uuid
be6ca9ae-a211-42c2-9c0e-6d00b77796ac
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073261.592721,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y5qN7AAAADy4fAN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
up_loader.1.1.0.js
js.adsrvr.org/ Frame E443 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:08:11 GMT
Content-Encoding
gzip
Via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
35571
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
qZs5xmXU8UDB8y8C8vBEPrJVSl6v-W8wKrgnatQl5gTWwZSRKDk-rQ==
uwt.js
static.ads-twitter.com/ Frame 3C91 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.112.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-nrt-rjtf7700022-NRT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 3941 		1017 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.139 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-139.pacnet.net
Software
/
Resource Hash
4baf1f8d152b97458890b22fef3b1a965a8fbd9f2207d4b8c51fc6e1e5d401d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
834
date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 19:04:50 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
5
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=57863
accept-ranges
bytes
content-length
490
js
www.googletagmanager.com/gtag/ Frame 61E7 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
220ccbc92d831144d597ce94457489fbb9a189558bc3616ca208579a4e9a3b71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53008
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:01 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 341C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 17:08:11 GMT
Content-Encoding
gzip
Via
1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
35571
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
wzfHaBeEgZvo6WLA_xXJ5hv0rAtmdbS9YIuD5dFZVyr-KPJCYR6Pmw==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 3906 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 15 Dec 2022 03:01:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Fri, 16 Dec 2022 03:01:03 GMT
activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023
8228261.fls.doubleclick.net/ Frame 3313
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=764631630023...
402 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
9c8342f58c5a2dc77c06a4cb296820909119f13bfeac6efc5d1ecd922b9c261a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
226
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
Thu, 15 Dec 2022 03:01:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996
8228261.fls.doubleclick.net/ Frame AA22
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=430256001605...
402 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
e802c1d163b43aa863a86fac6016b42505cc093d1f22fe16c6a6d91d2c215d22
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
225
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
Thu, 15 Dec 2022 03:01:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 4599 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
87f56eaa1be39b83f4e5f298cc4ab28b458fa854f97dbf6f86272be76b0b2350
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53010
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:01 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 3972 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16824
x-xss-protection
0
server
cafe
etag
9000569688538989929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Dec 2022 03:01:01 GMT
tap.php
pixel.rubiconproject.com/ Frame 3D60
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
px
secure.adnxs.com/ 		0
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
AN-X-Request-Uuid
eeaa6e11-3c16-4f4b-ad33-cc7abbd8a711
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
AN-X-Request-Uuid
b9b0012e-bd1e-43a2-a3bf-b0fbea605825
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjJiNTlmNWY3LTBkOWQtNGNhNi1iOGMxLTRjMjhkODY1M2FmZCIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1671073260713
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-97.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
fa7caa50ec2352fa28bb6d596e0eaa1b5adcaac3f3b452648bc4abbf466d78f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
content-encoding
br
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
poxv9ITT4ZE17W1vjyqxuZDMcZDD0opT6LOFlmB8NP3GtLOPU3ZyuQ==
sd
us-u.openx.net/w/1.0/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qN7AAAADy4fAN1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qN7AAAADy4fAN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073261.769114,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5qN7AAAADy4fAN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:26:59 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:18:06 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame A3C3
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
ESF /
Resource Hash
ee416ae50b890a48c951413e701d3defb3fc89c3ca80d1b33f17a786c02e161d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ai0lKsP_qA9-TgV-ZCxa_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ai0lKsP_qA9-TgV-ZCxa_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-MeAxQ0qZL1IjLWHHRV7L2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
application/binary
cross-origin-resource-policy
same-site
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
PETGHXM9J3BGW5Z2
age
1387
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
779beea87a84a895-SYD
x-amz-id-2
l902nuCuTXsdp0ZIQMaCkRfW2ct8uPQ67Kc2I8r6jJK1DpRsnrqERhJivqdxTsz6gCPD86DiQDw=
container.html
2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F361 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:00 GMT
expires
Fri, 15 Dec 2023 03:01:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 6755 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bcfaa5bde1cc517fa43d676bd5e0b5e9dae44719acfe0e8c75de94faa84cd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779beea9df82a953-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 03:01:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWH4PoTu%2BpRviyVa5aE0HYpD%2B46HftgZzX09jigs3JcFCMuqOp7cSfVBIT%2FLD0Uo7sLMZDqdsS%2FbakSA%2Fgv4bP%2BncZcT4yDmQaU6aYlNsl3yEeymvhttpiTiNqNP%2FMClXlVZrpiNVw8yhw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7E6E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 03:01:01 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F30 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73038
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073261.899003,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame A2F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJPeGK18TfJAAH3O6IvbjKcH7gDOfwIRT4aIddGIJHFosHFy0mg0mQGDFPLuejEHFrrRGRJxb_Mtp62RqNc9ndoAVDmxYEtk7tBO2tnFVUkRA_A6uo4opZ97d7vLxbtToMnWG53yCFUmj2MGFFvUg1CBsXDHVqTlEfIwmxMb-mJP7k5JtOl8Fy6RRYm9p0K4qN6kVyDq4RudQsh7a-8rzYRv3TSQ8yx9YdV4wTeWVdm9_088u3TjC2Mmq3tUEmIw68YVC9qWwhiBREO4LpfCiyARqVKCP13FRpEv2wOgBvzylnFamTKYfj6gqf5rTAHA&sai=AMfl-YQPxSXwO3mFRYVmqpErm5kbPVJP7rWhw0l2RSaixTdk6s7jjVttmG3kEhvwkiGVyjQa1xz6EBktAftyFvuGTnKz2aumeZFuRFFQrENt3-Ba6xUb1cMEC3CcsCBwXxb3&sig=Cg0ArKJSzOYwSIv3MK1UEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A2F5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A2F5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
86338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame A2F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI8pwNawxzIGjJQgcJNQh2KTzM8enQ2RXjiVOSvd0lhsTec5hc9jxIFwBrAC3xRbj7auNLb1CTcos4n829N-UB9CwaeA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2F5 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:01:01 GMT
5408599620316297586
tpc.googlesyndication.com/simgad/ Frame A2F5 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5408599620316297586
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
96caf4e29785bd2287d1a553a0e8b1f131c8c83a847a1ea5739c4e2c952a0053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48402
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 00:19:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Dec 2023 03:01:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstX4J3sTyLOjDJNGdu4lia5KdSVW1PVp0HNakcoV1aHOD748DwuvnV6ZiAR0kb8hkTdu5tJLjWfxa5yDULMHow-hyXXqZykUs3sUAbH55CNGlwpTUeoRPm7lqwvmFeGCYdG2lTy6KbaXH8cWAsCHWAxmg-yiXiKycmssO_eLlbEsz04uxF1saPJ28LkbbkLIHpBFaN_IaKPIxKwqhwDltQVAgH11xuKg-Xtn6MeBbtw4c3jp-qc8f0cxE4LdBoI_XNSp5h3CCXSMHCtnXsyyDv5pBGrD2dfBOb5nKnOmF3X8A7z_6HQFqZFN8imhNbfNg&sai=AMfl-YQULczrjkcT9gT8_cgaOZhfyF8vJQWmQjxdCVaKnAcsb2aJqCSJARN6k4X6RNi5LAHXOEYvlIejyKP74EdL5aWzwPgGH3aYkMuTJitLclhKwpgGnXBRjGYnl3o04lPg&sig=Cg0ArKJSzJGM2nclI_BPEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AC04 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AC04 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
86338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame AC04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTs4VmrXK6FRMHeo8FArX8rGVaiul6u1s5Q3bCjxBZDEOPBQIO5G-mQO6Clh4hVix14CokJwiwMFX9NJOWuBZUlEK5yLg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC04 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:01:01 GMT
13760263887154427917
tpc.googlesyndication.com/simgad/ Frame AC04 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13760263887154427917
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0c471babdb0403ea05134aa44b7af12ec103a13859350d0c6303d25ba2e88146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:14:35 GMT
x-content-type-options
nosniff
age
53186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30336
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 03:00:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Dec 2023 12:14:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B9B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwexFs8ucQNkKE1obvGK77F5HQUI7G6tIwXe8JAw6PvTIMmgfb3jLK8p9a2rMOfBOeUZLtpuTLVfUIAg7XsWOpFkiVfda5VohuB4PacqODZjzjePdtfO0Hs7-qUhWMUuVgCqwhrmAMiMx0qmrtzQgNXb3513g2Sa8YyCI0LwOaC8fSRWgWmQC8AsIIhDH6qvaxCxpPf3I7KRLLGVDfAldDDoPZUvgCxZB0klFU_JtkAFg-A11_8pV7--Vd03agie1kHcRb2FsIQ73VtMskkgmXqwDnNUcWAlCDC-LE3gNY8rzmtfTguPire-lX4wd-9g&sai=AMfl-YS1mVYcBkcwi0rZpMdNWLqUExkTaTYGhLdNSLAB0Rp99oOFisOhiTAictgN1PP7q4sQxxUb-BDHBzP3FkTBBWHaOYh03MLyU-f9TeEnwcNxTQgElFGRR6XTwkE2E8VN&sig=Cg0ArKJSzLKoy0MO9fjaEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame B9B7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
11703
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B9B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
86338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame B9B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR24JW8fUvUqWxIORja2HeqUVLz8jKQEKTkR9L1C0-KyjhJ_0Qxkd2gPEK303cwLHGM-2v6SkvwJTi2gZ-3V_xcBJrVXg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B9B7 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:01:01 GMT
13148952536986812586
tpc.googlesyndication.com/simgad/ Frame B9B7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13148952536986812586
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 05:59:24 GMT
x-content-type-options
nosniff
age
162097
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15618
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Dec 2023 05:59:24 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-75.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-639a8ded-5338193c0069ed6363a1a68b
x-amzn-requestid
cbc6fd24-9749-4e2b-9a80-56ac0f722128
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
dKsdJE_-joEFRDg=
content-length
25
x-amz-cf-id
8lkvu2X8hrV50aD48Kq5qMkMhxzl5sAdPMiW2Cs8tvDgvK8m5JX1rg==
partner
sync.search.spotxchange.com/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qN7AAECsv8OAAo&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qN7AAECsv8OAAo&img=1&__user_check__=1&sync_id=b52140b6-7c24-11ed-b900-1a1db0130307
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5qN7AAECsv8OAAo&img=1&__user_check__=1&sync_id=b52140b6-7c24-11ed-b900-1a1db0130307
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
90
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 15 Dec 2022 03:01:01 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y5qN7AAECsv8OAAo&img=1&__user_check__=1&sync_id=b52140b6-7c24-11ed-b900-1a1db0130307
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
29
Connection
keep-alive
Content-Length
0
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Thu, 15 Dec 2022 03:01:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
b.php
www.facebook.com/fr/ Frame 95AE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qN7AAECsv8OAAo&t=2592000&o=0
43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qN7AAECsv8OAAo&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:01:01 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
VAEeBoOJFhLOXn5EQQhxzoBIwijw3/mJphiRQKG1ULBEJrIfHbBD1vRYEnX1cEvS5/R6b3zSm/NxJMQ05agZSA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 14 Dec 2022 19:01:01 PST

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073261.130343,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5qN7AAECsv8OAAo&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 5F30 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4129069&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9fb15f952f84d8c3e8b21dfecff971c0b24ca8a7ba281c1d325cf0028dc663fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 03:01:02 GMT
content-length
1672
content-type
text/html; charset=UTF-8
ibs:dpid=147592
dpm.demdex.net/ Frame 95AE
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.186.19.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-19-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v041-00d91fd0b.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MBhV2LAFQzg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
94
date
Thu, 15 Dec 2022 03:01:01 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1671073261.223264,VS0,VE94
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
accept-ranges
bytes
content-length
0
x-served-by
cache-syd10141-SYD
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame 3941 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.139 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-139.pacnet.net
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:10:50 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=39533
accept-ranges
bytes
content-length
4581
0
sync.1rx.io/usersync/adobe/ Frame 95AE 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
crum
dsum-sec.casalemedia.com/ Frame 6755
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5qN7H1z69dcFREniGNvYQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHNGkvZrKowBOsR0c-U99oA&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHNGkvZrKowBOsR0c-U99oA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHNGkvZrKowBOsR0c-U99oA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6755
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06d040af-ef1d-4487-a8d6-dac3227f162d&expiration=1673665261&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06d040af-ef1d-4487-a8d6-dac3227f162d&expiration=1673665261&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=06d040af-ef1d-4487-a8d6-dac3227f162d&expiration=1673665261&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 6755 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WK5MRMNGRPG0RCXBY88W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6755
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_cver=1
43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iIuCzPjniAk68aKzCqxBieE7Hmnu0yHK9fV9WnhuAjxol2p13EKMh9iRi4OMtJ3vWXR56RiK6HZK%2F7W7lb4c8FQb%2FavJiNf2%2B4cN9V1POslElv50db6lLQK1zl7Jz9cV9JAiNPoQAMwWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779beead5e67a8ad-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 6755
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711704266829546018
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711704266829546018
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBthRT8iP228QWY6k5rJvKfUllLFacRwJlyP8PpqMEAqgPYSRFXVi1hFHa4%2FYmuPrhPQFDGBD5GR%2Fl%2FWQ6KmNi%2F3RTWf4AZrPw6evhjRW2Gv%2BUos46yF%2F81dzLTSf3Qm6qtOrktB"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779beeae7f8ca97a-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
AN-X-Request-Uuid
004b14d1-04e7-4194-91dc-a3cbbc00f0d1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5711704266829546018
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6755 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qN7H1z69dcFREniGNvYQAAElEAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.190.36 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-190-36.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 6755
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711704266829546018
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711704266829546018
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
AN-X-Request-Uuid
f28b6e54-72cc-4e58-a521-9c66da4d156b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5711704266829546018
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6755
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_639a8dee6158f&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639a8dee6158f
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639a8dee6158f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_639a8dee6158f
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
ecm3
s.amazon-adsystem.com/ Frame 6755 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q282240AGRZZDRRMVMX7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 03:01:01 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F361 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXHy-7I2aY77BCpSRyAP-y4GwBN2V5bdc9v6PjlfAjbcBEAEgAGClgICAkAGCARdjYS1wdWItOTE3MjcwMDU4NzE3NTMzMsgBCeACAKgDAaoE5wFP0DgxC7YtS1nAMGzMuduhgSIJ7RHtnv63zvNLpngzs1aebVGpsvGbM8k3FGdvEdXOzMyy9-l-RdRijMa-jafjnF2aH9DHQm4klBYe-Tv-tHX0AaYowM3K6flxFpwucN_PXfUokjny8NOoGJPv8ADnp5WXU_M4_OBiI2fSuJyxio6FXASHep8gMYzVXRVp1d7550rr3ypvCdYYVXbegvDdrORuGJAJi_JHn-AM8KlxL6OKdc9J85JAukHxFGykiIPNcpiv-8Gst-mOdFUwOGUcwTNw-77Y5M2lx4Zpwi_BP9FM3RslwSrgBAGABqSY64uts8CY7wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MTcyNzAwNTg3MTc1MzMyGNfPEg&sigh=8mYpwbyMKS0&uach_m=[UACH]&cid=CAQSOwDq26N9z_YF7bQ5xtsk0FK5gy0SzgIAOdtNhjQIe081ebkohz3GOqGoqs8FfdVzJv5VOaWYlwDsxNC-GAEgEw
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ca
choices.truste.com/ Frame F361 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-96.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
9d1b4b2018c2aee08943cfcbcca74bff34740a95164127cdc17bdae811d4363d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
SIN52-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
NMPQ2w5ECNDMNHoXrczTTDMxG_vOGp4BKJpOFD6jdNDFPquvn38zcQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame F361
Redirect Chain
  • https://jp1-bid.adsrvr.org/bid/feedback/google?t=1&iid=e7dd9ee0-f8b5-4de2-828c-833f04886016&crid=z9un93v3&wp=Y5qN7AACoL4KcgiUAABl_nsGp4Q3G_Z_5p8Hzw&aid=1&wpc=USD&sfe=15d20dec&puid=CAESENbBMQ_7O3AEM...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDZkMDQwYWYtZWYxZC00NDg3LWE4ZDYtZGFjMzIyN2YxNjJk&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac32...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
70 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
386
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
z9un93v3_728x90.jpg
ad.adsrvr.org/9a7i05c/qrt89ew/ Frame F361 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adsrvr.org/9a7i05c/qrt89ew/z9un93v3_728x90.jpg?cb=727131
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24fd896fc9cbab8ea1b3c741a2841033eb5116c539b661a0db6f40e03818fa2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:10:40 GMT
via
1.1 998b911809b5181544e60111e0bda762.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 21:54:13 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
6622
x-amz-server-side-encryption
AES256
etag
"e8112cf72a3ddd356e0740835189b183"
x-cache
Hit from cloudfront
content-type
image/jpg
accept-ranges
bytes
content-length
42690
x-amz-cf-id
YouCx1b_SIPRm3iPugejLP6LndcBrRPzplV2Zob_MKQFCau1TMBmgA==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F361 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
86338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F361 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 13:16:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
49482
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 13:16:19 GMT
l
www.google.com/ads/measurement/ Frame F361 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMVSU6Lmxm8k10vMDuKpIe9lqoTpFc5Z0RM4Sl0rvZBYkcAae7wNRob_9jM4uUpmgoCcp6aqJLLkEeuV1eVA3UNgS5_w
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F361 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 14:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
44329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 14:42:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F361 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:01:01 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 3972 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1671073261348&cv=9&fst=1671073261348&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
af6067791a0c9e768a8986d97b01489ba14b3e8be519474381225f4b5c642d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
906
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ Frame 3C91 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=a2ddd324-5ee0-41a3-bae7-0c0cf14fc4c4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5472b870-777b-417a-adae-3f09f853bfa9&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
157
date
Thu, 15 Dec 2022 03:01:01 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
5be172afeb5587be
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
18ba5fd499696f0eca58a190f2633668147fa99fb9a72411b05c292c2fb59481
content-length
43
adsct
analytics.twitter.com/i/ Frame 3C91 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a2ddd324-5ee0-41a3-bae7-0c0cf14fc4c4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5472b870-777b-417a-adae-3f09f853bfa9&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
151
date
Thu, 15 Dec 2022 03:01:01 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
68e493b87512804f
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ae3586c98f0dae69e2893bd940def0401aa3aaf496b0b7d83b584f9e7e411dad
content-length
43
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame A3C3 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=363ddfc9c6147d6559d33e5c37c8d4a9-1671073251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-9zTg5EQAIvA4F9EpaHf1gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-9zTg5EQAIvA4F9EpaHf1gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame A3C3 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 02:36:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:26:59 GMT
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 3941 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-87.sin2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 00:56:34 GMT
content-encoding
gzip
via
1.1 500f4e37798a0a47047ecfa48f4fd932.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
7468
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=17408
x-amz-cf-id
TSiD2xFw0n4dUWKeHLn2IYkAwlJ0PSpSyG7aOE9UPzRJXZH_15HXvg==
/
p.adsymptotic.com/d/px/ Frame 3941
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073261475&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073261475&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671073261475%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671073261475&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5ebddafa-fa7f-4722-8976-10ccbb5b4c13
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5ebddafa-fa7f-4722-8976-10ccbb5b4c13&_expected_cookie=9d39c308f9938702fc79ba60...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5ebddafa-fa7f-4722-8976-10ccbb5b4c13&_expected_cookie=9d39c308f9938702fc79ba6011c60175
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 15 Dec 2022 03:01:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779beebb59a3aacf-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5ebddafa-fa7f-4722-8976-10ccbb5b4c13&_expected_cookie=9d39c308f9938702fc79ba6011c60175
date
Thu, 15 Dec 2022 03:01:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
779beeb9ff7faacf-SYD
content-length
0
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-87.sin2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
21918
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 20:55:43 GMT
via
1.1 500f4e37798a0a47047ecfa48f4fd932.cloudfront.net (CloudFront)
x-amz-cf-id
WcPdCce9dgQc6qSRNFet7pjrr0Lgyk4xa5ox1nFwuDF-h3fExten9w==
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame A3C3 		178 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
4f5258b77094e2764ed3cbaccfa9a241723c11ed8f813f857eb176e5f9a19bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64157
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 03:53:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:53:33 GMT
truncated
/ Frame AC04 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9774cd54f71c4c5e369f3e4e03b959814185dfbac68ac8f24299983c3c98f984

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 05A6 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1776038364&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8e2dbcb90f97195ae24e90b40c237a833bf9213c541f336f66734ee4e8dfee41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame A2F5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6609bc44e6d8036713a7e77ae5fe4d5a915cd50343aa50e496fe9eba3663127

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame DAA0 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x600|1&pubId=36557831&chanId=171638111&placementId=6111071037&pubCreative=138405043710&pubOrder=3082546051&cb=400376169&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
5e13900a4131825880d5b813a5272db429008a3d48fb157644c40b513d885c57

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 61E7 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1671073261612&cv=11&fst=1671073261612&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=2050561063.1671073262&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
72532022f72dd8c12eb9b6610fa5a60ad69675063f263db277550018a3f8a4ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame D705 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
330f4dc8291722c6a96299c489650bc03b5bda788c7694c256d8d6c71ce77010

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame C766 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
330f4dc8291722c6a96299c489650bc03b5bda788c7694c256d8d6c71ce77010

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A3C3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464187&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 02:14:37 GMT
x-content-type-options
nosniff
age
261985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:14:37 GMT
truncated
/ Frame B9B7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d31fed240fb43b97c4a9f140b46ec34e371401a473a1be7395cc3855f5a63db

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 41D6 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=406959658&custom=homepage&custom3=168400391&adsafe_par&impId=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
32dfad57619831131f44ff707eb8a3226cbda24378ddcc92ac8c65e5254fffd4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame 4599 		2 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1671073261741&cv=11&fst=1671073261741&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=2050561063.1671073262&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
519ac4297b17ccb8bc3eebfb72b76ef53943475060b0ce1a68d4eb87613d2f21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
856
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7E6E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
945854dc2fb684a415fb8d43f0f2fe7e3acb138a1edc09c8e9e9f0c5765f3e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:01:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 20:53:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64367
Connection
keep-alive
Content-Length
10066
Expires
Thu, 15 Dec 2022 20:53:48 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame D705 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 19:22:46 GMT
Via
1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
27496
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
Bx2kr9RPbk9APWkDT8xyyNDspld6USe7gPmHGcFc_M8PXzoQlziA5A==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame C766 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 19:22:46 GMT
Via
1.1 25a6a41477f0a4b161961d1300fb0714.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
27496
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
D-XMFng3krZPrKjsUzZvNxTKZevGVlqe3mgCTlxF3ijSpmg5na_FCw==
dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023
adservice.google.com/ddm/fls/z/ Frame 3313 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIyXgYHR-vsCFTvmcwEd878FUQ;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7646316300238.023?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996
adservice.google.com/ddm/fls/z/ Frame AA22 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CIW1gYHR-vsCFXTAcwEd8HgOcQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4302560016058.996?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 3972 		42 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1671073261348&cv=9&fst=1671073200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1577805199&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 3972 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1671073261348&cv=9&fst=1671073200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=1577805199&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5Y-dBDuq6x-N6Jrf7YUwEvYD32MErc_GYJQL5UjIts4o38u_96-MdefVbtGo6evJxaUMJ58SiuwKr0eyvGX8cqNN0lqoqyEizSI09h7FXKs6PWZUmR1RHacwQGNSLIsaxEcu2O4XTHs08xz5ZbKCTBi7MAEPGtpgYKo3QZRMnnHZAvIcDRkpvOo1B7jXQMXbATNhjfJnKueTgrD5PrF1P7uLZy7jxcCCQmXIhT73_1Js_8_yMdRKqFvDwV3E-NOamZ65WEsZ-5bTseQFTRZtG7CPy08kqYYu5qzJ5mmRW1DGbqEIhkrn8_opAi2H7wJNQ&sai=AMfl-YR_z-PPIrBXVFDeaQLm7PpXEsz_AzDO6GJDHXElcJOOQiMaUkpRmtdsfkyPnOseFAr3Z7UkGYpz74OGUOuLhl7TbTOEaUjuXinsQnJdt4krln1Ph_kC8YwhoZi6sPCT&sig=Cg0ArKJSzBBVjRGy5b89EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:01:01 GMT
pixie
ib.adnxs.com/ Frame 3906 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1671073261873&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1671073261872&et=1671073261873&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:01:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame B9B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFvxOlTojVdvWWOJMhtWLiyAw9Q4aqrWTqUxdrup7Y8Tz82J6EtY9-eYJlKH-XacUPbvj7xMvAv7B2InmLArZ1Vwzibzyl2cm5bx_C46Tc1mkfY2Mjw1460YBkl9cH9S2DSfmLNzAcha8BelpO2Q6NWnsoNnbHZJox_Wqia5NqkIAp9Geyy07AxVskNnV8ICFT5vcrk2JlN72jSRQBRAvofvBMoP5e0jqtgZ9G46RGeSoycHjOLStvKQU8vZCPC2SxPVkzENrLRd5r2smmmUSrRluv6yQo1EO509sfA0cHxTDRUXL6JOwS5gcppANGKE7N&sai=AMfl-YRA9dTtdazQ23jlDvtMwfMbdy637yCErCvqE__wIQGPPX2mBsGQEeGuQUtF_hC_zreSAqO12d9xgJTINsBVjAMG90Ksj1yf7Stt43-sUqeXCd0_NMnOjbDz3eHy8Cn1&sig=Cg0ArKJSzAECaf5nhDGhEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:01:01 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.23.93 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-23-93.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 03:01:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
usync.html
eus.rubiconproject.com/ Frame 1172 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 03:01:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1922 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.183 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 15 Dec 2022 03:01:02 GMT
ETag
"623de86a-cf34"
Expires
Fri, 16 Dec 2022 03:01:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.114.23.93 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-114-23-93.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 15 Dec 2022 03:01:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usermatch
ssum-sec.casalemedia.com/ Frame 4A2F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b0167aea4f17da4822d2101cfa8d059e6c9ec2f5a7876461242274fb0f9201

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779beeaf6828a8ad-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 03:01:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJvuygKUj01sNz34SNvKWiHGVBQ%2Be%2B52C99berBRHnhse4rvFU2QPSazwIgFioNt7sSQ8Dmrvb8%2F5il4nSIxxVfN2LdsaE3MSnBb82ReSFNOfB9X8XJ1MNuGgTCBCNRHnUqZ%2FVOhstec1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F95B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
501
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
779beeb0ba97a8b6-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:02 GMT
expires
Thu, 15 Dec 2022 07:01:02 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D853 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73036
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:02 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 15 Dec 2022 23:18:18 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=5711704266829546018
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=5711704266829546018
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
91fc5395-f232-479a-a133-657783b02543

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
AN-X-Request-Uuid
fe1dfef6-dd5d-4133-832e-f30538338bd4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=5711704266829546018
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-126.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
rubicon
match.adsrvr.org/track/cmf/ Frame 3377
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
514 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 15 Dec 2022 03:01:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
content-length
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 37B5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ewWXwVJE2uJZjwkSRkGOf8DMbf7mKJY-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
date
Thu, 15 Dec 2022 03:01:02 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
267
content-type
text/html
date
Thu, 15 Dec 2022 03:01:02 GMT
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
google
match.adsrvr.org/track/cmf/ Frame D092
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDZkMDQwYWYtZWYxZC00NDg3LWE4ZDYtZGFjMzIyN2YxNjJk&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac32...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
70 B
540 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 15 Dec 2022 03:01:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame E277
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
c80248407eff6cf595ce43a76c04e23f
content-length
42

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
289
content-type
text/html
date
Thu, 15 Dec 2022 03:01:02 GMT
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=&expires=30
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
sync
ups.analytics.yahoo.com/ups/55953/ Frame 8186
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-ewWXwVJE2uJZjwkSRkGOf8DMbf7mKJY-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
date
Thu, 15 Dec 2022 03:01:02 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
267
content-type
text/html
date
Thu, 15 Dec 2022 03:01:02 GMT
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=06d040af-ef1d-4487-a8d6-dac3227f162d&_origin=0&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
google
match.adsrvr.org/track/cmf/ Frame 0E3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MDZkMDQwYWYtZWYxZC00NDg3LWE4ZDYtZGFjMzIyN2YxNjJk&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac32...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
70 B
540 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 15 Dec 2022 03:01:02 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=06d040af-ef1d-4487-a8d6-dac3227f162d&google_gid=CAESENbBMQ_7O3AEMpKejSpgNFg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A2F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuofuzQSh3LCSwP_JHbuln6pcXuWlDuxFJlUoV8jutzEJboD5Muq44B4csZceIhfI6HU7D_tvwmmLIZqSUNGCpjU2r_ag66oRA2Ffg_ymV7rc_dG7mxR0tpf10aJqcU9bsm4nRPZAX1j8RErlc2_C3cOW0XhQOHkFZzzb1MjCQtVAFyaAMJoaaT5TxsZn4ph7KK5ucKXIvbIQuhVOjt7lwF0UKDhtavu_BrWF_8-C4rlqWT0vHRDbgyCWDDLAeXfPLDg5PjaMK8Ank1Mq8pNX113MVZ_7g6YlQt7naXK4aSY4FO5SevEtPzIrlDsS5hGuS_&sai=AMfl-YR5oaLE566PXha7xQdyoTsnKT2BOm3SqQwfWRfqWjJw5T1jTBt6_7alJvMadeuvIhZPofn0vhkrgm5WU5ptCrDDKuHBMw-lFT88LriYNQ-08yvFmYZq6UEGN-NPcROw&sig=Cg0ArKJSzNL-iPcz06UVEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 03:01:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 7E6E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBOHVELL-26-6UKJ
  • https://s.amazon-adsystem.com/ecm3?id=LBOHVELL-26-6UKJ&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBOHVELL-26-6UKJ&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FJBKTJS6C6QM3EQC49S2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBOHVELL-26-6UKJ&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
368ba1c92c09ff88b641150fbbf94341
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2A12
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&gdpr=0&gdpr_consent=
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 03:01:02 GMT
Expires
Thu, 15 Dec 2022 03:01:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 224 5671b77 master hkg-pixel-x24 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 482B 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA496590C-CD53-4C00-A22E-F491C8E08283
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 03:01:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XVS5E5H9D64ERQ27VETY
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5F30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pJZZDM1TTACiLvSRyOCCgw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=73036
accept-ranges
bytes
content-length
5549
expires
Thu, 15 Dec 2022 23:18:18 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 5F30
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A496590C-CD53-4C00-A22E-F491C8E08283
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ce55df98-9f90-48b7-96af-3926790a1b1f%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=06d040af-ef1d-4487-a8d6-dac3227f162d&ttd_puid=ce55df98-9f90-48b7-96af-3926790a1b1f%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=06d040af-ef1d-4487-a8d6-dac3227f162d&ttd_puid=ce55df98-9f90-48b7-96af-3926790a1b1f%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=06d040af-ef1d-4487-a8d6-dac3227f162d&ttd_puid=ce55df98-9f90-48b7-96af-3926790a1b1f%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
qmap
sync.crwdcntrl.net/ Frame 5F30
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=&ct=y
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
54.255.22.33 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-22-33.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.26.124
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.24.17
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 5F30
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A496590C-CD53-4C00-A22E-F491C8E08283&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A496590C-CD53-4C00-A22E-F491C8E08283&sInitiator=external&gdpr=0&gdpr_consent=
42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A496590C-CD53-4C00-A22E-F491C8E08283&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:21 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:21 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A496590C-CD53-4C00-A22E-F491C8E08283&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5F30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQ5NjU5MEMtQ0Q1My00QzAwLUEyMkUtRjQ5MUM4RTA4Mjgz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5F30
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECbw5OtAGvxiAXwy2serrqA&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECbw5OtAGvxiAXwy2serrqA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECbw5OtAGvxiAXwy2serrqA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5F30
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41EF5E6989944D009502CE21C4DC34FA
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41EF5E6989944D009502CE21C4DC34FA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:41EF5E6989944D009502CE21C4DC34FA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 03:01:02 GMT
A496590C-CD53-4C00-A22E-F491C8E08283
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5F30 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A496590C-CD53-4C00-A22E-F491C8E08283?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.190.36 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-190-36.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5F30
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=06d040af-ef1d-4487-a8d6-dac3227f162d&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
crum
dsum-sec.casalemedia.com/ Frame 4A2F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd7b639a-8dee-4700-a333-49986a6c0328
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd7b639a-8dee-4700-a333-49986a6c0328
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
MT3 224 5671b77 master hkg-pixel-x19 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd7b639a-8dee-4700-a333-49986a6c0328
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 03:01:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 4A2F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7619285204745209379
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7619285204745209379
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7619285204745209379
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4A2F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
175.41.190.36 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-190-36.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4A2F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC5Ek7HNRwAACDnJGjgYQ&expiration=1672282863
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC5Ek7HNRwAACDnJGjgYQ&expiration=1672282863
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAC5Ek7HNRwAACDnJGjgYQ&expiration=1672282863
Date
Thu, 15 Dec 2022 03:01:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 4A2F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YSihaeO71P5Euy5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YSihaeO71P5Euy5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0f40721276a047f1b@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=YSihaeO71P5Euy5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4A2F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RY52BFGF17H73J692SYH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4A2F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
pixel
cm.g.doubleclick.net/ Frame 7E6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSFZFTEwtMjYtNlVLSg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSFZFTEwtMjYtNlVLSg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJPSFZFTEwtMjYtNlVLSg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7E6E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tXwVwYd1QNmRvKVb9i_63A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tXwVwYd1QNmRvKVb9i_63A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tXwVwYd1QNmRvKVb9i_63A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YNTZ6S3JQNECJFZDDF6W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tXwVwYd1QNmRvKVb9i_63A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7E6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/WrUJGYABB8-4nhjyPb4llcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.ayM2TlE2oLsQrtlajTUhKrhh8MyDrlTAAfIgQ--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.ayM2TlE2oLsQrtlajTUhKrhh8MyDrlTAAfIgQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.ayM2TlE2oLsQrtlajTUhKrhh8MyDrlTAAfIgQ--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7E6E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4CSJN8G50FZSM7J1FP9K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7E6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTI2YzgwNDc3YWUzMjA2NjY3MjYwMDc4OWVmOWEzZmU4OGFhZjhjMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTI2YzgwNDc3YWUzMjA2NjY3MjYwMDc4OWVmOWEzZmU4OGFhZjhjMg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTI2YzgwNDc3YWUzMjA2NjY3MjYwMDc4OWVmOWEzZmU4OGFhZjhjMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 7E6E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOHVELL-26-6UKJ
0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOHVELL-26-6UKJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D5AFEEA7F90647358C5D7F02E3E8228F Ref B: SYD03EDGE1405 Ref C: 2022-12-15T03:01:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv1RA9ygvxc76fb7BmfA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBOHVELL-26-6UKJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 7E6E 		70 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 7E6E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFjDXbScIUd4OvHsldfSCNA&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFjDXbScIUd4OvHsldfSCNA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFjDXbScIUd4OvHsldfSCNA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame 61E7 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1671073261612&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2365110200&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 61E7 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1671073261612&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2365110200&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame 4599 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1671073261741&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1125278733&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame 4599 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1671073261741&cv=11&fst=1671073200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1125278733&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4A2F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8CCE11E1A55541BEB1AA4A0541ED7B45
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8CCE11E1A55541BEB1AA4A0541ED7B45
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=8CCE11E1A55541BEB1AA4A0541ED7B45
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 03:01:02 GMT
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 4A2F 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y5qN7H1z69dcFREniGNvYQAA%264689
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-154-76.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1a-i-033046125b7a18915
usync.js
eus.rubiconproject.com/ Frame 1172 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-148-136.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
945854dc2fb684a415fb8d43f0f2fe7e3acb138a1edc09c8e9e9f0c5765f3e11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 03:01:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 20:53:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64366
Connection
keep-alive
Content-Length
10066
Expires
Thu, 15 Dec 2022 20:53:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FECA 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
47101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 13:56:01 GMT
etag
48472445140208031
expires
Thu, 15 Dec 2022 13:56:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F361 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab3011905d9755d8966cf12646b5bdb2b941b6747110dc9b738faf94329f9aec

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 1922 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
AN-X-Request-Uuid
42d6f636-fa45-4e18-b054-a057552d3aa4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A046 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65a50ab089393ca286dea6c4d5f33e6def207c05ca21735d5b28b45de524a3c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
779beeb1ca68a8ad-SYD
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 03:01:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZHClrem%2BKI6rvYp6Y%2Frv7qgKWYTpQzVwB6%2BW2uMMGruSMVHhDcG2d83pIMv4JB5qEGCljmskLRlVi1Y0O%2BVLHd%2B3Bwh3zNTkr7YDPZYDfBtpb9cwHAJeuQODqsBtbZeP7d3sGI8WcJ8Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.19.8.374.js
static.adsafeprotected.com/ Frame 05A6 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1776038364&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
647377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
3KhLCq5g8uXzJ6KAaQOa63rTS5bWWt4GM8XJ_alVpVaOGhXtIechbQ==
main.19.8.374.js
static.adsafeprotected.com/ Frame DAA0 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x600|1&pubId=36557831&chanId=171638111&placementId=6111071037&pubCreative=138405043710&pubOrder=3082546051&cb=400376169&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
647377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
xTnEosz112UoznaLkip3-uY27s3kX82K7kKGl1DRjjtxne3XWaX2Vw==
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame A3C3 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
9ff79f831706ee98020c617518d4dea792976313b1ce1ab3d07d12f4639bcece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45910
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:53:33 GMT
main.19.8.374.js
static.adsafeprotected.com/ Frame 41D6 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=406959658&custom=homepage&custom3=168400391&adsafe_par&impId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
647377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TOLEkOYQiFxzO43A1kn_RIe2ZyReiuVM08i-8YPAHqj2PaWQFrCQpg==
rum
dsum-sec.casalemedia.com/ Frame A046
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qN7AAECsv8OAAo
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qN7AAECsv8OAAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10178-SYD
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671073263.724829,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5qN7AAECsv8OAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame A046
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3vYHtNChW7PF9wbnifITtt33W-PF_Vvt0PC8P997
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3vYHtNChW7PF9wbnifITtt33W-PF_Vvt0PC8P997
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=3vYHtNChW7PF9wbnifITtt33W-PF_Vvt0PC8P997
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame A046 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.254.84 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-254-84.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:03 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame A046
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=xOXMLYEKT9pqQr-VUqFuDq310UA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=xOXMLYEKT9pqQr-VUqFuDq310UA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=xOXMLYEKT9pqQr-VUqFuDq310UA
Date
Thu, 15 Dec 2022 03:01:02 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum.casalemedia.com/ Frame A046
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpc%2B%2FxdF0EYXgB%2BgVfZ%2BgmicJZ4M7iU%2BKC4Z1ayVUP8dOr5L0%2BtNKeftDHcoN80eaPIx9JzsMExXoEYXbrL3KLTXhV7E12b%2B%2FHxCRpqEnkz5fGTRC%2BMvcQ8U2ztxWf7vL%2BsLfo4y"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
779beeb72ba8ab07-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
via
1.1 google
server
nginx/1.23.3
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4113de3c-83ec-9a4d-e7e9d46c
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum-sec.casalemedia.com/ Frame A046
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D
date
Thu, 15 Dec 2022 03:01:03 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A046
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=WmO89iNeLWpT_COGNRec&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2V3NJ44DS...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WmO89iNeLWpT_COGNRec
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WmO89iNeLWpT_COGNRec
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=WmO89iNeLWpT_COGNRec
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Y5qN7H1z69dcFREniGNvYQAAElEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A046 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5qN7H1z69dcFREniGNvYQAAElEAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.190.36 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-190-36.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame A046 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5qN7H1z69dcFREniGNvYQAA%264689
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
16091
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
779beeb559dfa829-SYD
content-length
43
expires
Fri, 16 Dec 2022 03:01:02 GMT
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJA1Vl5jzekCreF6bAIDRUk&google_cver=1&google_push=AavPq0MGwu7B7DuOudc8OzNlEF6_QbnQEy71ZutAxFOo786sC_AOPf4nkPR9bUENzdY40t_HoTMZD...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0MGwu7B7DuOudc8OzNlEF6_QbnQEy71ZutAxFOo786sC_AOPf4nkPR9bUENzdY40t_HoTMZDgYRmUJKGKaPRrdyj2GDRmw2y1WpSNfDYDKR4S3tz5Pzpadspel6cg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0MGwu7B7DuOudc8OzNlEF6_QbnQEy71ZutAxFOo786sC_AOPf4nkPR9bUENzdY40t_HoTMZDgYRmUJKGKaPRrdyj2GDRmw2y1WpSNfDYDKR4S3tz5Pzpadspel6cgozpjoJx0BwOr4w
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 03:01:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 640D87301A734E31AE083449FEDC6F9C Ref B: SYD03EDGE1405 Ref C: 2022-12-15T03:01:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0MGwu7B7DuOudc8OzNlEF6_QbnQEy71ZutAxFOo786sC_AOPf4nkPR9bUENzdY40t_HoTMZDgYRmUJKGKaPRrdyj2GDRmw2y1WpSNfDYDKR4S3tz5Pzpadspel6cgozpjoJx0BwOr4w
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv1RA6cNpYIGgpeNTMkQ==
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEAJS3SzRUXXQ6eVxyVMimnI&c_param1=AavPq0O8Ab7P7MZAgt_FRb-113Mcvon18nSNiL3mpBGOWPi0gBKnpmWjej699tRBn0QZdYeK2TzjWC5cQG9AiZLtCDyjTKoT1iMlwvBaohKgEJ-RCp8...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0O8Ab7P7MZAgt_FRb-113Mcvon18nSNiL3mpBGOWPi0gBKnpmWjej699tRBn0QZdYeK2TzjWC5cQG9AiZLtCDyjTKoT1iMlwvBaohKgEJ-RCp8Wbby_5eIXxyHnXnGUa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0O8Ab7P7MZAgt_FRb-113Mcvon18nSNiL3mpBGOWPi0gBKnpmWjej699tRBn0QZdYeK2TzjWC5cQG9AiZLtCDyjTKoT1iMlwvBaohKgEJ-RCp8Wbby_5eIXxyHnXnGUar5QOUZQBy78
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0O8Ab7P7MZAgt_FRb-113Mcvon18nSNiL3mpBGOWPi0gBKnpmWjej699tRBn0QZdYeK2TzjWC5cQG9AiZLtCDyjTKoT1iMlwvBaohKgEJ-RCp8Wbby_5eIXxyHnXnGUar5QOUZQBy78
date
Thu, 15 Dec 2022 03:01:03 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESECxjbGdUXSZFeAQlkccj-Hk&google_cver=1&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cM...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESECxjbGdUXSZFeAQlkccj-Hk&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cM...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cMD6EbA2DPCX_WuIOcQEJ0_YZlt8TFGLXZ2UORnhjiOnzyPo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cMD6EbA2DPCX_WuIOcQEJ0_YZlt8TFGLXZ2UORnhjiOnzyPoMV5FQnutvxEWg&google_hm=eUtqUzIzeEROQU9TRGl1UUtraEI=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AavPq0OGD3O2LUKXPMSb_5BAyecqdZmiDIIgCvwFW-uqS6hEmN3lLQGz5i2yYzlAVF6NwOGytIzbazzKhm3cMD6EbA2DPCX_WuIOcQEJ0_YZlt8TFGLXZ2UORnhjiOnzyPoMV5FQnutvxEWg&google_hm=eUtqUzIzeEROQU9TRGl1UUtraEI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
280
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_hm=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&google_nid=index&google_push=AavPq0N8oCRylviHPDzyuoPqbcVY_ITO-KBtd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_hm=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&google_nid=index&google_push=AavPq0N8oCRylviHPDzyuoPqbcVY_ITO-KBtdyn2kkKyqCTcEJMcFvXGte9pX1A3CDxXh9_d4v7rzqwYQvI8_6GMxRo_1wQDs_gZg0Bg_PdUhZgh1E8H9IORBTS7_tmakd9k_9ZRh15jNLaY
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff6fMDVmY0IY0AO3olUd1k1iFVF3NVL%2FF4dZHsLSxUDX7PeI8IVGbA%2BVxc1Eoaktf4bDaCVAK5Iofq24V%2FrbDGvnbB1kCtop3rXDESMx7nrKNv%2FhLncxj8ytquzVj%2BDsSqVuKY%2BNDvW2nA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN-XN52CtLHEkfr0MbNjfsw&google_hm=Y5qN7H1z69dcFREniGNvYQAAElEAAAAB&google_nid=index&google_push=AavPq0N8oCRylviHPDzyuoPqbcVY_ITO-KBtdyn2kkKyqCTcEJMcFvXGte9pX1A3CDxXh9_d4v7rzqwYQvI8_6GMxRo_1wQDs_gZg0Bg_PdUhZgh1E8H9IORBTS7_tmakd9k_9ZRh15jNLaY
cache-control
no-cache
cf-ray
779beeb48cd6a8ad-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHmqbVt8NMRTHgMC0qyxppI&google_cver=1&google_push=AavPq0PVqdLKK6JKDXg51l0_vBIkHqBfVctsMzvo0mNVoUEdc9CDkf9uVq-vvT3IU47WQN5Ajy1mKH...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0PVqdLKK6JKDXg51l0_vBIkHqBfVctsMzvo0mNVoUEdc9CDkf9uVq-vvT3IU47WQN5Ajy1mKHRP9E65yXD15JqSkdflsoxpQLTGYraaVgjUJvlLeWAhg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0PVqdLKK6JKDXg51l0_vBIkHqBfVctsMzvo0mNVoUEdc9CDkf9uVq-vvT3IU47WQN5Ajy1mKHRP9E65yXD15JqSkdflsoxpQLTGYraaVgjUJvlLeWAhgo53rBehujMBcm8jiOYzCu4&google_hm=NDEyNzI5MTA1MTYwNzQ2MzAyOA%3D%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0PVqdLKK6JKDXg51l0_vBIkHqBfVctsMzvo0mNVoUEdc9CDkf9uVq-vvT3IU47WQN5Ajy1mKHRP9E65yXD15JqSkdflsoxpQLTGYraaVgjUJvlLeWAhgo53rBehujMBcm8jiOYzCu4&google_hm=NDEyNzI5MTA1MTYwNzQ2MzAyOA%3D%3D
date
Thu, 15 Dec 2022 03:01:01 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEB9vlzw7iQ4Iib0sE55ivL8&google_cver=1&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtA...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmf...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-7d79Il012wVbuqRdURKH0Q8Y60YQJtdFY5ViM1UEyQ&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnE...
  • https://cm.g.doubleclick.net/pixel?google_hm=V_VtfZhk6ErOv_0stEbO&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=V_VtfZhk6ErOv_0stEbO&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-eAyL2zPPQSmYBSPziKskHTIUVIw&google_nid=inmobi_new_eb
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=V_VtfZhk6ErOv_0stEbO&google_push=AavPq0OXjdtKUbLxnvQDqNpc-Q726vKxZGM0suCRCm3CAgmfPeN0_yq_lnYVRCnYIKTBUaE4dtGUx-SAn587pupL_vnEwxNbE5ErpAtAkkIAZnhSDthtet-eAyL2zPPQSmYBSPziKskHTIUVIw&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame FECA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESECSDbKCBxf3mMuFsOAN7S7g&google_cver=1&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQm...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESECSDbKCBxf3mMuFsOAN7S7g&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQm...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQmcK2IrOMxwQo_jXe971D3nofNbeZnEfXLNZAHIRRAZRY21hJ7tj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQmcK2IrOMxwQo_jXe971D3nofNbeZnEfXLNZAHIRRAZRY21hJ7tjVx-Eq9xkXrlLWNc-Oxw&google_hm=VGFxb0szSGp5U0YzSnlLdGFiUGM=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:04 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AavPq0PyBkBmeBQ0CvFoPV4W2Gcqc625DGLmEz97Ux-GkdJPMALoy0CK9UbwtYlHrpmDecw_rMQQmcK2IrOMxwQo_jXe971D3nofNbeZnEfXLNZAHIRRAZRY21hJ7tjVx-Eq9xkXrlLWNc-Oxw&google_hm=VGFxb0szSGp5U0YzSnlLdGFiUGM=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
286
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FECA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KghhWPzxVp14EbKzIt4gE2QylSdONiojw--mwEJTg1QYyW9q_TTVOD-51huqCPEUFgeAKW_fQ
Requested by
Host: 2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
URL: https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame A2F5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthpVQklMmK12IUsnbSA18iKxj6LBzSDAdG8U1PiMCxPAEOim5sWzWIBJRGhTnpjfXlwTpjs2hgAE2A39rklRy6WU-FrGv997C9havrqtq30kqGUJf5&sig=Cg0ArKJSzNBZcKkv4QgpEAE&id=lidar2&mcvt=1000&p=462,1123,1062,1423&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1263259910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671073260888&rpt=1132&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame A3C3 		1 KB
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
9a16ace082ee5d4603c6b28a3aac56154bf72ff307fbc72269270c3f3acea61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
719
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:53:33 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame A3C3 		587 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-4679319117326023215&bl=boq_subscribewithgoogleclientserver_20221213.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=10864&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f139.1e100.net
Software
ESF /
Resource Hash
3aedaf0d1044baaed124b9416b069b1ce98085f69560ac216ac46f4aace75a80
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame A3C3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
2b6a59cd150d86a347f70844bc75b8caa0fba4d62156efce7e94df8d8e41fc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:53:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F361 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsj6B-kd-7jwVlvUgANVxW48gbEsL0mrOiroez4VPCKvkfh-B40ZS4f2Uc1vz-wUJDtslyc8EIfN8-RBL3uicjCqo&sig=Cg0ArKJSzHhf3ffbkTumEAE&cid=CAASFeRocfrRlLvaHYouuL_fSUdE4eqwCw&id=lidar2&mcvt=1000&p=28,436,118,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1798527053&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671073260830&rpt=1420&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame A3C3 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:03 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A3C3 		131 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:03 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A3C3 		131 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:03 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A3C3 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:03 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 1922 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 03:01:03 GMT
AN-X-Request-Uuid
a6ae2bef-eeb1-431f-a0c6-2c870610b486
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7DD8 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
7298687
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
iprt0J2a6cq_tj1vQLl4lkjblGP-hSSsDWJwhZhxf2-1c5abVExajQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1776038364&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:cb7e0b91-8b37-3c43-d1a9-9dff56b17032,c:wPyuib,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-ddxtj,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.10308.300.250,am:i,cc:1124.10308.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:967,mot:0,app:0,maw:0,fm:tq3b6Oh+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1m*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:994,oid:b54b4833-7c24-11ed-87e4-f60932d05173,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cb7e0b91-8b37-3c43-d1a9-9dff56b17032&tv=%7Bc:wPyuiM,pingTime:-2,time:1031,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:809,beZ:810,mfA:1776,cmA:1777,inA:1778,inZ:1783,prA:1783,prZ:1795,si:1803,poA:1804,poZ:1821,cmZ:1821,mfZ:1821,loA:1828,loZ:1832,ltA:1839,ltZ:1839,mdA:810,mdZ:1753%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:994%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1031,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:993,wc:0.0.1600.1200,ac:1124.10308.300.250,am:i,cc:1124.10308.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Oh+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1m*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:995,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2,newscorpau_ads-19,group_3_col-22%5D,sinceFw:35,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cb7e0b91-8b37-3c43-d1a9-9dff56b17032&tv=%7Bc:wPyuji,time:1063,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1063,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:993,wc:0.0.1600.1200,ac:1124.10308.300.250,am:i,cc:1124.10308.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B92~0%5D,as:%5B92~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Oh+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1m*.10507%7C1m1%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1m*,rmeas:1,rend:1,renddet:IMG.qs,siq:995%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame A3C3 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
eb5f4383f425774d9d1870b942fce87d7cb799dc5116385ad8b1bf2098cb6a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4053
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:53:33 GMT
log
play.google.com/ Frame A3C3 		131 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 03:01:03 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 03:01:03 GMT
ca
choices.trustarc.com/ Frame F361 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-e8744893-8b4a-4d9a-a216-4b62ffdb1038&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
250363ea7d7298daa9eaa2395bb8096cdd0b2b68ef707cb71b3318d603257151
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
SIN2-P2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2414
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
GFUH9t3bKyeyWbZGf1JwH2uOiAD9YyvG1qnh97iNiSP6zry7gpQPlQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame F361 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
SIN2-P2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
pgBdM-1QB-KRp_WxEWE-X5RGesQKkrSz0XGsZ9RPZ3uXZNVN_TMRTQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame F361 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&w=728&h=90&c=c12d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
x-amz-cf-id
Kb3glYUjhddbEq1uNfRiApudESD0nFkfj-_-Rpnr-iIdERzJPHh2Ww==
expires
Mon, 26 Jul 1997 05:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame E4A8 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
7298687
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2MGq8wf-uQ48vmkgRaikfhuEjFGHJAfWFJRvdOVXuSYOzOUFKBuuJA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x600|1&pubId=36557831&chanId=171638111&placementId=6111071037&pubCreative=138405043710&pubOrder=3082546051&cb=400376169&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:8e87967b-4e9b-29d2-1c33-c29bd186c47e,c:wPyun7,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-5xwv5,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1283,mot:0,app:0,maw:0,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1297,oid:b54b48a7-7c24-11ed-be17-7ad1eb2fefe4,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyunq,pingTime:0,time:1316,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1316,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B32~100%5D,as:%5B32~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyunB,pingTime:-2,time:1327,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:768,beZ:769,mfA:2051,cmA:2052,inA:2052,inZ:2053,prA:2053,prZ:2061,si:2065,poA:2066,poZ:2076,cmZ:2076,mfZ:2076,loA:2087,loZ:2089,ltA:2095,ltZ:2095,mdA:769,mdZ:2046%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1327,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B43~100%5D,as:%5B43~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:29,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame A3C3 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
598e6fdbdcea0672e5b866da5737a51487f88b7f360c901cf48cbed1c3f6caee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32850
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44105
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 23:55:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 17:53:33 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyuod,time:1365,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1365,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~100%5D,as:%5B81~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame E250 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.243.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-243-37.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 fd9162e6f81538cdbf24b7df628b2bc6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
7298688
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Cns6TmHZ2RjJ6J20s2S9xTlUwr0owudUmhUfbnrr6bEBE8lzxsAfIQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=406959658&custom=homepage&custom3=168400391&adsafe_par&impId=&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:bf3c6213-f850-912d-b436-4d39e599b982,c:wPyuph,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-nmp7m,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.4028.728.90,am:i,cc:436.4028.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1231,mot:0,app:0,maw:0,fm:tq3b6Ro+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1241,oid:b54b48e5-7c24-11ed-97de-fa63520ebcc0,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.86.170 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-86-170.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:03 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bf3c6213-f850-912d-b436-4d39e599b982&tv=%7Bc:wPyupG,pingTime:-2,time:1266,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:825,beZ:826,mfA:2056,cmA:2056,inA:2056,inZ:2057,prA:2057,prZ:2062,si:2066,poA:2066,poZ:2077,cmZ:2077,mfZ:2077,loA:2081,loZ:2083,ltA:2090,ltZ:2090,mdA:827,mdZ:2044%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1241%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1266,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1241,wc:0.0.1600.1200,ac:436.4028.728.90,am:i,cc:436.4028.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Ro+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1n*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:1241,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bf3c6213-f850-912d-b436-4d39e599b982&tv=%7Bc:wPyuqp,time:1311,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1311,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1241,wc:0.0.1600.1200,ac:436.4028.728.90,am:i,cc:436.4028.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tq3b6Ro+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1n*,rmeas:1,rend:1,renddet:IMG.qs,siq:1241%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cb7e0b91-8b37-3c43-d1a9-9dff56b17032&tv=%7Bc:wPyuuB,pingTime:-10,time:1764,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671073264128%7C%7C50a81f5c3f55b81ca6e7fbcd0d12ff4d%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7Cce922e62328aae1783b2943e0b4d0f62%7C%7C919a58353dfa3416f56b1786fd06d92c%7C%7Cd725f27ef4e0dde5dd1725d7360e87a3%7C%7C499a73bac2eb9439a5a10aecec75dbcf%7C%7Cd96cd97dafef1737adc96f1fbebe2f17%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 5F30 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
get
choices.trustarc.com/ Frame F361 		0
0
get
choices.trustarc.com/ Frame 889F 		287 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=lzo38pp_lbbeyk5_z9un93v3&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Thu, 01 Dec 2022 13:19:25 GMT
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
age
1172499
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
287
x-amz-cf-id
p1J9732oKjZSGZmXrWUwoZXmXx1J1xRjoX0jMexbq63UNhaGHzlsRQ==
expires
Sat, 31 Dec 2022 13:19:25 GMT
get
choices.trustarc.com/ Frame 889F 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Wed, 16 Nov 2022 06:32:56 GMT
via
1.1 26d217ae6e701acdff710e730b58288a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
age
2492888
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
ubmkioNFsOAS-j5T0qmBdY948Mrh4nH4IO6oEsxyXvyZKX8FNAHttw==
expires
Fri, 16 Dec 2022 06:32:56 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bf3c6213-f850-912d-b436-4d39e599b982&tv=%7Bc:wPyuCX,pingTime:-10,time:2089,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671073264128%7C%7C50a81f5c3f55b81ca6e7fbcd0d12ff4d%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7Cce922e62328aae1783b2943e0b4d0f62%7C%7C919a58353dfa3416f56b1786fd06d92c%7C%7Cd725f27ef4e0dde5dd1725d7360e87a3%7C%7C499a73bac2eb9439a5a10aecec75dbcf%7C%7Cd96cd97dafef1737adc96f1fbebe2f17%7C%7C1663701684,sca:%7Bspg:cb7e0b91-8b37-3c43-d1a9-9dff56b17032%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyuCZ,pingTime:-10,time:2281,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671073264128%7C%7C50a81f5c3f55b81ca6e7fbcd0d12ff4d%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7Cce922e62328aae1783b2943e0b4d0f62%7C%7C919a58353dfa3416f56b1786fd06d92c%7C%7Cd725f27ef4e0dde5dd1725d7360e87a3%7C%7C499a73bac2eb9439a5a10aecec75dbcf%7C%7Cd96cd97dafef1737adc96f1fbebe2f17%7C%7C1663701684,sca:%7Bspg:cb7e0b91-8b37-3c43-d1a9-9dff56b17032%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyuDz,pingTime:1,time:2317,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2317,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:777,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,sis:1515%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyuDA,pingTime:1,time:2318,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2318,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:777,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,sis:1515%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyuDA,pingTime:1,time:2318,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2318,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:777,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,sis:1515,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyuDB,pingTime:1,time:2319,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2319,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1035~100%5D,as:%5B1035~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:777,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,sis:1515,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:04 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generic1667795052595.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		488 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1667795052595.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
jCGTQi4_RFbdnA8OewUtWZX0YOSF.4hd
content-encoding
gzip
via
1.1 varnish
date
Thu, 15 Dec 2022 03:01:05 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ1RF8RBE8ZAY78
x-cache
HIT
content-length
87773
x-amz-id-2
+bdNMokYQM7Z5lM99eQR8hNT6ycg17weoWj1Z0nSQfq3CnP+x/2zLqG/PGgU9+rGtl9gXIdGPNs=
x-served-by
cache-syd10126-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671073265.023059,VS0,VE0
etag
"dc42a6bc14439dd64332b6ca8f523136"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
212481
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
c6843b13e0f1cc1652b939175ee1361526d788a6156e8318c63df529cf17107f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11207
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 9536 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:04 GMT
server
Kestrel
server-processing-duration-in-ticks
1393062
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
debug
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/2/debug?tim=03%3A01%3A05.054&type=info&msg=FPO%20completed%20running&llvl=2&id=6678&cv=20221213-28-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
422358
ecb30c434e336ed2f6c630566c28f69b
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ecb30c434e336ed2f6c630566c28f69b?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bf64ad094e8e22f7ab25e14f742f77c820ce94e92df25f66b9d3536be324d5f0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:05 GMT
last-modified
Thu, 15 Dec 2022 01:59:41 GMT
server
Akamai Image Manager
etag
87c8e7197dd384a06f12e9abc57a484d-ecb30c434e336ed2f6c630566c28f69b-320
edge-cache-tag
ecb30c434e336ed2f6c630566c28f69b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5180338
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
7809
expires
Mon, 13 Feb 2023 02:00:03 GMT
b1c53ab10a873ab949446ba89ea00172
content.api.news/v3/images/bin/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b1c53ab10a873ab949446ba89ea00172?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5cfc7ff45e6c0030f629b9e0efb2d9f8a624b34b59da4b0534396ba8f4f21f39

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:05 GMT
last-modified
Thu, 15 Dec 2022 02:20:42 GMT
server
Akamai Image Manager
etag
17c216d9001a1b874c3b779e2c68e8e7-b1c53ab10a873ab949446ba89ea00172-320
edge-cache-tag
b1c53ab10a873ab949446ba89ea00172
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181675
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
19117
expires
Mon, 13 Feb 2023 02:22:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 03:01:06 GMT
df3c64d2cd220b246e2cac9e0ad52f90
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/df3c64d2cd220b246e2cac9e0ad52f90?width=320
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.195.152.111 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ced8f40659bf37ca569e6a55eb74fb618846d08867cc7589a45d6b24ce6ad25a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:05 GMT
x-check-cacheable
YES
edge-cache-tag
df3c64d2cd220b246e2cac9e0ad52f90
content-length
10522
last-modified
Wed, 14 Dec 2022 09:21:59 GMT
server
Akamai Image Manager
x-serial
1244
etag
be19b1f54dba690fea232cc9edc860c6-df3c64d2cd220b246e2cac9e0ad52f90-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5120389
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sun, 12 Feb 2023 09:20:54 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTggU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIkhlcmFsZCBTdW4gfCBCcmVha2luZyBOZXdzIGFuZCBIZWFkbGluZXMgZnJvbSBNZWxib3VybmUgYW5kIFZpY3RvcmlhIHwgSGVyYWxkIFN1biIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NzEwNzMyNjUyNTEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NTEzYmE3NjU5YWE0LTA1ZDY3NzU1YjU0ZTBhLTFiM2IzYTc1LTFkNGMwMC0xODUxM2JhNzY1YWZmMCIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC1zeWQxIiwiYWNjb3VudElkIjogMTMyMjIyLCJ1cmwiOiAiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJ3ZWJzaXRlSWQiOiAxMzIyMjQsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogImQ5YTctYjI5OC0wMWQ1LTVlMWYtY2IzZi0yNDcyLTgwMDYtNzBjYiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjcxMDczMjY1MjQ4Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDM2MDIsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ4LjAiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ4LjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NzEwNzMyNjUyNTEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-fd7j
date
Thu, 15 Dec 2022 03:01:05 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
PugMaster
image6.pubmatic.com/AdServer/ Frame D853 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87779933&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a403620043529a7f395320f905846926da8879341ed0dcd1e09ff017c13ebd2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 03:01:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
json
gum.criteo.com/sid/ Frame 9536 		471 B
580 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=www.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
14e0a301e9ee44359383847cf2d2197393e9cc1a655c9b76cf1b52de9cbf66e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1203187
expires
0
match
c1.adform.net/serving/cookie/ Frame 192C 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=A496590C-CD53-4C00-A22E-F491C8E08283&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 15 Dec 2022 03:01:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3047
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo&gdpr=0&gdpr_consent=
1 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 03:01:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5qN7AAECsv8OAAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10178-SYD
x-timer
S1671073266.727217,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame A0D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5711704266829546018&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5711704266829546018&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
6e462ffd-e509-4307-91c7-7f3aecf7c6fd
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 03:01:05 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5711704266829546018&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6A9E
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wne0vf75i
1 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wne0vf75i
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Thu, 15 Dec 2022 03:01:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6wne0vf75i
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 8B45
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV
42 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 15 Dec 2022 03:01:05 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 6C76
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:05 GMT
expires
Thu, 15 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1635004
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame A390
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xOXMLYEKT9pqQr-VUqFuDq310UA
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xOXMLYEKT9pqQr-VUqFuDq310UA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 03:01:05 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xOXMLYEKT9pqQr-VUqFuDq310UA
SPug
image4.pubmatic.com/AdServer/ Frame D853
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd7b639a-8dee-4700-a333-49986a6c0328
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd7b639a-8dee-4700-a333-49986a6c0328
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Dec 2022 03:01:05 GMT
Server
MT3 224 5671b77 master hkg-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=bd7b639a-8dee-4700-a333-49986a6c0328
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 03:01:04 GMT
458249.gif
idsync.rlcdn.com/ Frame D853
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=A496590C-CD53-4C00-A22E-F491C8E08283
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEE0OTY1OTBDLUNENTMtNEMwMC1BMjJFLUY0OTFDOEUwODI4MxAAGg0I8pvqnAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpGgwI85vqnAYSBAgCEABCAEoA
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpGgwI85vqnAYSBAgCEABCAEoA&google_gid=CAESEItN6RyEmiKGumY7kcyHO4Q&google_cver=1
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=87cb4abc-42ec-4ce7-9cc2-ac9eb684d226
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=87cb4abc-42ec-4ce7-9cc2-ac9eb684d226
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=87cb4abc-42ec-4ce7-9cc2-ac9eb684d226
date
Thu, 15 Dec 2022 03:01:09 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame D853
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A496590C-CD53-4C00-A22E-F491C8E08283&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VM4WapNE2uUoxvYNe8LWulo2MsS2f_M-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VM4WapNE2uUoxvYNe8LWulo2MsS2f_M-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VM4WapNE2uUoxvYNe8LWulo2MsS2f_M-~A&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 03:01:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D853
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1ce506f-10f5-448d-af7c-5e4d7689d6a5&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e79e48f1-54d6-48b8-a24d-32d8511a94e8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e79e48f1-54d6-48b8-a24d-32d8511a94e8&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e79e48f1-54d6-48b8-a24d-32d8511a94e8&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 03:01:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D853
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=198305352654688975
42 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=198305352654688975
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=198305352654688975
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D853
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7619285204745209379&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7619285204745209379&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 03:01:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7619285204745209379&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 270D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
422968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 05:31:38 GMT
expires
Sun, 10 Dec 2023 05:31:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F600 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f103.1e100.net
Software
GSE /
Resource Hash
e4351197c20bfca3cd6341b8300bffc9405f09c6e0daaea93b59f49610830e01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xmTQKqAVj5GyDgRw4u4QGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-xmTQKqAVj5GyDgRw4u4QGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 03:01:06 GMT
expires
Thu, 15 Dec 2022 03:01:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame F600 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=4048661842352804&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 270D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 14:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 11 Dec 2023 14:16:18 GMT
generate_204
tpc.googlesyndication.com/ Frame 270D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5gl1Mg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=4048661842352804&bg=!CgmlCU3NAAYgquz3AKo7ACkAdvg8WjxNgbLocIGAoUH9g62PoUFdnC7F0IHMLiTi734BXSU6c1aTMwIAAABeUgAAAAJoAQcKAG3xl77M8vvlHIwgJwNU9dUyMRiLmIvKNhFBriw96Eaw1LNu5CG1FMzlIbNhkWWGiNSm-N0h1sSeL95dqOVVMftghrNXZn6vYrso-K-89wFwfICST0bldvX7UKrmxfBbam24cEByVw1pyvRosPvAmQLhVSB_ZvVeLP9tcJfzKDhgNCcfW62GLoPwzmptv_fFjDWi_82rReM437Pc5xje0exM00OIe7sbj_T1TS97BhrdgFoZHZnrY8lAkbrGCkF7gTPycFFc-rMWfkCEt6jwxxi5ZlQR_I1ovZAd0b1co8cgHcm2GPnqEEaBrj6EnF2XpC1SmoJVpMC0zumu83XFxUsbPn1aQj0mcbZGWWPTNqkkq_j4zh-YWSkjj_EzoCOpPau4uFiqq9-QevKMhstmHil3b7eU8xeBaDxiJ-i4Kjed-eedJgRuxsLEfYvaZApsAzFVZHl6ZoPrbDlM_o03NN5ZEfNaBCSsC1TEVnQMySBcd-EQfrHeDmhBvIH83t-oPTlY_LVZ72ayfebYQ_FTPbwOBixUhkPG0PA83lu_VHsXV0qAmwlPjPPrdMaM8oJ-Ok4O_tZmLRRPiBGx14EGjSYwITmV8AJ_4P-GCzPunPU16H3oFDUF--FpgdviYmGKpWLByg6HIOEPKd7QAwtfgf4tlnFYLDEczqvUHAjFQeF7_DOn-KvDqpuBgV58INFs51OiJAv1rDebY28q2ndEkgpjB43fNerOnAmW9Kqk_ihFxYgXoQP7t4b5CfEz7qNOLhS_e7DF_9xnsHjX2A-ueFy97n8wDWMS-_tYCFUJvwCsVlxW0ERpwREADLBFvbNFSMRCSIGEJH78zlMi0s8SoxCpwSyHCr3sVhL5V6nSttQC-aMN65hpwPwH0ElDNRjd1BHzLwUglgliWDC9gWyMxRb_HFKqZDpkhmkr3Rp8migkQfy0ohnSMGo3R99BOb_lGZt5Sd-BoZlGDhrDnG9HPkBiwz4jX1a-wEm004bRYXFtJej29xE5B_OIwi1wbZL2uulWR3zax8lGuKfclTrvrczmSih6m5u4iGTtHQHVzQ4tLSpNfzECo01Z1PrqPej7dArOJl4K5E0BlJTqjLmXzW852EDkIw3Rkdxf8sHd1Ii44ek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame D853 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 03:01:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyvG6,pingTime:5,time:6318,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6318,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5034~100%5D,as:%5B5034~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:286,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,sis:1515%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:08 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=8e87967b-4e9b-29d2-1c33-c29bd186c47e&tv=%7Bc:wPyvG6,pingTime:5,time:6318,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:600,t:1297%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6318,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1297,wc:0.0.1600.1200,ac:1123.462.300.600,am:i,cc:1123.462.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5034~100%5D,as:%5B5034~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:286,fm:tq3b6Ok+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C18%7C1911%7C1912%7C1913%7C1a%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f1%7C1g1%7C1h%7C1i%7C1j%7C1k1%7C1l*.10507%7C1l1%7C1m1%7C1m2%7C1n.10507%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1s,idMap:1l*,rmeas:1,rend:1,renddet:IMG.qs,siq:1298,sis:1515%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.28.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-28-243.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 03:01:08 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=CtTHbJB_hW0a8AMWI&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11915&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=7435&t=Du2p1VDlaFvLwlCdrU4D0TB3V24u&V=139&tz=0&_acct=anon&sn=2&sv=uojhOD4mOG2DTXRWsBBlQCNDkyyS6&sd=1&im=062b0732&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.97.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-97-242.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 03:01:11 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/6e39d52e
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/tUl-ebg4aorK3/xmiFn1M/SJEre60/maEbcLXN9S5D/YhJzb2w0Ag/bFEwZn/c-UQ8C
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22206360c05b12cff%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%22211ca55e49c8256%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%222223b042b8ebc69%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%222338bbe60f5dcaf%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=bbd8e719-9fab-43d5-8969-8e6214f8b8a6&pv=a700f5bf-1e1c-47d8-a64e-1f38b059eec5&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
choices.trustarc.com
URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png

Verdicts & Comments Add Verdict or Comment

344 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| oncontentvisibilityautostatechange object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl undefined| $ function| jQuery function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| COMSCORE function| udm_ object| ns_p function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| placementData string| nam object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer object| lazySizes object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| 4dm1r11545242527 object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| app object| auth object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| indieApps object| vidora_ns object| KAMPYLE_EMBED function| setImmediate function| clearImmediate object| ID5 function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts number| interval object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore object| brandmetrics function| __assign object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| __spreadArrays object| _brandmetrics object| npt object| atsenvelopemodule object| ats function| pbjsChunk object| _pbjsGlobals object| apsUnits object| nca_ipsos object| dm object| ggeac boolean| apstagLOADED boolean| isAlloyConfigured function| omrhp function| GeaLoader object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready object| Criteo string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global object| diagPixSentCodes object| __iasAdRefreshConfig boolean| DotMetricsInitScript object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| DotMetricsSettings object| DotmetricsJSON object| CryptoJS object| DotMetricsObj undefined| oneTagObj function| ebDecode object| bsResponseObj object| UrlCache object| SUBSCRIPTIONS object| SWG object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| categoryData object| __IntegralASExec object| tbopt object| GoogleGcLKhOms object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| google_image_requests

215 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_fe2de144b73be13360c87a8333f420bd_3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366_1671073254_1671073254_CIi3jgYQgPNHGO2X6Z3RMCABKAEwEDiu_QZA8IUQSOaS1wNQlZoCWABgAGiQ8oHT17O4ql1wAQ
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 363ddfc9c6147d6559d33e5c37c8d4a9
.heraldsun.com.au/ Name: nk
Value: 363ddfc9c6147d6559d33e5c37c8d4a9
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1671073251
cdn.taboola.com/ Name: abLdr
Value: 9
www.heraldsun.com.au/ Name: lux_uid
Value: 167107325382061596
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.taboola.com/ Name: t_gid
Value: 3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
.scorecardresearch.com/ Name: UID
Value: 1CB1d3383f1088b6389eb801671073254
.heraldsun.com.au/ Name: utag_main
Value: v_id:018513ba511a004b1f8833c5859c03073001d06b00b08$_sn:1$_se:1$_ss:1$_st:1671075055707$ses_id:1671073255707%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.5547155643653467
www.heraldsun.com.au/ Name: AWSALB
Value: GLOg5v8dnOcy8ewngxmIDabqi9X62infYfes9RxeiIXzH24N8kJNIRRLr/GcrQKAbdkgUBU1lwv6MDZOPrw9FYua0C/e5PEnDJcGPC5tGAH8mSZUGw3fuMWURYzc
.heraldsun.com.au/ Name: ak_bmsc
Value: 5AD1E92BEB1F11C633331450ADF87B71~000000000000000000000000000000~YAAQbkZYaOVHo/eEAQAAglG6ExIPMYJCnUXL0hMteMAtn3v2qKw6PrhcpDpM2jpwL7yMO+Gn19xzmNE2i1HryRQI8ZnkL8Fk26kg1JNRgCP9z9tkp/RDBOQ/SmI8hAHKnOMIPtcKGqEie04TsxmKK89Y+h0LvFEgqLfbDsbtBD6cn9k3aQ+MViULC/FnQiyiXhV+bpI9vfO/6ssqkXBeV724AkLeVH1i0rBju6Wfbm6BTVfOu0+Qln1G6Y9IgUei/RM2TJsQtDS+uAWouMmHcfMo/9lsRnCAZnxI9eZhYtUhR0kL1j2EGp9sR8Yh0tc02q/3TbyQHGzLErjDdo/kojFhIl/234Pc0IZZyQlJl1+FmeeL7DX8v/YidFdBaDZqeAoqvWkJedDMf3Zc1SwEZ9JV1vEN1cfj2OUEJQoL2HEqzyDTgpfZbKBefEFmJ3X0DHldcnSoc7WDPaKV7YGglq7WM4aSbPGg8IwW0LgOP3Xbg8cUGzOH2fhqy5KEFyXSOg==
www.heraldsun.com.au/ Name: AWSALBCORS
Value: GLOg5v8dnOcy8ewngxmIDabqi9X62infYfes9RxeiIXzH24N8kJNIRRLr/GcrQKAbdkgUBU1lwv6MDZOPrw9FYua0C/e5PEnDJcGPC5tGAH8mSZUGw3fuMWURYzc
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Ab1b83620-7c24-11ed-88ef-25d35737055f.FuEa%2BXx3O0Q7PY8nuvWAq4pqst7nJI2pjSwiyqw6gos
.heraldsun.com.au/ Name: bm_sv
Value: EDA4B7D844D217B7F7EA1AD2BE175B5A~YAAQbkZYaPFHo/eEAQAAiFO6ExIJsOCUJ/BdV3L+UhdVuDYOoLbCW6VjGzSBN5133tOA/xhsUz39YEOAnS1LeE/468zfEeyl2gSdHXalMtnD4dOUZ+2cLpDu7fupzjca/I2udNTma/HT0KTpT2gTs62N0ZKo+VmH3BFEAyd7fo/RYtqgWiIU8sJtC8ftwpewb6fXqK6AEUw0skblaaUmEZqomhpySVFQjkQh7zh4bYfcFPjbUVqcC7Xlg7am/MxW6iKoPeIS~1
.heraldsun.com.au/ Name: _cb
Value: CtTHbJB_hW0a8AMWI
.heraldsun.com.au/ Name: _chartbeat2
Value: .1671073256545.1671073256545.1.uojhOD4mOG2DTXRWsBBlQCNDkyyS6.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncid
Value: cda018fcac01b5223cb6233771d63e9f
.heraldsun.com.au/ Name: _awl
Value: 3.1671073257.5-a468f98d743c9f543e72580866a47335-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1671073257344.1989198692
www.heraldsun.com.au/ Name: vidoraUserId
Value: vjcqjkf7gchel9nb9trrt6374imvtn
.postrelease.com/ Name: visitor
Value: aa121617-beab-4fd6-a346-5c3ca336ca85
.postrelease.com/ Name: status
Value: 0
.demdex.net/ Name: demdex
Value: 85793023098690139623774678943660983358
.heraldsun.com.au/ Name: nol_fpid
Value: lu3hu9ndx1ai3v70oslzoaqodxnjf1671073257|1671073257718|1671073257718|1671073257718
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: b54a7576-cf75-4d67-a0d5-5005f85399aa.1671073257.1.1671073258.1671073257.dd6dcf3f-0a2c-47aa-9f34-38ae91d963fc
.doubleclick.net/ Name: IDE
Value: AHWqTUn45PAKb-QVAgErzgYVKEyqEJTkqAqMzTxM6gNtsJms-IW37PAdXrSJhAv7L68
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: 06d040af-ef1d-4487-a8d6-dac3227f162d
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.socdm.com/ Name: SOC
Value: Y5qN6cCo8YMAANMN8xIAAAAA
.adscale.de/ Name: uu
Value: 5c60fa8eeff74cddb93e5ee87fcf2c18
.contextweb.com/ Name: V
Value: pa1fftrSyeAK
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hsm|5Ql.0.3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a284545c77cceb0f
.lijit.com/ Name: ljt_reader
Value: F0WUDQZH4LSLerkiQHCA8Ydn
.adscale.de/ Name: cct
Value: 1671073258313
.newscgp.com/ Name: sp
Value: 2f6e590b-1a51-4b6b-a679-d5bc5fe634a9
.imrworldwide.com/ Name: IMRID
Value: b32d7100-7c24-11ed-b015-3b97c2bb7b91
.lijit.com/ Name: _ljtrtb_42
Value: 3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
ads.playground.xyz/ Name: connect.sid
Value: s%3AMo_wnH_3sq1L6wGJO_YgNjh9M7LHqhBj.g%2BG4%2FkrldOSid60YGDBxr54cCeXPS7wWYvF7COdQdk8
.rubiconproject.com/ Name: khaos
Value: LBOHVELL-26-6UKJ
.criteo.com/ Name: uid
Value: 8f1e82ef-a93a-4848-a87c-41c36584f10e
.openx.net/ Name: i
Value: 9ae38585-aca1-489e-9b95-0a864fa8e3ed|1671073258
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C85768951851445849123777068475930645796
mfad.inskinad.com/ Name: azk
Value: ue1-c50095485bcd44228d272ab6e0c28710
mfad.inskinad.com/ Name: azk-ss
Value: true
.heraldsun.com.au/ Name: s_nr30
Value: 1671073259118-New
.heraldsun.com.au/ Name: s_tslv
Value: 1671073259119
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200%2C1%2C9
.smartadserver.com/ Name: pid
Value: 4127291051607463028
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366
.heraldsun.com.au/ Name: s_cc
Value: true
.3lift.com/ Name: tluid
Value: 1219906539149256175224
.adnxs.com/ Name: uuid2
Value: 5711704266829546018
.bidswitch.net/ Name: c
Value: 1671073259
.bidswitch.net/ Name: tuuid_lu
Value: 1671073259
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 85793023098690139623774678943660983358
.omnitagjs.com/ Name: ayl_visitor
Value: dbd36181b4f1c31da3469076b08cc150
.dpm.demdex.net/ Name: dpm
Value: 85793023098690139623774678943660983358
.mfadsrvr.com/ Name: tuuid
Value: 099f349a-99ea-4dbb-a7d7-98a64f46340c
.mfadsrvr.com/ Name: c
Value: 1671073259
.turn.com/ Name: uid
Value: 7619285204745209379
.bidswitch.net/ Name: tuuid
Value: e79e48f1-54d6-48b8-a24d-32d8511a94e8
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c4e5cc2d-810a-4fda-6a42-bf9552a16e0e.uRX4VZ4Ol4X5gSG8c4Gic6OUOIze43XsyI4Zt3vKiXU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AxOXMLYEKT9pqQr-VUqFuDq310UA.6n6bD4pTGrQqzFW3F%2FFLWunk5NvRMsCz7XJIHwDBjf0
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=54f7d957-296e-43a5-9e00-3e6ad86c23e4&Created=12/15/2022 03:01:00&UserMode=0&guid=9aff6d60-d22a-4daa-8045-6f49e913e38d&ver=1
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671073260
.mfadsrvr.com/ Name: ssh
Value: !taboola,1671073260
.casalemedia.com/ Name: CMID
Value: Y5qN7H1z69dcFREniGNvYQAA
.casalemedia.com/ Name: CMPS
Value: 4689
.casalemedia.com/ Name: CMPRO
Value: 4689
.mookie1.com/ Name: id
Value: 10521675378516247703
.mookie1.com/ Name: mdata
Value: 1|10521675378516247703|1671073260244
.mookie1.com/ Name: ov
Value: 219b18a4ee3ff7ee0853c883734531dc
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY4NTc2ODk1MTg1MTQ0NTg0OTEyMzc3NzA2ODQ3NTkzMDY0NTc5NlIOCODF6Z3RMBgBKgNPUjLwAeDF6Z3RMA==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
.amazon-adsystem.com/ Name: ad-id
Value: A00JZPgEEE2TjMplmZfsDoI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adx.opera.com/ Name: UID
Value: OPU1981ed94ab4b4b429fd9555800cacc7d
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuCEX0_004c3mCEX0_
.serving-sys.com/ Name: G4
Value: 0009fM00Jp_
.serving-sys.com/ Name: OT2
Value: 0001DC1rKb
.serving-sys.com/ Name: u2
Value: dfdd2eca-70e0-4275-be2b-def25e32dbc54Kd050
.eyeota.net/ Name: mako_uid
Value: 18513ba643b-16f000000108451f
.eyeota.net/ Name: SERVERID
Value: 17695~DM
.scanscout.com/ Name: uid
Value: CI-049e3f9d0574ade467c934697d114e19
.scanscout.com/ Name: UIAA
Value: 85793023098690139623774678943660983358
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1671073260556"
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5qN7AAECsv8OAAo
.tapad.com/ Name: TapAd_TS
Value: 1671073260691
.tapad.com/ Name: TapAd_DID
Value: ce55df98-9f90-48b7-96af-3926790a1b1f
.heraldsun.com.au/ Name: __gads
Value: ID=165913e126c18296:T=1671073260:S=ALNI_MYMfNb0mZgSe7VCZ5cFqnetgisULw
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b90e8cce709:T=1671073260:RT=1671073260:S=ALNI_MaKlTPb504LI78_mcDRnKal5rwSWQ
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19342%7CMCMID%7C85768951851445849123777068475930645796%7CMCAAMLH-1671678059%7C9%7CMCAAMB-1671678059%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C245577602%7CMCOPTOUT-1671080459s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19349%7CvVersion%7C5.1.1
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: E4VDdt7GnXMzDvhxwkzm/qyBN7yMTAQpztD6tZLtbczqGpoFO0VVZLduIYYSPalCCumVWpq335CwkFmc/C+BJN5ROMF6aGbws1DmQCYixrya4UQUlycJNRAhrhCS
.csync.loopme.me/ Name: viewer_token
Value: 1db0bc7d-7dc8-46d1-bf6d-3c7e2f2be6eb
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5qN7AAECsv8OAAo&KRTB&22978-Y5qN7AAECsv8OAAo&KRTB&23194-Y5qN7AAECsv8OAAo&KRTB&23209-Y5qN7AAECsv8OAAo
.bluekai.com/ Name: bku
Value: pSL99m0BZZmJxH1R
.demdex.net/ Name: dextp
Value: 358-1-1671073259075|470-1-1671073259176|481-1-1671073259277|771-1-1671073259379|903-1-1671073259480|19566-1-1671073259581|23728-1-1671073259682|30432-1-1671073259783|30064-1-1671073259884|66757-1-1671073260035|134096-1-1671073260137|144230-1-1671073260238|144231-1-1671073260339|144232-1-1671073260440|144233-1-1671073260541|144234-1-1671073260717|144235-1-1671073260848|144236-1-1671073260962|144237-1-1671073261069|147592-1-1671073261172|461447-1-1671073261274
.mookie1.com/ Name: syncdata_TAP
Value: 1
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.2050561063.1671073262
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.krxd.net/ Name: _kuid_
Value: PQikVokj
.spotxchange.com/ Name: audience
Value: b5214078-7c24-11ed-b900-1a1db0130307
.yahoo.com/ Name: A3
Value: d=AQABBO2NmmMCEANniP48mSEVZEL72R4rv0UFEgEBAQHfm2OkYwAAAAAA_eMAAA&S=AQAAAnIfZ5biAp0bYZrI6SAieq8
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2E>3vo!c:!p4Jo#MUU_pPi_y0/m2EFo3d8rOevNTuY7-M^MtFF#xjT0Kc<2(Ed5b>w-/6$o+pm
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A496590C-CD53-4C00-A22E-F491C8E08283
.t.co/ Name: muc_ads
Value: 3ca586ab-6699-43b1-9934-110d455ba06c
.www.heraldsun.com.au/ Name: ln_or
Value: d
.twitter.com/ Name: personalization_id
Value: "v1_K5/6Mc+R2Yq8vna5uQKQpg=="
.agkn.com/ Name: ab
Value: 0001%3AoTUmOQY%2FMbffHasze24kyxZD709MsCBF
.linkedin.com/ Name: li_sugr
Value: 5ebddafa-fa7f-4722-8976-10ccbb5b4c13
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&511436a8-5724-4c68-8137-9abb54bc6846"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2859:u=1:x=1:i=1671073262:t=1671159662:v=2:sig=AQHMdNRCCPTKsfPt5vwFfefC1odBGnom"
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-06d040af-ef1d-4487-a8d6-dac3227f162d&KRTB&22918-06d040af-ef1d-4487-a8d6-dac3227f162d&KRTB&23031-06d040af-ef1d-4487-a8d6-dac3227f162d
.mookie1.com/ Name: syncdata_NEU
Value: 1
.dyntrk.com/ Name: dyn_u
Value: 07030002_639a8dee6158f
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECbw5OtAGvxiAXwy2serrqA&KRTB&16514-CAESECbw5OtAGvxiAXwy2serrqA&KRTB&23025-CAESECbw5OtAGvxiAXwy2serrqA&KRTB&23386-CAESECbw5OtAGvxiAXwy2serrqA
.linkedin.com/ Name: UserMatchHistory
Value: AQKk7ltTC9Ne_QAAAYUTumvO4jvnGZiJI4dBkUnF815cO5FUxN5p1OGFmjc30Z877GKQhOR99w31dw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKExqcFZEXnZAAAAYUTumvOq6F-c0EUz28dg_A84vtwg0HjrCjVoXk_dpEXJlI1F1UX9AtaxD-sBIdIkliY8A
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8379
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIxtm5hNSUrzsQBRIWCgdydWJpY29uEgsIgOWSoNSUrzsQBRIVCgZnb29nbGUSCwiC49Ce1JSvOxAFEhkKCnJpZ2h0bWVkaWESCwjmmq6i1JSvOxAFGAEgAigCMgsIgN2VzeqUrzsQBTgBWgdydWJpY29uYAI.
.simpli.fi/ Name: suid
Value: 8CCE11E1A55541BEB1AA4A0541ED7B45
.semasio.net/ Name: SEUNCY
Value: A5B998A0CF5F7BB
.mathtag.com/ Name: uuid
Value: bd7b639a-8dee-4700-a333-49986a6c0328
.w55c.net/ Name: wfivefivec
Value: YSihaeO71P5Euy5
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20221215030102eb981052-7cb2-4efe-8efd-216822855864AQHQVUhuRq_4s9RLOiw0mZVwNRh-8AM6"
.brand-display.com/ Name: _knxq_
Value: 4113de3c-83ec-9a4d-e7e9d46c.1671073262.1.1671073262.1671073262
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:41EF5E6989944D009502CE21C4DC34FA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&KRTB&16736-uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&KRTB&23019-uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb&KRTB&23208-uid:c8ba639a-8dee-4300-a2b0-8e8a3cea8bcb
.w55c.net/ Name: matchcasale
Value: 5
.quantserve.com/ Name: mc
Value: 639a8def-282a7-c52e6-8e885
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLo7146/Es/7LUyebV3a1sthxQGyyN+098fBR4CJ64Wfvy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe5ElgYJ7z+6k=
.adform.net/ Name: C
Value: 1
.adotmob.com/ Name: uid
Value: 087e220419122089b16ccbe7
.adotmob.com/ Name: uuid
Value: 087e220419122089b16ccbe7
.adotmob.com/ Name: partners
Value: IX%3A1671073263638
.adsymptotic.com/ Name: U
Value: 9d39c308f9938702fc79ba6011c60175
.adform.net/ Name: uid
Value: 198305352654688975
.uuidksinc.net/ Name: jcsuuid
Value: glyrVsZzU1HynZhyAjrE
.bidr.io/ Name: bito
Value: AAC5Ek7HNRwAACDnJGjgYQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMTS
Value: 4920
.id5-sync.com/ Name: id5
Value: e5ba5227-06ad-72f6-83b7-6a99287b7a29#1671073259184#4
.zemanta.com/ Name: zuid
Value: TaqoK3HjySF3JyKtabPc
.google.com/ Name: NID
Value: 511=sGd5ox_Q221MrP0bpX_JQXSi_1b9TSuOQAtFSLPhJUlxqkmXymADUUV6y3OC_a4yZ9d_GSEqh2tKa4FG3x820fYKkpuI5JrckKp79OY42Q6YOPYqpLsDJPM-FXVH9L-C45UCiD3nO8kH1MvxvLtNoDrtiqMuXHMo49eJUhSSmNk
.heraldsun.com.au/ Name: s_tp
Value: 11915
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: d9a7-b298-01d5-5e1f-cb3f-2472-8006-70cb
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1671073265248
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 12.641096764180414
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1672272000%3A226_197_201_245%7C1671667200%3A248_164%7C1671148800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1671667200%3A2_223%7C1672272000%3A21_3_233_220_247_8_7_22_56_13_71_54%7C1672358400%3A35%7C1671926400%3A63
.heraldsun.com.au/ Name: cto_bundle
Value: DWSIR19XRzZGJTJCJTJGTHpJSzAzNjV0RVdIZVBBMWdzJTJCVkFiYmlyVm1qY0NsUUhsOGIyRWw2U2x6UWZTVU1mYUIzWjFFMlFzbTFwRnBISFolMkZDM0MlMkJ2OCUyRlg1ajRrQ2tkZjNPdENvM05NYVNDM0tCTyUyRkpsY0ttcFJJcWdWdmNUZDJyVGRzYlpucndQU2ZaOE95SlBpV0ZhY0VuNFclMkJjNXlmcXNObkpDJTJCUVhaZlYzSmElMkZBYyUzRA
.quantserve.com/ Name: d
Value: EL0BEgHoJ_ijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~28ur:18z8~28ur"
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV&KRTB&19420-HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV&KRTB&22979-HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV&KRTB&23403-HgAB9RBXXfIFAQCmSQQV9x0BXaIFC12sEAbNB5zV
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5711704266829546018&KRTB&23339-5711704266829546018
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7619285204745209379&KRTB&23150-7619285204745209379
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-xOXMLYEKT9pqQr-VUqFuDq310UA&KRTB&23334-xOXMLYEKT9pqQr-VUqFuDq310UA&KRTB&23417-xOXMLYEKT9pqQr-VUqFuDq310UA&KRTB&23426-xOXMLYEKT9pqQr-VUqFuDq310UA
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: y6wne0vf75i
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-198305352654688975&KRTB&23263-198305352654688975
.dotomi.com/ Name: DotomiTest
Value: 34f1278d7c7c226f
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-y6wne0vf75i
.rlcdn.com/ Name: rlas3
Value: WIFtUt0rEYixzK1VpGeHwWULxZpsa+zxmR8IZMzu0QM=
.rlcdn.com/ Name: pxrc
Value: CPKb6pwGEgUI6AcQABIFCOhHEAA=
.sportradarserving.com/ Name: zuuid
Value: c1ce506f-10f5-448d-af7c-5e4d7689d6a5
.sportradarserving.com/ Name: c
Value: 1671073266
.id5-sync.com/ Name: 3pi
Value: 464#1671073259571#-1900258867#3cad7223-4e22-4cc2-8864-d54da5503432-tucta941366|112#1671073264690#-783572854#A5B998A0CF5F7BB|2#1671073260242#-714163194#5711704266829546018|3#1671073265326#-1419920004#bd7b639a-8dee-4700-a333-49986a6c0328|822#1671073266953#-1409646054|264#1671073261981#155959656#06d040af-ef1d-4487-a8d6-dac3227f162d|10#1671073264044#-2024832690#198305352654688975|108#1671073261392#-1629115399
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.pippio.com/ Name: did
Value: X_9WcISmyYFQmfKL
.pippio.com/ Name: didts
Value: 1671073267
.pippio.com/ Name: nnls
Value:
.sportradarserving.com/ Name: zuuid_lu
Value: 1671073267
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1671073267
.pubmatic.com/ Name: SPugT
Value: 1671073267
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e79e48f1-54d6-48b8-a24d-32d8511a94e8
.pubmatic.com/ Name: PugT
Value: 1671073268
.pippio.com/ Name: pxrc
Value: CPSb6pwGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 87cb4abc-42ec-4ce7-9cc2-ac9eb684d226
.linksynergy.com/ Name: icts
Value: 2022-12-15T03:01:09Z

9 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=639063969447.6428?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22206360c05b12cff%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%22211ca55e49c8256%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%222223b042b8ebc69%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%222338bbe60f5dcaf%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=bbd8e719-9fab-43d5-8969-8e6214f8b8a6&pv=a700f5bf-1e1c-47d8-a64e-1f38b059eec5&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%22206360c05b12cff%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%22211ca55e49c8256%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%222223b042b8ebc69%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%222338bbe60f5dcaf%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=bbd8e719-9fab-43d5-8969-8e6214f8b8a6&pv=a700f5bf-1e1c-47d8-a64e-1f38b059eec5&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2052a3c2a287746bf4789dccee6cdc7a.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
a.sportradarserving.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.adsrvr.org
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
choices.trustarc.com
choices.truste.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
content.api.news
csync.loopme.me
d.adroll.com
d.turn.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
inmobi-match.dotomi.com
insight.adsrvr.org
jadserve.postrelease.com
jp1-bid.adsrvr.org
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
mympeeh9knwdnfucj98dyqgozqs8o1671073257.nuid.imrworldwide.com
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
odr.mookie1.com
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.uuidksinc.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.inmobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
choices.trustarc.com
login.newscorpaustralia.com
syd-1-apex.go.sonobi.com
103.229.10.192
103.229.206.241
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.71.26.126
104.16.89.20
104.18.101.194
104.18.33.19
104.18.36.94
104.22.52.86
104.244.42.197
104.244.42.67
104.254.148.252
104.254.151.69
104.26.6.155
104.69.108.119
107.178.244.193
107.178.254.65
108.139.243.37
119.9.108.191
124.146.215.45
13.107.42.14
13.229.254.84
13.248.144.210
13.251.75.90
13.33.30.231
13.33.33.75
13.33.33.87
13.33.35.226
13.33.79.24
13.33.88.129
13.33.88.25
13.33.88.28
13.33.88.94
13.35.8.32
13.35.8.87
139.5.84.243
141.226.229.48
141.226.230.50
141.95.33.111
142.250.4.103
142.251.10.132
142.251.12.113
142.251.12.148
142.251.12.154
142.251.12.157
142.251.12.94
142.251.12.97
146.75.112.157
151.101.1.175
151.101.1.44
151.101.129.44
151.101.130.49
151.101.66.217
157.240.235.1
157.240.235.35
162.19.138.116
162.19.138.82
172.217.194.139
172.217.194.149
172.217.194.157
172.217.194.94
172.64.133.15
172.64.151.162
172.64.154.237
175.41.181.206
175.41.190.36
18.138.175.196
18.138.18.111
18.138.91.242
18.140.27.177
18.155.68.45
18.155.68.96
18.155.68.99
18.158.185.48
18.193.28.75
18.213.217.104
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.28.235.202
185.183.112.148
185.84.60.20
199.127.207.180
199.36.158.100
20.127.253.7
209.191.163.209
23.106.127.165
23.106.69.72
23.15.148.136
23.195.152.111
23.195.152.191
23.23.131.203
23.52.112.182
23.54.56.153
23.72.44.183
23.72.44.196
23.72.44.233
23.73.13.201
3.114.23.93
3.33.220.150
3.94.97.242
31.220.27.155
34.102.253.54
34.111.151.213
34.120.155.137
34.160.169.226
34.196.251.50
34.225.154.76
34.98.64.218
34.98.67.3
35.190.60.146
35.213.12.39
35.213.93.179
35.214.223.115
35.227.202.26
35.230.38.116
35.241.45.82
35.71.178.8
35.77.191.155
42.99.140.139
43.206.26.247
50.116.239.135
50.31.142.255
52.20.240.11
52.24.114.105
52.28.196.126
52.42.28.243
52.46.143.56
52.64.107.36
52.74.162.2
52.84.228.218
52.89.238.92
52.95.128.46
54.186.19.92
54.192.150.76
54.192.150.93
54.192.150.97
54.200.252.46
54.251.86.170
54.255.22.33
54.67.90.31
63.140.36.137
63.140.36.179
67.220.228.200
69.173.158.64
69.173.158.65
74.118.186.45
74.125.200.156
74.125.24.132
74.125.24.156
74.125.24.157
74.125.68.157
74.214.196.131
8.43.72.97
82.145.213.8
89.207.22.105
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
00963888aa539b10793484d1b020aac609a909c06f08441b3cb0b3cc37e9635f
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
03fa6cd8afa5c5b3803fa1a0089cc38d99cb9568bfc8add3574d2bdcdd4018d5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0a00d8aecffe58a7c59595fbfa02ac4d0fbf351f9fcf1226f67ed56df4a9ed7b
0b36d7e6e1286e31bb02c1335349aecbd65630d4f2be3faa0be3bcc5a40b24a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c471babdb0403ea05134aa44b7af12ec103a13859350d0c6303d25ba2e88146
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f4eabc49d62cfc8b79f5ce1f18d38111a8eff9d4c47088d72103ddb7d05354d
1370cce3362a561640e5d69a2137a8a0f715d065df37a3242b495bc4c65b1248
14e0a301e9ee44359383847cf2d2197393e9cc1a655c9b76cf1b52de9cbf66e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e343140fba50863f9a58310f2917a6a081b047af98a6f38a319b9e7987dd286
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
220ccbc92d831144d597ce94457489fbb9a189558bc3616ca208579a4e9a3b71
22fbe69e61c44a64abaaa249db9c79247f3047b2c1e2a09722a0366a4525c704
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5
24fd896fc9cbab8ea1b3c741a2841033eb5116c539b661a0db6f40e03818fa2e
250363ea7d7298daa9eaa2395bb8096cdd0b2b68ef707cb71b3318d603257151
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b0167aea4f17da4822d2101cfa8d059e6c9ec2f5a7876461242274fb0f9201
291a3d79990d83388695cb991d16245105d67f77d4b1c82cba26c2f156583a3a
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b6a59cd150d86a347f70844bc75b8caa0fba4d62156efce7e94df8d8e41fc9f
2bd454b16687895517d2ba8834ecbf1028d92551bedebf558686e55ed2ae44ce
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2d31fed240fb43b97c4a9f140b46ec34e371401a473a1be7395cc3855f5a63db
2da9d0d3371ada92fe5f99ad6f4fc8e6ee39b61b8a9baf48381e0f7369d7116b
2e29f9b139b8d969decbd30d8d27b2ca29053a0d2bf60f9be5731e215fef26c4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302a3ee15481d46de80e54cc0346e438fab8948f0f062f37bc03f9a544694c17
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32dfad57619831131f44ff707eb8a3226cbda24378ddcc92ac8c65e5254fffd4
330f4dc8291722c6a96299c489650bc03b5bda788c7694c256d8d6c71ce77010
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
3687399516733927a932d97f42b3f7a5b124e1d21c7cf7cff2a110e8174ad30d
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
375fa7d646eb52c53c4973a0ba502e5edc41e5a455c57232dc290b36ae1436e4
392df454db433937cbd9eab9124a901bbdfa8309483d629420f4f177237a3bef
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3aedaf0d1044baaed124b9416b069b1ce98085f69560ac216ac46f4aace75a80
3b1566fba3c2306241c6a5c539183c7335e9f17ec87f8ba307d606bbb6debef2
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0ae9560cf3289080bf319fbd7b99b49605f667b32e10e8fe9ecb15037f5899
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea88a5558a347613994d2481d2a4df03083290c6b887d93c63092842e327db6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
4245c9317bdd03c399c7d209333549e525906f02f649a11cbd5707ef2782af03
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a574944ece0952bd03fbe37af17c37b49ccdf68669c02299f9f4c230a10c02c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baf1f8d152b97458890b22fef3b1a965a8fbd9f2207d4b8c51fc6e1e5d401d3
4d3ad473c42805ec9684c6724af832f7ee7f7853426d713ff0455d2da85050a2
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4dee19d7dd0581c179a55c4accb3012dd4bee4ea86acd9948a1487f76e40bf66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5258b77094e2764ed3cbaccfa9a241723c11ed8f813f857eb176e5f9a19bce
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5041bd1dae9efd30f005cb6dd2680d9c0c18532e6ed77585acb3fdbfada59a96
519ac4297b17ccb8bc3eebfb72b76ef53943475060b0ce1a68d4eb87613d2f21
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56718fe205f03227dac3660f162430c0de1cd5d110910bff2150c1c9c977a7a2
598e6fdbdcea0672e5b866da5737a51487f88b7f360c901cf48cbed1c3f6caee
5cfc7ff45e6c0030f629b9e0efb2d9f8a624b34b59da4b0534396ba8f4f21f39
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e13900a4131825880d5b813a5272db429008a3d48fb157644c40b513d885c57
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
68ba68fdbe01e94c9f187960f9aecd379d993e725f2a3f04f9e0c36cee41ce30
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6e906a5435a480c2208bb5fecf5327f7eb6bf2b77e7c5747e574ef342ecef03d
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec
707d2c0e6f2ebf60d6f8555335382ee4b51f7577298d08a7f7b357e0efa33adc
70d17624752332e852a6966da108581028de05b7ec26152a826bb05695e1c878
72532022f72dd8c12eb9b6610fa5a60ad69675063f263db277550018a3f8a4ba
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bc5ef548dbde54ff0472e34814e5a79a711865437493388d8d01e7eb7f7220e
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c79e7e23f841f8fed4f0862fad76a6e693d54a0031698682f0a4b05015c9b54
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80504624e0123fbef466ad7ac5dc90ff1f848c2145ad560e84c5f6173bf7351b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
87f56eaa1be39b83f4e5f298cc4ab28b458fa854f97dbf6f86272be76b0b2350
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8b346f5da4ac6be488bb5c02a6742c845cdb51ad17c64669f376af02cfae0250
8b50b8a520efc94544080fd1b6220cb13c91fba7cd02aa3bec590d44da790638
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2dbcb90f97195ae24e90b40c237a833bf9213c541f336f66734ee4e8dfee41
8ee22a19fcce4512e3f6c7f81d0b75e97a0ad242425927e196551c7d5f153804
9086c8f0eb6ae0e5a20cecf2be8ea388db1a8288876bc905bb4a0225e19b8f30
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92bcfaa5bde1cc517fa43d676bd5e0b5e9dae44719acfe0e8c75de94faa84cd9
945854dc2fb684a415fb8d43f0f2fe7e3acb138a1edc09c8e9e9f0c5765f3e11
96caf4e29785bd2287d1a553a0e8b1f131c8c83a847a1ea5739c4e2c952a0053
9774cd54f71c4c5e369f3e4e03b959814185dfbac68ac8f24299983c3c98f984
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a16ace082ee5d4603c6b28a3aac56154bf72ff307fbc72269270c3f3acea61a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f
9c8342f58c5a2dc77c06a4cb296820909119f13bfeac6efc5d1ecd922b9c261a
9c9b0b930c43b48a96609458d91bdf49cafa1952c2ae4b64d1be7d5f3124cae2
9d1b4b2018c2aee08943cfcbcca74bff34740a95164127cdc17bdae811d4363d
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42
9fb15f952f84d8c3e8b21dfecff971c0b24ca8a7ba281c1d325cf0028dc663fb
9ff79f831706ee98020c617518d4dea792976313b1ce1ab3d07d12f4639bcece
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15e335621556b69f7878b439a6e154567172e9321ca4f9f0ebad8c7d602a8a6
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a403620043529a7f395320f905846926da8879341ed0dcd1e09ff017c13ebd2f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a65a50ab089393ca286dea6c4d5f33e6def207c05ca21735d5b28b45de524a3c
a6609bc44e6d8036713a7e77ae5fe4d5a915cd50343aa50e496fe9eba3663127
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab3011905d9755d8966cf12646b5bdb2b941b6747110dc9b738faf94329f9aec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af6067791a0c9e768a8986d97b01489ba14b3e8be519474381225f4b5c642d19
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
b890e2fe66bddbfcf0aad772997478817d1ee529a7d79bc58d296a33a68970fa
bb0c14cd339c6a54d0a34d590e897937afc38109202bca355cb1ffd06b2701b0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb77be46b4359e4b331fe51146a8a6169a5752acd7517ca8e496e9308f4968a6
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
bc727e9522d980b6d047a6555aa711399b89c8980a2175c1226169b0337c95df
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf64ad094e8e22f7ab25e14f742f77c820ce94e92df25f66b9d3536be324d5f0
bfb126c9294d121adcf8a2d092e434f724673f6bd3787368808c23ffc0247b45
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c283b4a2f4fdce45f2f81726236368f16f2293b96cb359b4eb16a67add422eb5
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c6843b13e0f1cc1652b939175ee1361526d788a6156e8318c63df529cf17107f
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c98c20916f12f74e43f885162eb285c213a978a45c76769a2517e4b8c6d4b1ae
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
ced8f40659bf37ca569e6a55eb74fb618846d08867cc7589a45d6b24ce6ad25a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf8afe3a3b0417b7b55c00f55ff021f31ec8f1021d1462b21a806b73fb1c14cc
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da75b108ff1ca812d896c648f2aef586fbd65374274dec7890fb9fc411bb7d14
dbd3a8ebc22466c0a20ddf58489252b8ef30dad1f4d1c4e577b0b324b00db77c
dcbaf6e4c960d5d6153e5f9d597405d183caae8a3de21076979bec3a9c3b3d22
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dea5d793682ff6a99a6b9f9898a04b2aefb899340d1562ae7fb29b0804ba3f88
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1623e1451248e9a54e49b3fbc7290db5e5e620756f4c8933efeece19abc5816
e1f33bea29d3a3031701b094adb902ff0e8609f9629c6bee9d9ee45bdfe78bdc
e2d9e072a58d9d0799c0be5878c3c39d7254d228efab605b6d9db45fd05af81b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4351197c20bfca3cd6341b8300bffc9405f09c6e0daaea93b59f49610830e01
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e802c1d163b43aa863a86fac6016b42505cc093d1f22fe16c6a6d91d2c215d22
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
eb189c29ae0dac68da188b50c8b1502ca7de898304049d0d8fa606ca3ba71aad
eb2ab5b5cdfb45aad4d8911147a322e9546a12881682d80eaaa9040e77d63288
eb5f4383f425774d9d1870b942fce87d7cb799dc5116385ad8b1bf2098cb6a1e
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee416ae50b890a48c951413e701d3defb3fc89c3ca80d1b33f17a786c02e161d
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f164ec8de5881a65f775c90a18557a2ca67a4ef51f35aed61135683efe18baf1
f165a9d06f5fa4a94dde100488e8932c15f31013058fe53aecf6828378b73035
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f349add9b1c14d35ed99c20eed4e8c2a4355f93a5e82c0f65ff971702ae5e430
f534583676f2f6a56b4bd08e25ef5918757e9a923bf237f7fed8949c24aa78b8
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f782453376c8eafe4712af01d339385534774c44b0ebdb57ed5eadf96d49e859
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
fa7caa50ec2352fa28bb6d596e0eaa1b5adcaac3f3b452648bc4abbf466d78f3
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4