urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
104.83.196.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.northcoteleader.com.au/
Effective URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Submission: On December 14 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 117 IPs in 12 countries across 97 domains to perform 467 HTTP transactions. The main IP is 104.83.196.116, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 240081.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 165.69.249.4 16509 (AMAZON-02)
2 27 104.83.196.116 16625 (AKAMAI-AS)
1 11 104.83.196.200 16625 (AKAMAI-AS)
11 23.52.112.182 16625 (AKAMAI-AS)
1 151.101.194.217 54113 (FASTLY)
1 52.95.133.2 16509 (AMAZON-02)
2 142.251.10.132 15169 (GOOGLE)
2 34.160.169.226 15169 (GOOGLE)
1 199.36.158.100 54113 (FASTLY)
3 104.69.108.119 16625 (AKAMAI-AS)
4 23.52.112.234 16625 (AKAMAI-AS)
13 52.84.45.86 16509 (AMAZON-02)
2 54.192.150.76 16509 (AMAZON-02)
1 4 142.251.12.148 15169 (GOOGLE)
1 13.33.91.15 16509 (AMAZON-02)
2 157.240.7.26 32934 (FACEBOOK)
1 18.155.68.87 16509 (AMAZON-02)
2 34.194.167.128 14618 (AMAZON-AES)
2 151.101.129.175 54113 (FASTLY)
2 172.67.38.106 13335 (CLOUDFLAR...)
1 104.65.228.244 16625 (AKAMAI-AS)
10 37 74.125.24.156 15169 (GOOGLE)
3 18.164.145.23 16509 (AMAZON-02)
1 54.192.150.12 16509 (AMAZON-02)
2 172.67.69.247 13335 (CLOUDFLAR...)
2 184.87.193.137 20940 (AKAMAI-ASN1)
3 13.33.88.94 16509 (AMAZON-02)
12 172.217.194.154 15169 (GOOGLE)
2 74.125.24.155 15169 (GOOGLE)
2 52.21.179.62 14618 (AMAZON-AES)
1 15 13.229.252.154 16509 (AMAZON-02)
1 13.35.8.91 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
4 54.192.150.56 16509 (AMAZON-02)
3 141.95.33.111 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
1 9 74.125.130.102 15169 (GOOGLE)
4 69.173.158.65 26667 (RUBICONPR...)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 34.102.253.54 396982 (GOOGLE-CL...)
2 34.225.154.76 14618 (AMAZON-AES)
2 7 172.64.154.237 13335 (CLOUDFLAR...)
5 10 103.43.90.54 29990 (ASN-APPNEX)
1 182.161.73.145 55569 (CRITEO-AS...)
1 12 18.136.76.220 16509 (AMAZON-02)
1 52.76.103.125 16509 (AMAZON-02)
3 63.140.48.139 16509 (AMAZON-02)
1 1 54.169.64.129 16509 (AMAZON-02)
2 18.138.175.196 16509 (AMAZON-02)
1 54.192.150.93 16509 (AMAZON-02)
4 52.64.107.36 16509 (AMAZON-02)
1 18.155.68.80 16509 (AMAZON-02)
3 157.240.7.35 32934 (FACEBOOK)
1 13.227.254.75 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 141.95.98.64 16276 (OVH)
3 3 50.116.239.135 6336 (TURN-US-ASN)
8 12 69.173.158.64 26667 (RUBICONPR...)
1 13.33.30.231 16509 (AMAZON-02)
5 14 35.71.131.137 16509 (AMAZON-02)
1 4 104.65.228.208 16625 (AKAMAI-AS)
6 172.253.118.94 15169 (GOOGLE)
1 1 199.127.207.191 26120 (RHYTHMONE)
1 74.125.68.94 15169 (GOOGLE)
2 2 18.140.27.177 16509 (AMAZON-02)
1 1 52.54.29.118 14618 (AMAZON-AES)
1 35.164.253.230 16509 (AMAZON-02)
2 182.161.73.129 55569 (CRITEO-AS...)
1 142.251.10.157 15169 (GOOGLE)
4 74.125.24.157 15169 (GOOGLE)
2 2 23.8.97.76 16625 (AKAMAI-AS)
9 9 151.101.2.49 54113 (FASTLY)
2 9 52.46.151.131 16509 (AMAZON-02)
1 54.255.13.105 16509 (AMAZON-02)
1 18 139.5.84.243 27381 (CASALE-MEDIA)
1 2 35.244.159.8 15169 (GOOGLE)
14 103.231.98.194 62713 (AS-PUBMATIC)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
1 3.1.163.74 16509 (AMAZON-02)
15 74.125.24.132 15169 (GOOGLE)
6 172.217.194.99 15169 (GOOGLE)
1 2 52.76.209.240 16509 (AMAZON-02)
4 52.84.228.218 16509 (AMAZON-02)
3 15 172.253.118.148 15169 (GOOGLE)
2 4 103.43.90.114 29990 (ASN-APPNEX)
1 199.232.44.157 54113 (FASTLY)
2 184.87.193.76 20940 (AKAMAI-ASN1)
1 142.251.10.97 15169 (GOOGLE)
2 151.101.1.108 54113 (FASTLY)
1 74.125.68.156 15169 (GOOGLE)
1 13.250.85.161 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
1 74.118.186.45 26120 (RHYTHMONE)
1 13.33.33.75 16509 (AMAZON-02)
7 74.125.68.139 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
17 54.192.150.94 16509 (AMAZON-02)
5 13.228.32.211 16509 (AMAZON-02)
40 44.224.165.94 16509 (AMAZON-02)
2 172.217.194.94 15169 (GOOGLE)
1 3.73.8.30 16509 (AMAZON-02)
4 184.31.5.52 16625 (AKAMAI-AS)
2 52.192.218.52 16509 (AMAZON-02)
2 104.18.36.94 13335 (CLOUDFLAR...)
7 7 52.74.13.196 16509 (AMAZON-02)
2 103.231.98.196 62713 (AS-PUBMATIC)
2 13.227.254.10 16509 (AMAZON-02)
4 5 13.107.43.14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
4 4 23.106.69.73 59253 (LEASEWEB-...)
2 2 34.111.151.213 396982 (GOOGLE-CL...)
1 4 18.140.92.117 16509 (AMAZON-02)
3 3 103.229.205.242 30419 (MEDIAMATH...)
2 2 18.182.72.188 16509 (AMAZON-02)
2 2 103.229.10.247 16509 (AMAZON-02)
2 2 52.76.76.143 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
6 13.33.88.15 16509 (AMAZON-02)
2 2 34.83.125.63 396982 (GOOGLE-CL...)
1 54.254.81.3 16509 (AMAZON-02)
1 1 35.214.223.115 15169 (GOOGLE)
1 1 124.146.215.46 2514 (INFOSPHER...)
2 2 64.202.112.191 22075 (AS-OUTBRAIN)
1 104.18.33.19 13335 (CLOUDFLAR...)
2 3 107.178.244.193 15169 (GOOGLE)
1 2 52.74.158.193 16509 (AMAZON-02)
1 119.9.108.191 45187 (RACKSPACE...)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 52.95.115.196 16509 (AMAZON-02)
1 184.87.193.133 20940 (AKAMAI-ASN1)
4 103.231.98.195 62713 (AS-PUBMATIC)
2 182.161.73.136 55569 (CRITEO-AS...)
1 35.241.45.82 15169 (GOOGLE)
3 4 185.84.60.21 198622 (ADFORM)
1 1 18.138.18.111 16509 (AMAZON-02)
1 182.161.73.146 55569 (CRITEO-AS...)
1 1 34.202.12.145 14618 (AMAZON-AES)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
3 3 35.213.12.39 15169 (GOOGLE)
2 2 35.213.93.179 15169 (GOOGLE)
467 117
1    165.69.249.4 (Australia)

ASN16509 (AMAZON-02, US)
PTR: ip-165.69.249.4.news.com.au
www.northcoteleader.com.au
27    104.83.196.116 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-116.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
mhr.talk.news.com.au
content.api.news
11    104.83.196.200 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-200.deploy.static.akamaitechnologies.com
tags.news.com.au
11    23.52.112.182 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-182.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    52.95.133.2 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
2    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
cdn.ampproject.org
23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com
2    34.160.169.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
3    104.69.108.119 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-108-119.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.52.112.234 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-112-234.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
13    52.84.45.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-86.mrs52.r.cloudfront.net
static.adsafeprotected.com
2    54.192.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-76.sin2.r.cloudfront.net
assets.vidora.com
4    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
ad.doubleclick.net
1    13.33.91.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-91-15.sin2.r.cloudfront.net
static.chartbeat.com
2    157.240.7.26 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin6.fbcdn.net
connect.facebook.net
1    18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net
au.tags.newscgp.com
2    34.194.167.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-167-128.compute-1.amazonaws.com
pixel.zprk.io
2    151.101.129.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    104.65.228.244 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-244.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
37    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
www.googletagservices.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
3    18.164.145.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-145-23.ccu50.r.cloudfront.net
c.amazon-adsystem.com
1    54.192.150.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-12.sin2.r.cloudfront.net
ats-wrapper.privacymanager.io
2    172.67.69.247 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    184.87.193.137 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-137.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
3    13.33.88.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-94.sin2.r.cloudfront.net
cdn-gl.imrworldwide.com
12    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
pagead2.googlesyndication.com
2    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
googleads4.g.doubleclick.net
securepubads.g.doubleclick.net
2    52.21.179.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-179-62.compute-1.amazonaws.com
ping.chartbeat.net
15    13.229.252.154 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
dpm.demdex.net
1    13.35.8.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-91.sin5.r.cloudfront.net
cdn.adsafeprotected.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    54.192.150.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-56.sin2.r.cloudfront.net
au-script.dotmetrics.net
3    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
9    74.125.130.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f102.1e100.net
news.google.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    34.225.154.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-154-76.compute-1.amazonaws.com
mfad.inskinad.com
7    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
10    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
12    18.136.76.220 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    52.76.103.125 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-103-125.ap-southeast-1.compute.amazonaws.com
newscorpau.demdex.net
3    63.140.48.139 (United States)

ASN16509 (AMAZON-02, US)
metrics.heraldsun.com.au
edge.adobedc.net
1    54.169.64.129 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-64-129.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
2    18.138.175.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    54.192.150.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-93.sin2.r.cloudfront.net
8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636.nuid.imrworldwide.com
4    52.64.107.36 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    18.155.68.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-80.sin52.r.cloudfront.net
ncg.tags.news.com.au
3    157.240.7.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin6.facebook.com
www.facebook.com
1    13.227.254.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-75.sin52.r.cloudfront.net
rm-script.dotmetrics.net
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lbs.eu-1-id5-sync.com
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
12    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    13.33.30.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-30-231.sin2.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
4    104.65.228.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
6    172.253.118.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f94.1e100.net
www.gstatic.com
1    199.127.207.191 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
fonts.gstatic.com
2    18.140.27.177 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    52.54.29.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-29-118.compute-1.amazonaws.com
usermatch.krxd.net
1    35.164.253.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-253-230.us-west-2.compute.amazonaws.com
beacon.krxd.net
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
adservice.google.com.au
4    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
adservice.google.com
2    23.8.97.76 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-8-97-76.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
9    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.255.13.105 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-13-105.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
18    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
14    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    3.1.163.74 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-163-74.ap-southeast-1.compute.amazonaws.com
invoke.bonzai.co
15    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
6    172.217.194.99 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f99.1e100.net
www.google.com
2    52.76.209.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-209-240.ap-southeast-1.compute.amazonaws.com
fw.adsafeprotected.com
4    52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net
js.adsrvr.org
15    172.253.118.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f148.1e100.net
8228261.fls.doubleclick.net
s0.2mdn.net
4    103.43.90.114 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
secure.adnxs.com
1    199.232.44.157 (Singapore, Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    184.87.193.76 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-76.deploy.static.akamaitechnologies.com
snap.licdn.com
1    142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net
www.googletagmanager.com
2    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net
www.googleadservices.com
1    13.250.85.161 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-85-161.ap-southeast-1.compute.amazonaws.com
pixel.mediaiqdigital.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    13.33.33.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-75.sin2.r.cloudfront.net
check.analytics.rlcdn.com
7    74.125.68.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f139.1e100.net
play.google.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
17    54.192.150.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-94.sin2.r.cloudfront.net
massets.bonzai.co
5    13.228.32.211 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-32-211.ap-southeast-1.compute.amazonaws.com
collector.bonzai.co
40    44.224.165.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-165-94.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.google.com.au
1    3.73.8.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
4    184.31.5.52 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-5-52.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    52.192.218.52 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-218-52.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
7    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    13.227.254.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-10.sin52.r.cloudfront.net
cdn.linkedin.oribi.io
5    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
4    23.106.69.73 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
2    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
4    18.140.92.117 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-92-117.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    18.182.72.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-72-188.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
2    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.76.76.143 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-76-143.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
6    13.33.88.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-15.sin2.r.cloudfront.net
dcollector.bonzai.co
2    34.83.125.63 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.125.83.34.bc.googleusercontent.com
um.simpli.fi
1    54.254.81.3 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-81-3.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    124.146.215.46 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
3    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
pixel.tapad.com
2    52.74.158.193 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-158-193.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
1    119.9.108.191 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    184.87.193.133 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-133.deploy.static.akamaitechnologies.com
code.createjs.com
4    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
4    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    34.202.12.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-12-145.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
3    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.213.93.179 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com
a.sportradarserving.com
Apex Domain
Subdomains		 Transfer
68 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 544
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3344
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
fw.adsafeprotected.com — Cisco Umbrella Rank: 791
dt.adsafeprotected.com — Cisco Umbrella Rank: 535
594 KB
42 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 164
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 256843
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
235 KB
29 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 176213
massets.bonzai.co — Cisco Umbrella Rank: 180393
collector.bonzai.co — Cisco Umbrella Rank: 172094
dcollector.bonzai.co — Cisco Umbrella Rank: 176578
1 MB
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
191 KB
26 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
ssum.casalemedia.com — Cisco Umbrella Rank: 1328
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413
dsum.casalemedia.com — Cisco Umbrella Rank: 1329
21 KB
26 google.com
news.google.com — Cisco Umbrella Rank: 5941
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 16
74 KB
25 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 440
image5.pubmatic.com — Cisco Umbrella Rank: 94128
image2.pubmatic.com — Cisco Umbrella Rank: 882
ads.pubmatic.com — Cisco Umbrella Rank: 470
image6.pubmatic.com — Cisco Umbrella Rank: 680
simage2.pubmatic.com — Cisco Umbrella Rank: 657
simage4.pubmatic.com — Cisco Umbrella Rank: 1198
image4.pubmatic.com — Cisco Umbrella Rank: 805
31 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 451
token.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 321
eus.rubiconproject.com — Cisco Umbrella Rank: 547
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3120
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 973
33 KB
23 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 240081
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
447 KB
18 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
js.adsrvr.org — Cisco Umbrella Rank: 1391
insight.adsrvr.org — Cisco Umbrella Rank: 576
16 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 218
secure.adnxs.com — Cisco Umbrella Rank: 430
acdn.adnxs.com — Cisco Umbrella Rank: 579
33 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206
newscorpau.demdex.net — Cisco Umbrella Rank: 127173
20 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090
56 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 56079
mhr.talk.news.com.au
ncg.tags.news.com.au — Cisco Umbrella Rank: 144640
236 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418
4 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 117863
83 KB
10 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1046
sync-tm.everesttech.net — Cisco Umbrella Rank: 572
2 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
209 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
268 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
179 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2592
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7938
8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636.nuid.imrworldwide.com
67 KB
6 api.news
content.api.news — Cisco Umbrella Rank: 63380
147 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
www.linkedin.com — Cisco Umbrella Rank: 643
3 KB
5 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 785
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3869
idsync.rlcdn.com — Cisco Umbrella Rank: 335
1 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 50995
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6235
40 KB
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 941
id5-sync.com — Cisco Umbrella Rank: 448
36 KB
5 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 132610
au.pixel.newscgp.com — Cisco Umbrella Rank: 182320
au.audience.newscgp.com Failed
49 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 639
2 KB
4 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 998
2 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 734
gum.criteo.com — Cisco Umbrella Rank: 399
dis.criteo.com — Cisco Umbrella Rank: 700
7 KB
4 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1992
bs.serving-sys.com — Cisco Umbrella Rank: 1257
lm.serving-sys.com — Cisco Umbrella Rank: 1889
43 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 979
24 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
2 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 400
789 B
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
2 KB
3 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 78998
www.google.com.au — Cisco Umbrella Rank: 24852
1 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1154
ad.turn.com — Cisco Umbrella Rank: 743
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
271 B
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4253
udc-neb.kampyle.com — Cisco Umbrella Rank: 2327
87 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2173
967 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 696
717 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 752
855 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 810
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 718
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 644
1004 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 476
1 KB
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1541
603 B
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 491
466 B
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 887
376 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
cdn.indexww.com — Cisco Umbrella Rank: 1503
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
5 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 592
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 395
380 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 541
stags.bluekai.com — Cisco Umbrella Rank: 516
964 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 662
57 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1354
beacon.krxd.net — Cisco Umbrella Rank: 549
529 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 949
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332
695 B
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 31292
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3817
400 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1247
401 B
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3408
18 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 17566
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
112 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 17038
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 180614
3 KB
2 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 107064
28 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3997
391 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 692
613 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 24745
650 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1353
63 KB
1 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1157
220 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 917
868 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 764
272 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1464
181 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2188
419 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 557
396 B
1 t.co
t.co — Cisco Umbrella Rank: 511
378 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
99 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 693
369 B
1 mediaiqdigital.com
pixel.mediaiqdigital.com — Cisco Umbrella Rank: 11079
58 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
52 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 627
15 KB
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7117
832 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29685
698 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
2 KB
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4949
27 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 23356
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1361
24 KB
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 207577
2 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 388
2 KB
1 amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5090
7 KB
1 northcoteleader.com.au
www.northcoteleader.com.au
268 B
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
467 97
Domain Requested by
40 dt.adsafeprotected.com www.heraldsun.com.au
20 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
18 dsum-sec.casalemedia.com 1 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
17 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.heraldsun.com.au
tpc.googlesyndication.com
s0.2mdn.net
15 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
14 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
13 cm.g.doubleclick.net 10 redirects www.heraldsun.com.au
eus.rubiconproject.com
13 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
12 match.adsrvr.org 5 redirects js.adsrvr.org
ssum-sec.casalemedia.com
12 pixel.adsafeprotected.com 1 redirects cdn.adsafeprotected.com
www.heraldsun.com.au
12 pagead2.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
www.heraldsun.com.au
s0.2mdn.net
www.googletagservices.com
securepubads.g.doubleclick.net
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 ib.adnxs.com 5 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
9 simage2.pubmatic.com ads.pubmatic.com
9 s0.2mdn.net www.heraldsun.com.au
s0.2mdn.net
9 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
eus.rubiconproject.com
9 sync-tm.everesttech.net 9 redirects
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
7 ups.analytics.yahoo.com 7 redirects
7 play.google.com www.gstatic.com
7 www.googletagservices.com securepubads.g.doubleclick.net
www.heraldsun.com.au
fw.adsafeprotected.com
7 pixel.rubiconproject.com 3 redirects www.heraldsun.com.au
eus.rubiconproject.com
6 dcollector.bonzai.co www.heraldsun.com.au
6 8228261.fls.doubleclick.net 3 redirects www.heraldsun.com.au
6 www.google.com securepubads.g.doubleclick.net
www.heraldsun.com.au
tpc.googlesyndication.com
6 www.gstatic.com news.google.com
www.gstatic.com
6 content.api.news www.heraldsun.com.au
5 collector.bonzai.co www.heraldsun.com.au
5 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 token.rubiconproject.com 5 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 gu.dyntrk.com 4 redirects
4 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
4 eus.rubiconproject.com s.amazon-adsystem.com
tags.news.com.au
eus.rubiconproject.com
4 ssum-sec.casalemedia.com s.amazon-adsystem.com
tags.news.com.au
ssum-sec.casalemedia.com
js-sec.indexww.com
4 secure.adnxs.com 2 redirects secure-ds.serving-sys.com
www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 adservice.google.com securepubads.g.doubleclick.net
8228261.fls.doubleclick.net
4 au.pixel.newscgp.com au.tags.newscgp.com
4 fastlane.rubiconproject.com tags.news.com.au
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.heraldsun.com.au
www.googletagservices.com
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 x.bidswitch.net 3 redirects
3 idsync.rlcdn.com 2 redirects
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 ads.pubmatic.com s.amazon-adsystem.com
tags.news.com.au
ads.pubmatic.com
3 www.facebook.com www.heraldsun.com.au
3 id5-sync.com tags.news.com.au
cdn.id5-sync.com
3 googleads4.g.doubleclick.net ad.doubleclick.net
www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
2 a.sportradarserving.com 2 redirects
2 pippio.com 2 redirects
2 image4.pubmatic.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 b1sync.zemanta.com 2 redirects
2 um.simpli.fi 2 redirects
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 dmp.brand-display.com 2 redirects
2 ad.turn.com 2 redirects
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 cdn.linkedin.oribi.io snap.licdn.com
2 image6.pubmatic.com ads.pubmatic.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 www.google.com.au www.heraldsun.com.au
2 insight.adsrvr.org js.adsrvr.org
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 snap.licdn.com www.heraldsun.com.au
snap.licdn.com
2 fw.adsafeprotected.com 1 redirects securepubads.g.doubleclick.net
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 static.criteo.net tags.news.com.au
static.criteo.net
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 metrics.heraldsun.com.au tags.news.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 ping.chartbeat.net www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 bedsberry.com www.heraldsun.com.au
bedsberry.com
1 tags.rd.linksynergy.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 udc-neb.kampyle.com
1 code.createjs.com s0.2mdn.net
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 uipglob.semasio.net ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 stags.bluekai.com 1 redirects
1 tg.socdm.com 1 redirects
1 csync.loopme.me 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 www.linkedin.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 lm.serving-sys.com secure-ds.serving-sys.com
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 sync.1rx.io www.heraldsun.com.au
1 trc.taboola.com www.heraldsun.com.au
1 pixel.mediaiqdigital.com www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 www.googletagmanager.com secure-ds.serving-sys.com
1 static.ads-twitter.com www.heraldsun.com.au
1 invoke.bonzai.co www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 edge.adobedc.net cdn1.adoberesources.net
1 tags.bluekai.com 1 redirects
1 23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com.au securepubads.g.doubleclick.net
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 fonts.gstatic.com news.google.com
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com 1 redirects
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 d.turn.com 1 redirects
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 ncg.tags.news.com.au au.tags.newscgp.com
1 8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636.nuid.imrworldwide.com www.heraldsun.com.au
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 cdn.ampproject.org www.heraldsun.com.au
1 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
1 www.northcoteleader.com.au 1 redirects
0 au.audience.newscgp.com Failed au.tags.newscgp.com
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
467 165
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2022-09-21 -
2023-09-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
bedsberry.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
web.app
GTS CA 1D4		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-22 -
2022-12-21		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2022-10-19 -
2023-11-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure-ds.serving-sys.com
R3		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-12-11 -
2023-03-11		 3 months crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
bonzai.co
Amazon		 2022-10-28 -
2023-11-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.bonzai.co
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M02		 2022-11-08 -
2023-12-07		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-18 -
2023-04-19		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh

This page contains 69 frames:

Primary Page: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Frame ID: 898FACE38F016EB68961152782D7DA4D
Requests: 203 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=m-2FtZCNnEeZt3DP0zsRxMCbwHNraN3p&nonce=2.EU-64z~x7kBVNClSx64ttxXzaT4_SE&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: FDFB214F7B42C54F865909574316A710
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 07F9A3D4AE6CC22B0D073909A299BAAC
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 8439282FA0A691128E505BCE6BD66B1E
Requests: 22 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 3B2B56E6D342F07B1DB9C4C856CC5532
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
Frame ID: 6554FA1DDD7ED3A784907F39C6F2DA72
Requests: 15 HTTP requests in this frame

Frame: https://23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 716146B7C69906369D221B8491C34135
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: DBE33A114297F3A8F40EC39B64717CE2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugLkObAJEhL_eMh1E90AmwpEdipOWj3SqxYIU1NNuiT3EE2QMXZuOnBh9BMicmGyuI2IXLxMCiCyR1xPX36XXXZfhRNdylbO5wlKhGuZGzb9MY5JFv9-KUyXrbYrUaamF8QgK2NhLQMjOYHxlbNBWry7m2WK2qdozV7etMWQTKxq20ke0Y8MOEwGTuoD4uRkSY5Np57ZHSPaSYXqKE4wUeChKGQNiXwZvVYDGDQ2XZ_sGhhVeffZPEHm8-Mhd0mhQTktjIk2Nve_ePl_pp5143coEJgLQRbl4D0DjYv07Ad39Kyz13H4XDQpcfZkToM85yuJMxRHqAAco&sai=AMfl-YQLrtRGQUH8b4xXcg6fCyUWFht6nxK18m8vnZJ4NlFe8qpEM-_Deg8tOQ6-5VMvhQgl9Gy8vqTkTWCI_ZXfPFwcApBFWzqq1mgHIf_HH8NxNDwP0c9Yz-pmCO16Gdcq&sig=Cg0ArKJSzB3pPpA1c3ovEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A10E0B0C0DE59F2EC321F2B5D26A033B
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4aNWzjeud1pPDKBttgh93-Rn7GHOt9eUWWy4kGHG_CUOU0WukgRQ3s7nXRv5YO6q8JLIC45USQp7QLQeZ2c5fyRNMr0BcQLsRrg1jdXBDaT8HyNjKqB-Tu55BCjRdpd32eK4ZtPhVWhhDru0e2qHFPIcC38XKVTG3L3m9v4U8Xt2TSMRqH1XGxRFYxmxB1dahhjJqT3tLqzTxKEBbhiAVVnaSANAD-Clptc5bU1pcmDVu2Bf13MP2-X0dvGhXufJ4lBI-4Ctv_c4fPNHJGxQFwbp2LCKXLfNuWmfWX6NnmU_t7QXjor7oRxT4mVyrrN_MzVNe-VsExNI&sai=AMfl-YT45QJTDYmHhviM4u4iHZ0ZJshb0u4PeFA8_DW9jb6rBK14uSnVdRXfesmHWGE6mPfs8ERAZPHWVlTLh2OsquLE-nIifFvYkVZeNiuhgujTQVmJASdOet1vH6XNfQM6&sig=Cg0ArKJSzL-j1RdFpRTbEAE&uach_m=[UACH]&adurl=
Frame ID: E0BC927A8195EB222CACEED695816C54
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNOuZa8zuIBPXj0xlvWUtbcd43_QoIohXa6RmMI5InLSDNNNU3GJdnsdtnmfzwImbA_mX-WtuiqEwS4NCfGzjVBumyEpDXtHyCfEmE1bankTYVZjY-vu54KeIQNFm2LvHK1KCm7DvZXxXGXDWT23hPQTHPjStZOufsBR0hy_JsJgYniVxbINXLO8_iaTsZsOC0ADG6mAFCXcZYpU_41SQFUHHsPfBbBscVdYxXCces9Kjc8SnAlWdfdWExjsFrjD0-YdZ-sXY5APJPO3d1xvUyo9snkvB7TN2YjWaZZnEVyOiw45rIiGsPXralVuyfVx_azqY9U4jS9wQ&sai=AMfl-YQsBCgXgJS9WSK0vVeo64OBce0tg3Ugcsb1Nt2PhAVAcQ-ylI9vJMO8m-7-9Nu_Gzf-B4hCxUaVbKY-Szjs3dt6uQxzzaFqIJ4SG5pSUGORMrPZR7YMVnOUdCL6F_9S&sig=Cg0ArKJSzN79-rFAYfTGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C49AD2234D38EDCEB01BC4B77DAFF614
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZpurV7h-Q6pVwEmunxKRyy_bFQWIqGQgPEKpoEpUn7ToE7r-gqIEEvzfGy7dT3YfPN_KrcWoTzgfch3NDqZLJOQQpP40gOlQIZiVq4i018gEp2F6vxTlRnsqCdjjalTkMoeKn_Rbk1Pq6BYf3qu1w3WyTlkh-82oFwO_DrMNq8UYQj5n1UsnD-u8XukRPx4VzK9EG_-kRCqWtyTNzgjqQLabH8H0-GWbUCqD0Z_Suq77jAhEHx3715Ut-oOoGHSqlqtILnzTpmkPxKHtaxk_-oJrqjk2Fkee1HnO2ylE8k-1YQ0ODj-WYvsG_YbouCjsap2fxggQMRY8&sai=AMfl-YRY0RIgnfC0QsdxgmBUKKZuFMaQ_VWS5iiEMCNBvnIednhfuj_GdEF1IGNRzFRbvTFMBwviSk4UYws3OWphhgVqqK-YVt4Go8tpVg8o8nPewMH4LQNdTRbChnPhYUYt&sig=Cg0ArKJSzG8aUuMk8rIBEAE&uach_m=[UACH]&adurl=
Frame ID: 7D768A69DB912735662AF134F7C228DA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjjHXqBluJJFRFfGZKAHnV4N24c53pgGZ30sxUGrTUdVJFoReL6jwACSuwAn8_OGhTT1rjCvSTt49vAN4ZnGye7fSmtgVSccTjhT3_26db2foc6ATubKQE0WWafMeNXh1mkAUc7dCdqHV0-rYR_zt2n3Lq-ls4DvZ_H5NkW4xvLhOXB3sACS4yTVoYRlRciBlN3MJ3Jw9qMlcM_e2sBIi-9MSaTPsQYhwIRmOlJT_l9tSNfC8k9gjC92mSulP_K8pFJ9dg4tasma6BWrm9jZWNHBwAO91FeZm0RgRx5uBmy6gyoONsE-nZ3g5cMVowBnpbY5VzyFA8KBE&sai=AMfl-YQIZ0bhTdbpgYEGHDez2H4D6o_XoK06t6I5szNw9BzfnLHOTqUSXoa2CgI_2cneIZm9Gop1fhKIuhV4SM8jETjzTndk-GN05l3TcdHdPXy-0lIalerS20Zb5iyuruf9&sig=Cg0ArKJSzNMHOeuEe1KUEAE&uach_m=[UACH]&adurl=
Frame ID: 6D0F35C6F1C29B9B815109B24F109AAE
Requests: 8 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: A3ABBECEC18DC40407429C9C4525618B
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94
Frame ID: 845B1640D66BBDE6B5BB912875D789B4
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368
Frame ID: F5610FA96744E901550E348E38E90759
Requests: 2 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
Frame ID: CB471031C38E88F41C02D98454F6C3D3
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 3FD0FFCA60BF80C61068974CDFB85D60
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: 281A885D160CEB31DF692EA3BDFE5D9E
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 8A45C666C59472A26AFBD439149B62CB
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 7E4F5031EBA18DE63CA8187A5C4542D5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 36C324A883840D526F10ABD890300A54
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122
Frame ID: 7AE8D53957406F2E0A4C5C5945B6C152
Requests: 2 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 928CB8A8161C1E53E419436D4FB9A76A
Requests: 4 HTTP requests in this frame

Frame: https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=3968828280703796370
Frame ID: 3242490770B1504170C4BA139DC3E40A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698303&pubOrder=3070200390&cb=1468709064&custom=index&custom3=168403511&adsafe_par&impId=d77383f5-7ba7-11ed-8019-0ab5b06f5b88
Frame ID: CC8E7DA6325454A27FB4F4830D194925
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698306&pubOrder=3070200390&cb=355661226&custom=index&custom3=168403511&adsafe_par&impId=d77383f9-7ba7-11ed-8019-0ab5b06f5b88
Frame ID: 5C1D9B4E1F183513B0F26AAE582EA513
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1230848408&custom=index&custom3=168403511&adsafe_par&impId=d77383f8-7ba7-11ed-8019-0ab5b06f5b88
Frame ID: ABD6495A70B42E46CF3879CBD1D59BC4
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=1795119757&custom=index&custom3=168403511&adsafe_par&impId=d77383f6-7ba7-11ed-8019-0ab5b06f5b88
Frame ID: CD1106669855716C7F555EE18B1F2913
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 452F52361AC49496F4C271BB71B6E6EE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 87A59BE362FDA79FB83174070A60DAEF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&upid=trk7f24&upv=1.1.0
Frame ID: C383B6195DF31FA8171978FD7F434CD8
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&upid=ekg5qxt&upv=1.1.0
Frame ID: B633D46B14FEF6511D4A43C3954DECEE
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 8C4362BB5277A595E5D58BB719F6B0B6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 8A01865727830DD5B96D8C3ECF4CCD71
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 1AD6AB3E0A345A1944E1C032112A6701
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AB4B5EBA2E5A85C8E18A1626A8C60253
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D7814DED5A4DFB75111576ED9BDB4A52
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: 7A27C771DF526455D7AE36288556216E
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 912F3A7E02F145102612CCE5976603E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 99763057B665DECED8726789A1929D16
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bl6yjZBE2uKMOMOVgqSdRKBF0P0oTpY-~A&gdpr=0&gdpr_consent=
Frame ID: F7D32EACD85865D127E0A84F8D4187E8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
Frame ID: 93E687A7A77FD23ECD665F027898AA0F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: A20E020A28DB336505FE9719526851C6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-0ttSVBlE2uIpEV_XjsoDbCuB2BQN520-~A&gdpr=0&gdpr_consent=
Frame ID: B3129CE1959870B8FFDD75C84B7C74CA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
Frame ID: D06BF91458371879D91095DF227700A8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: F91001A333A58B30C2CEE027E23DA3CC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B19139958C5C613DDBE461F147CA5C6D
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F91EEA1E1C2C3A353F54079A046A2F8A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138412295938&pubOrder=3070200390&cb=1771868052&custom=index&custom3=168403511&adsafe_par&impId=d77383f7-7ba7-11ed-8019-0ab5b06f5b88
Frame ID: 6EAF3F1792808152C28E0C815857C220
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 57C25F64C75C0D8862CC51F757AB91EB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82e46399-bc79-4e00-9098-3e1494e0ed32&gdpr=0&gdpr_consent=
Frame ID: 58A8F326531B8C903758232EA2B51847
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1D8ACF3E-7D16-4AD4-9D49-181320D60310
Frame ID: 95D3FFD650F371DC3D8E1E75A58D2448
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A8BE5789248F627C4378BCAFFBEA8A85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A5EF5ED66EFDAF81CBB42B25F4B18CD9
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 41267DB80EE939E5D86691E311F402B7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B9A9DC10C1433DBD650EEFAC631C404A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
Frame ID: F26CC9941053C0491A3837A3E3D521F1
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 828B56AAAFCB2D88A98A481170D29D42
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 594DAFD2DC264499F9C982690850C3C3
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
Frame ID: 82996415269DAEDC30248FF7FC5AFC58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1&gdpr=0&gdpr_consent=
Frame ID: B6AA5FBA76ED61A437AE5D327A5A3BD4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3968828280703796370&gdpr=0&gdpr_consent=
Frame ID: CFB6F2CB3D95C90984ADAAA9BBD66817
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC
Frame ID: A80D32E0A1C8A9550CB4D7E91D415252
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6mom2gd9eb
Frame ID: 298C67983FC0EFA1A359908ED10B5705
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7E3F694A2BF00F36E7F7794ABAC48B03
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y21bpzuAR85gMki8Gwl1pq310UA
Frame ID: 5FE3641DDDD2664E48A392EC2A8C22E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44492888C1452C2EE34B47675880570B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D29FB8109F7726E451F6D4D306FD6A6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

North | Leader Newspapers North Melbourne | Local Community News VIC | Preston Leader | Northcote Leader | Whittlesea Leader | Melbourne Leader | Diamond Valley Leader | Herald Sun

Page URL History Show full URLs

  1. http://www.northcoteleader.com.au/ HTTP 301
    http://www.heraldsun.com.au/leader/north HTTP 301
    https://www.heraldsun.com.au/leader/north HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2flead... HTTP 302
    https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

467
Requests

85 %
HTTPS

0 %
IPv6

97
Domains

165
Subdomains

117
IPs

12
Countries

5021 kB
Transfer

12368 kB
Size

172
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.northcoteleader.com.au/ HTTP 301
    http://www.heraldsun.com.au/leader/north HTTP 301
    https://www.heraldsun.com.au/leader/north HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth&16710196222101883516 HTTP 302
    https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671019635235 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671019635235
Request Chain 110
  • https://cm.everesttech.net/cm/dd?d_uuid=42300691424879755994319697651390268285 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5m8dAAAAFehmgN1
Request Chain 126
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
Request Chain 129
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3968828280703796370
Request Chain 130
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7060091950274067243
Request Chain 133
  • https://token.rubiconproject.com/token?pid=6404&puid=42300691424879755994319697651390268285&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBNLY3PI-1Z-DNDJ?gdpr=0
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDIzMDA2OTE0MjQ4Nzk3NTU5OTQzMTk2OTc2NTEzOTAyNjgyODU= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFoQymDihmBC9R56pES7qTQ&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 138
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3a2f2ec0-b354-423a-9aed-1718f006b1d6
Request Chain 141
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 143
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747
Request Chain 145
  • https://dt.scanscout.com/ssframework/uid?UIAA=42300691424879755994319697651390268285&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-80ae71e61dd2596d9afd1e3736967cb9
Request Chain 148
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=42300691424879755994319697651390268285&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=42300691424879755994319697651390268285&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 150
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=42300691424879755994319697651390268285 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=42300691424879755994319697651390268285
Request Chain 156
  • https://tags.bluekai.com/site/43981?id=42300691424879755994319697651390268285&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 160
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVtOGRBQUFBRmVobWdOMQ==
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5m8dAAAAFehmgN1&expires=90
Request Chain 162
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 164
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5m8dAAAAFehmgN1
Request Chain 165
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Y5m8dAAAAFehmgN1
Request Chain 167
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5m8dAAAAFehmgN1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5m8dAAAAFehmgN1
Request Chain 168
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1
Request Chain 169
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5m8dAAAAFehmgN1&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5m8dAAAAFehmgN1&img=1&__user_check__=1&sync_id=dc01783b-7ba7-11ed-bf4e-1ce81dd60507
Request Chain 196
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5m8dAAAAFehmgN1&t=2592000&o=0
Request Chain 199
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94
Request Chain 200
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368
Request Chain 207
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122
Request Chain 209
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2 HTTP 302
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=3968828280703796370
Request Chain 240
  • https://ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350696878;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350696878;dc_pre=CPrkzqCJ-fsCFS_6cwEduIoE9g;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 248
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1237132/66865773/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045,c:wLVus9,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-8dpms,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tpZy7dO+11%7C12%7C13%7C14%7C15%7C161%7C17%7C181%7C191%7C1a*.1237132-66865773%7C1b1%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:INS,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:dbd704da-7ba7-11ed-9b3e-56335f7572b8,v:19.8.374,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 275
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=3968828280703796370
Request Chain 276
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bl6yjZBE2uKMOMOVgqSdRKBF0P0oTpY-~A&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2EyZjJlYzAtYjM1NC00MjNhLTlhZWQtMTcxOGYwMDZiMWQ2&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
Request Chain 278
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-0ttSVBlE2uIpEV_XjsoDbCuB2BQN520-~A&gdpr=0&gdpr_consent=
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2EyZjJlYzAtYjM1NC00MjNhLTlhZWQtMTcxOGYwMDZiMWQ2&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
Request Chain 281
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Request Chain 287
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671019640652&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671019640652&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671019640652%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fnorth%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671019640652&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3ae8d3d8-8461-43df-b4b2-97f8ceb50e90 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3ae8d3d8-8461-43df-b4b2-97f8ceb50e90&_expected_cookie=249357f4249119862c02639b940e1393
Request Chain 291
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5m8dv0N3AkSf0kz7V94TwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMEPResZfn-Emn26JOXqE3o&google_cver=1
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGofFiTrp7VLeKV4Jt24964&google_cver=1
Request Chain 295
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_6399bc7a0aca3&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a0aca3
Request Chain 296
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7060091950274067243
Request Chain 297
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=c7d24a5e-c491-b1c4-e5202f64
Request Chain 298
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3968828280703796370
Request Chain 302
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9536399-bc79-4e00-97be-e2d5559b3450
Request Chain 303
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
Request Chain 304
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwcU7HM3kAACFFL2fW0A&expiration=1672229242
Request Chain 305
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vSFUyelxWsmmJFjE6StAkbIgXcSmcQmU6CCNRzC1
Request Chain 306
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgdYBSVT1P5qxH5
Request Chain 307
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686744441&external_user_id=92cbcfa8-fab1-483e-92d4-16e329911d88
Request Chain 321
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69DAA22820B64B95BCC8D7D7B2102C5B
Request Chain 323
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=658dd76c-9652-42e0-a48c-270caecfa3b8&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 324
  • https://tg.socdm.com/aux/idsync?proto=index_exchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5m8ecCo8YsAADF-hwQAAAAA
Request Chain 325
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=ToDyCtzL1ULv5jtSLCtz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VDPIR4UG5D2JQYVKTDWGVVHIU2MIN2HU HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VDPIR4UG5D2JQYVKTDWGVVHIU2MIN2HU HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ToDyCtzL1ULv5jtSLCtz
Request Chain 326
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3968828280703796370
Request Chain 327
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=af083bea-b4f1-2355-8b18426b
Request Chain 328
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_6399bc7a3d451&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a3d451
Request Chain 344
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82e46399-bc79-4e00-9098-3e1494e0ed32&gdpr=0&gdpr_consent=
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HYrPPn0WStSdSRgTINYDEA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 347
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1D8ACF3E-7D16-4AD4-9D49-181320D60310 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=1D8ACF3E-7D16-4AD4-9D49-181320D60310 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=985c1ea0-a3e2-4159-9bb1-4f344f74483c%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3a2f2ec0-b354-423a-9aed-1718f006b1d6&ttd_puid=985c1ea0-a3e2-4159-9bb1-4f344f74483c%2C
Request Chain 348
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=&ct=y
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUQ4QUNGM0UtN0QxNi00QUQ0LTlENDktMTgxMzIwRDYwMzEw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEO664IgYOdJ3c3PaA6e5T8&google_cver=1
Request Chain 352
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C7E94711BF34045A348DA473DB4FC34
Request Chain 354
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=
Request Chain 355
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBNLY3PI-1Z-DNDJ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBNLY3PI-1Z-DNDJ&ex=d-rubiconproject.com&status=ok
Request Chain 359
  • https://pixel.adsafeprotected.com/rfw/st/1237132/66865763/skeleton.gif HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif
Request Chain 363
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOTFkzUEktMVotRE5ESg==
Request Chain 364
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNLY3PI-1Z-DNDJ
Request Chain 365
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30
Request Chain 366
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFlNDRmZDYzYjkyNjViZTRiNTc3MzBlNDNlNDc3ZmNkNzMxZTU4NA
Request Chain 367
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YhWZM0KvyT9pn9dQ8UW6Csn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0lCULKFE2oJdNQQ1E0BDieHUsxZ.e7qLoKiQ3A--~A
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQ9Nc0VSQbep3oJWkI3fvU&google_cver=1
Request Chain 369
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RlY67HejT2WpSrXFNrsXTw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RlY67HejT2WpSrXFNrsXTw
Request Chain 443
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
Request Chain 444
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1&gdpr=0&gdpr_consent=
Request Chain 445
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3968828280703796370&gdpr=0&gdpr_consent=
Request Chain 446
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC
Request Chain 447
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6mom2gd9eb
Request Chain 449
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y21bpzuAR85gMki8Gwl1pq310UA
Request Chain 450
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=82e46399-bc79-4e00-9098-3e1494e0ed32
Request Chain 451
  • https://idsync.rlcdn.com/420486.gif?partner_uid=1D8ACF3E-7D16-4AD4-9D49-181320D60310 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDFEOEFDRjNFLTdEMTYtNEFENC05RDQ5LTE4MTMyMEQ2MDMxMBAAGg0I_PjmnAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7219b131cbba57ae5cd8a39999bb05f892b77e804ba735ded063d3f80347bcd4791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MjE5YjEzMWNiYmE1N2FlNWNkOGEzOTk5OWJiMDVmODkyYjc3ZTgwNGJhNzM1ZGVkMDYzZDNmODAzNDdiY2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwI_fjmnAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MjE5YjEzMWNiYmE1N2FlNWNkOGEzOTk5OWJiMDVmODkyYjc3ZTgwNGJhNzM1ZGVkMDYzZDNmODAzNDdiY2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwI_fjmnAYSBAgCEABCAEoA&google_gid=CAESEEylqudr82g3qJ3AMCiTQ6Q&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=a59bd0af-2fbf-4594-9300-46a2243f76fc
Request Chain 452
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RVfuIitE2uWDV6.mvpp6lnitriSUBaU-~A&gdpr=0&gdpr_consent=
Request Chain 453
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4033d73b-f5d5-43c0-962f-74e120b694d2&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c1a40f26-864b-4501-b9e8-f8047a90ce51&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 454
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5521857733821939844
Request Chain 455
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7060091950274067243&gdpr=0&gdpr_consent=&us_privacy=

467 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request north
www.heraldsun.com.au/leader/
Redirect Chain
  • http://www.northcoteleader.com.au/
  • http://www.heraldsun.com.au/leader/north
  • https://www.heraldsun.com.au/leader/north
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth&16710196222101883516
  • https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
392 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
5b59dcd417f5de61b57ee737a9eeb7d124533a580114e97fbf42add0250368b2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:10 GMT
expires
Wed, 14 Dec 2022 12:07:10 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 400627 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fleader%2fnorth%3fnk%3d63f9db231c59ebbd872907019369e6dc-1671019623&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=north&session=63f9db231c59ebbd872907019369e6dc
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=2525
content-length
154
content-type
text/html
date
Wed, 14 Dec 2022 12:07:03 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server
AkamaiNetStorage
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4VFNVPXJT1D02W0C
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=157171
accept-ranges
bytes
content-length
11472
x-amz-id-2
4uO6i4l63P3DNlB0tW3K2bdAjOLd3xyco9qrYSl7SZSnILDGDrgUyc9FaquYDLsV5es7sIoqweY=
expires
Fri, 16 Dec 2022 07:46:43 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
7H6DNWJR8XFXB459
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=101963
accept-ranges
bytes
content-length
12052
x-amz-id-2
lHWHL2qpmY04V7fzoJ+nsOIn7dzQf4BfyEJjcP6qNYtp19y7KNQNyCQPrDRXbsXXod83Knp4Rnc=
expires
Thu, 15 Dec 2022 16:26:35 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3Z0GHM044FR4D820
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=116135
accept-ranges
bytes
content-length
12440
x-amz-id-2
2YrJF17m3YFqg4u+b0bGyR1eyKvaQLDDf4Ev+7Hkwp5R3fsidxJ04Onc1TnT7lN8qvXJyrKX0D8=
expires
Thu, 15 Dec 2022 20:22:47 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
7X7T428JPY46HNHE
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=404515
accept-ranges
bytes
content-length
11372
x-amz-id-2
qUs/d/Ic2YoKrRJT36hdvlaLY6ZbhAp2uy18zKrNVn+7r6E5BdZIXwXl4DVjEM7jV1n3jSbfzG8=
expires
Mon, 19 Dec 2022 04:29:07 GMT
lux.js
cdn.speedcurve.com/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits
570
date
Wed, 14 Dec 2022 12:07:11 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
2787
x-cache
HIT
content-length
7152
x-served-by
cache-syd10148-SYD
last-modified
Wed, 14 Dec 2022 11:20:43 GMT
server
Apache
x-timer
S1671019632.721334,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Dec 2022 11:20:43 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:12 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-879"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:12 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2967
x-rq
sin1 0 2 9980
last-modified
Wed, 30 Nov 2022 04:28:24 GMT
server
nginx
etag
W/"6386dbe8-1d74"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:12 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 01:29:16 GMT
server
nginx
etag
W/"6369b0ec-2b9b"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:12 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
nrt1 0 2 9980
last-modified
Tue, 08 Nov 2022 00:59:47 GMT
server
nginx
etag
W/"6369aa03-7b68"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:12 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
nrt1 0 2 9980
last-modified
Tue, 29 Nov 2022 06:25:45 GMT
server
nginx
etag
W/"6385a5e9-b62"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
2fd7698a
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/2fd7698a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cfdce298b842f59959bed7e6a0bedb581dc40e8945ee1c5a0a8b790f1ca5a1ff
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:12 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Wed, 14 Dec 2022 12:07:12 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/leader/north
x-opw
4
content-length
8783
pragma
no-cache
x-bpath
OLD
blaizehappened
true
etag
"d8d0b457eb1d7d45e30c4a77066b007bdf2504f5a5760333afa32b73443589b7"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f2fd7698a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=2fd7698a&session=63f9db231c59ebbd872907019369e6dc
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 29 Dec 2022 07:29:31 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Sun, 27 Nov 2022 23:18:03 GMT
server
nginx
etag
W/"6383f02b-1f69"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1279340
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
K7Q77N69686DWRDS
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=255656
accept-ranges
bytes
content-length
16112
x-amz-id-2
EB7QAIVZ6OIyPK1MBzX5+1sn8EqlGJsU2/7MUbJddtKgZPL2PyetFh+aDSJDBBJnH5R17aAzZL8=
expires
Sat, 17 Dec 2022 11:08:08 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
63PJEVSTV4SQC4J6
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=545397
accept-ranges
bytes
content-length
15948
x-amz-id-2
7LWlVawAUmj3Lyb/cmUBmBBNzHixh616MPrdm2RM1ajwfbi3WjHpNF8ar4RGe9KpjuzcIQdYFas=
expires
Tue, 20 Dec 2022 19:37:09 GMT
rea-logo-grey.png
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/rea-logo-grey.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.133.2 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:12 GMT
x-amz-version-id
dKOPaz9thY.HOlUhOOqUMNe1euXfQloR
Last-Modified
Thu, 09 Sep 2021 21:19:11 GMT
Server
AmazonS3
x-amz-request-id
XGQBF31F8ZRAA331
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
skJgu5udqun9Q8D7IX6rz1yEBHrq7ZSOA03m5gN1vUW4oMxSuhYNuTxPUM25PWgaf3GqX141h1Y=
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
SWNT12DB6ZNXK5WK
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=123606
accept-ranges
bytes
content-length
540
x-amz-id-2
h7K/ZSK7Z3mo4BebhbA5fX0FzPTGOvWcNDQwzgPqUV6v8oOOWlLyl+A5leCJX/IwWbSz6G2os0o=
expires
Thu, 15 Dec 2022 22:27:19 GMT
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 12:07:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
etag
"4e195ff32f27eb3c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Dec 2022 12:07:12 GMT
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 29 Dec 2022 08:41:21 GMT
date
Wed, 14 Dec 2022 12:07:11 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Sun, 27 Nov 2022 23:00:44 GMT
server
nginx
etag
W/"6383ec1c-1e5e"
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1283650
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
QTKD2FK8G6JBAXZE
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=177602
accept-ranges
bytes
content-length
535
x-amz-id-2
N5hQXRsxV46lWiw3iggR/R0Hq6kbWa8gWdkI70DU7DsNg/sA/WNIiTcqUqAzABhQ7PmMumtC15o=
expires
Fri, 16 Dec 2022 13:27:15 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=519538
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Tue, 20 Dec 2022 12:26:10 GMT
/
www.heraldsun.com.au/_static/ 		99 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZuYGRuaGBoVEWAK9DIhM=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 14 Dec 2022 12:07:11 GMT
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100912
x-rq
sin1 0 2 9980
last-modified
Mon, 05 Dec 2022 20:10:12 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 14 Dec 2022 12:07:12 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 14 Dec 2022 12:07:11 GMT
cache-control
max-age=55378
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
320461403493c494e9e7914f1eb19eb61cf6ce0b568819e9e66c11a85ab2b2ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 14 Dec 2022 12:07:12 GMT
x-datacenter
gce-asia-east1
etag
"0e3c2166d8bf6a8ea6959d6d4db552d03639aee04cfa64016ce8dc8e0ab67576"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-b5lx
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:13 GMT
date
Wed, 14 Dec 2022 12:07:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
"63844cfe-37"
vary
User-Agent
content-type
text/css
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
date
Wed, 14 Dec 2022 12:07:12 GMT
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1131
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 14 Dec 2022 12:26:03 GMT
indies-loader.js
ts2020-indies-client.web.app/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
cache-syd10177-SYD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Wed, 14 Dec 2022 12:07:12 GMT
last-modified
Mon, 14 Nov 2022 00:03:09 GMT
x-timer
S1671019633.640874,VS0,VE0
etag
"cbb3dfd4f549aa029702fc7ca53f4c8dd52daaf8e9559703aa852d3760850ff6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1470
x-cache-hits
656764
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:13 GMT
date
Wed, 14 Dec 2022 12:07:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
29864
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-182d6"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:13 GMT
date
Wed, 14 Dec 2022 12:07:12 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-1973"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
campaigns
resourcesssl.newscdn.com.au/indies/ 		870 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22index%22,site:%22heraldsun.com.au%22,section:%22/leader/north%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
73d7194f51616ea395b52934db721b5cb4de766c0aaf33f05ea197379686654c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

x-cache-hits
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Wed, 14 Dec 2022 12:07:14 GMT
x-powered-by
Express
content-length
498
x-served-by
cache-qpg1251-QPG
server
Google Frontend
x-timer
S1671019634.614765,VS0,VE754
etag
W/"366-rtt4a362LXOakyu0cUr+ukqCgvw"
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
13b7effecf4851610701d72e22accb52
cache-control
private, max-age=1742
function-execution-id
bwq8vt3swxkd
accept-ranges
bytes
x-orig-accept-language
en-AU,en;q=0.9
x-country-code
SG
expires
Wed, 14 Dec 2022 12:36:16 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22index%22,site:%22heraldsun.com.au%22,section:%22/leader/north%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.182 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-182.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1800
content-type
text/html
date
Wed, 14 Dec 2022 12:07:13 GMT
expires
Wed, 14 Dec 2022 12:37:13 GMT
function-execution-id
n32tw64f3c5w
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
9089a9a248d6b69ee783cd022f490c14
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1251-QPG
x-timer
S1671019633.804838,VS0,VE469
comments-count
mhr.talk.news.com.au/api/v1/ 		824 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=a83bc0b0e1288b339db8c2c9e7b951e8,c80aad85d3d15eb4f972adbf0c334e2e,52d717bd8cb54b7b1a56aa12f075b641,9f11f6357e078fe798e03e4147e0149a,bd5ff4946b89a6f69a9dc35abac7cc44,5c05cf47237a3b1d7bcbaa65473aae74,c41764d9968a872b81e4f35e364f11a2,14d1b75e1ebe9568257ae54784fb675f,9fe531c7514c72d1c58acbd2611c1dc8,7c64382769e5b50593cb041dca42b3d3,f42ae1bc4b8dbc2ec8d863b0ef784204,1318b986e06986dbf311dcd9fa8a04aa,25b030a591fff749dcdba47048840093,22cdbe7d720786e0a96f75d9b9c8a01f,0460fd8c96c144ba6a5c378b7fea9d32,6bcfa6e906f1eb475f1cad912c7c1f0b,41dc8c763ef77fa14f04b023ac3161f6,edbcc2e59d5ff527d2153fc29e19ba5c,7218e0e52912016ff4a42b4667c52a7e,3577717f749207b953fc5d2950bda6ce,37b534ac6a3388cab8e9a7c6a0fa3547,3bd109c06cc3fa3b8a31cc17283df1d5
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
3ee38cb0c201c34e3410588f50f1a631224a0bb647096e46dc95179fba5d18e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 12:07:14 GMT
server
nginx/1.20.1
etag
W/"338-Zei1jmhyoay2mYHoyRpZo+dxAp0"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
d8af5ec0-7ba7-11ed-aa1a-f3ba934d6fad
content-length
481
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c6ade056ebc802456d3ce84c008e16565a931f57a145295baf75810db9e18ba0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
date
Wed, 14 Dec 2022 12:07:12 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1691
x-rq
sin1 0 2 9980
server
nginx
vary
User-Agent
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=33
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Wed, 14 Dec 2022 12:07:45 GMT
f3e72d4881f06442da333eb186edd219
content.api.news/v3/images/bin/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f3e72d4881f06442da333eb186edd219?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6c0999b7b320afdff8edfd1456a44e57cf25d784bfcfc07f7c8de8957230e2ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
last-modified
Wed, 14 Dec 2022 05:11:02 GMT
server
Akamai Image Manager
etag
8ee9efa43c88a476d6a4bab89d022e82-f3e72d4881f06442da333eb186edd219-650
edge-cache-tag
f3e72d4881f06442da333eb186edd219
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5159034
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
52891
expires
Sun, 12 Feb 2023 05:11:07 GMT
f3795ab9d6aa7da2e8e1bb0051b1ecab
content.api.news/v3/images/bin/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f3795ab9d6aa7da2e8e1bb0051b1ecab?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
899e334ecb2b93249a53e7a1117b2d29057c3fb11850d36e80d15bff4a51f7fa

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
last-modified
Wed, 14 Dec 2022 05:56:41 GMT
server
Akamai Image Manager
etag
5a1c655942b7c0aaba3b20ef8fcc4bf0-f3795ab9d6aa7da2e8e1bb0051b1ecab-320
edge-cache-tag
f3795ab9d6aa7da2e8e1bb0051b1ecab
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5161779
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
15793
expires
Sun, 12 Feb 2023 05:56:52 GMT
d78fb291b150a54608095a11bb0aac99
content.api.news/v3/images/bin/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/d78fb291b150a54608095a11bb0aac99?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
48ba7b05e1d859de4d8e8b14ca9d863bdf3320043de4e25e1f3bcd1e8f225173

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
x-check-cacheable
YES
edge-cache-tag
d78fb291b150a54608095a11bb0aac99
content-length
8469
last-modified
Tue, 13 Dec 2022 21:40:56 GMT
server
Akamai Image Manager
x-serial
1894
etag
6cf0b2cc0fdc6926faea71d962f8add2-d78fb291b150a54608095a11bb0aac99-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5132022
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 11 Feb 2023 21:40:55 GMT
490d8b559b34edfce487f2443c8bb648
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/490d8b559b34edfce487f2443c8bb648?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a96160db5ebc18f79c88fe9167a1e4d95faf078f67776f6de1bf1bbbee382e6b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
x-check-cacheable
YES
edge-cache-tag
490d8b559b34edfce487f2443c8bb648
content-length
11910
last-modified
Tue, 13 Dec 2022 04:42:57 GMT
server
Akamai Image Manager
x-serial
849
etag
2ff4c7ee1f2869e54d2253c30d1f37a2-490d8b559b34edfce487f2443c8bb648-320
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5070922
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 11 Feb 2023 04:42:35 GMT
authorize
login.newscorpaustralia.com/ Frame FDFB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=m-2FtZCNnEeZt3DP0zsRxMCbwHNraN3p&nonce=2.EU-64z~x7kBVNClSx64ttxXzaT4_SE&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
f330fa9c4e1ca4f8fa1832a764502525d52d020298b59e1a854157069e890823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7796d1694f439fda-SIN
content-encoding
gzip
content-length
802
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Wed, 14 Dec 2022 12:07:14 GMT
expires
Wed, 14 Dec 2022 12:07:14 GMT
ot-baggage-auth0-request-id
7796d1694f439fda
ot-tracer-sampled
true
ot-tracer-spanid
0eb581e921699636
ot-tracer-traceid
3618d55134eb7548
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000003618d55134eb7548-0eb581e921699636-01
tracestate
auth0-request-id=7796d1694f439fda,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 535 0 pmb=mTOE,3
x-auth0-requestid
60c85872dbcc23e5046f
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1671019635
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:49 GMT
server
AkamaiNetStorage
etag
"edd094a83833400340dd04039cdd122f:1670479309.994367"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Wed, 14 Dec 2022 12:12:13 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		82 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 06:01:50 GMT
server
AkamaiNetStorage
etag
"173d1f23698ee8297b151a48bdea9d96:1670479310.123213"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
21334
expires
Wed, 14 Dec 2022 12:12:13 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		192 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:14 GMT
date
Wed, 14 Dec 2022 12:07:13 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45762
x-rq
kix1 0 2 9980
last-modified
Mon, 05 Dec 2022 06:19:07 GMT
server
nginx
etag
W/"638d8d5b-30150"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Wed, 14 Dec 2022 12:07:14 GMT
date
Wed, 14 Dec 2022 12:07:13 GMT
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3442
x-rq
sin1 0 2 9980
last-modified
Mon, 28 Nov 2022 05:54:06 GMT
server
nginx
etag
W/"63844cfe-21ad"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
21e00181ab5728ecae4ec4bc0e6db914
content.api.news/v3/images/bin/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/21e00181ab5728ecae4ec4bc0e6db914?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0b138b9fc239dca61b264d7ca5b7d504ec937f8817507b2de8004e6d731d39dd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
x-check-cacheable
YES
edge-cache-tag
21e00181ab5728ecae4ec4bc0e6db914
content-length
20003
last-modified
Mon, 12 Dec 2022 23:05:23 GMT
server
Akamai Image Manager
x-serial
306
etag
5f895c2bcc85a5bafab5facf99b6bddb-21e00181ab5728ecae4ec4bc0e6db914-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5050655
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Fri, 10 Feb 2023 23:04:48 GMT
f8faca8a14bc444ab4b3b5cc28aeb55b
content.api.news/v3/images/bin/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/f8faca8a14bc444ab4b3b5cc28aeb55b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7a0e6f2a587632ff817b7752cf46be09649ec8e5b0288b1efcc59b54c67d984d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:13 GMT
x-check-cacheable
YES
edge-cache-tag
f8faca8a14bc444ab4b3b5cc28aeb55b
content-length
38829
last-modified
Tue, 13 Dec 2022 04:31:54 GMT
server
Akamai Image Manager
x-serial
391
etag
ecdc1474f6638f30db1372de3d7a7129-f8faca8a14bc444ab4b3b5cc28aeb55b-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5070249
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 11 Feb 2023 04:31:22 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7373811
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
AjK0KW9qAFED02sOz0wUsRzqf-IgrfDWHiXJyTHRVSFhbJE5PBBLCA==
pixel_2fd7698a
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_2fd7698a
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/2fd7698a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/leader/north
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
date
Wed, 14 Dec 2022 12:07:13 GMT
blaizehappened
true
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
is-https
true
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_2fd7698a&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_2fd7698a&session=63f9db231c59ebbd872907019369e6dc
x-arrrg4
https://www.heraldsun.com.au/leader/north
x-opw
4
content-length
0
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:05:38 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
via
1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
age
46897
x-amz-cf-id
k_N3FK9L8bIccjzLDNmakf71d7JvTUIEZsDKqHVB_egUYLLR5EcArA==
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16710196342340.3150769849165427
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Wed, 14 Dec 2022 12:07:14 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
application/x-javascript
date
Wed, 14 Dec 2022 12:07:14 GMT
cache-control
max-age=41777
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
806316c78684b96dcfdbd7631f484c0e425af0df3e92adb929753d8e34e88116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12622
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.91.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-91-15.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 01:36:35 GMT
content-encoding
gzip
via
1.1 de07fad430c1bc86fd21b4e969faf29c.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
SIN2-P2
age
37839
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
9cOxX-Nb122khYjHjjq_OyYpp6ALCxaaRMRv1u1tRvEnsJB_FlBX2g==
expires
Thu, 15 Dec 2022 01:36:35 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		187 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"789aa25e8122305509df6e8b6103f3c6:1666763008.613847"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=54212
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=36961
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 12:07:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27320
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
MXAOdct0xr11IY15VEk/IwwyQm4K/1JDbA/e/5tLdVOfSzpS7YIGR/he4vqF+N/2J15o0SUjVrdNablEVcKRDg==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-87.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 11:34:58 GMT
Content-Encoding
gzip
Via
1.1 574ab88ff85f4ad30dd2d3a36c2bab20.cloudfront.net (CloudFront)
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN52-P1
Age
1936
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
45xz4l67N9cptKSHjraaM-_eK9KIB7qN4JQF_JPztDiXwQrw8Nix8Q==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-12-14T12%3A07%3A14.256Z&country=au&newsconnectId=&fpid=63f9db231c59ebbd872907019369e6dc
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.167.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-167-128.compute-1.amazonaws.com
Software
/
Resource Hash
b0a8c3de7f270d648cc44d03823860788a1510bca352556006609c8a16ab309d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:15 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
UMrEOOoRVoPiBBX.XHkgU0Lo2Jl9BQ7R
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 12:07:14 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ740X792WN4M9N
x-cache
HIT
content-length
520
x-amz-id-2
dyRXwCFfuyLEyiKBxhe0MP6ZJf1JgnDEyhFPm93wlxrhsLFMv2BuMtgZpBGNpvJD3g9O+wO/tuo=
x-served-by
cache-syd10158-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671019635.522604,VS0,VE0
etag
"1e637b4fd7dec49af4390ec7ed24432b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
1261315
id5-api.js
cdn.id5-sync.com/api/1.0/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
ZEFRP9MDBRZY2GGC
age
1958
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7796d16bbc89a883-SYD
x-amz-id-2
7Ps8oYuNSV2woceheiiCzZHjbO7U6EXZQUeFd+Lzh1Ga3/Ovgv1+gRYbMV+QytEeZlHhkAx7eOs=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.65.228.244 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-244.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62
8096267
date
Wed, 14 Dec 2022 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Fri, 18 Mar 2022 11:22:12 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Wed, 14 Dec 2022 13:07:15 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f1604ee8add5dbb6f8ce1e3a4b7711de:1669603221.223968"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=65776
content-length
2297
tad.js
tags.news.com.au/prod/tad/ 		109 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ada52adfc48f667e35362bd9e99165d1:1670478883.668009"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=48573
content-length
33851
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
4e33994e519659f18f6e3253154999b4fa6f47192de0e16c47936fbe261b3100
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27665
x-xss-protection
0
server
sffe
etag
"1421 / 699 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 14 Dec 2022 12:07:14 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.145.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-145-23.ccu50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
content-encoding
gzip
via
1.1 0e45eef568696fc0e17db7c2907052f4.cloudfront.net (CloudFront), 1.1 2ec72a3e72a08b5f1d2e07fe02b4fea0.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
BOM78-P6, CCU50-P2
x-amz-server-side-encryption
AES256
etag
W/"909ff158818033daa43a2d271ecda3db"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
_a1ouNHfi0tsDuqtTPoiiBHrAt6l26JyKf0Pg8mzvx0B2j_5Ntzsdw==
prebid.js
tags.news.com.au/prod/prebid/ 		366 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a5e55cf5b1d1242200b67a7ae1da6953:1664416072.664196"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=49544
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-12.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
ClDIgD0zuwLI7F0xhBbpGkCt4wZOjpVN
content-encoding
gzip
via
1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 11:45:52 GMT
last-modified
Thu, 13 Oct 2022 05:35:01 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1284
x-amz-server-side-encryption
AES256
etag
W/"964c4cc68e0d531d901baf0d73f36918"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
LQHpRwniqlYsphw6wFURjLqcCzEEABb-uRzurEbh7jra-6E9bIP5UQ==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b9045a036305d0268317898151e53de:1667439593.577923"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=55698
content-length
5801
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 12:06:03 GMT
server
cloudflare
age
71
cf-polished
origSize=5866
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0MjmHvAaKBOClt9bX2M4IUy9TLZZ5XBIErX1hGo4XfOSsI9Zz%2F3iNcBRHUnS9OXGfTlRPgHLjQz81%2FvbBDQVtX45Yc6G5itcOvYNwvCUNn9JtGF0aeZO7eAhe43V5Lr2ho31Siz"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7796d16dd82faac3-SYD
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Thu, 29 Dec 2022 12:07:14 GMT
v2jimycEM1neUvmSVG5BmAzx4aCOt9qC1gVYTwHF9p1XPHWaCIK1y_QACnvWCqHmH3YMuDlS_
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2jimycEM1neUvmSVG5BmAzx4aCOt9qC1gVYTwHF9p1XPHWaCIK1y_QACnvWCqHmH3YMuDlS_
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fccce227d9a5f1459e45a4bc9912010b5ec2dd97f78b44ce21dfd53811b48fa6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 14 Dec 2022 12:07:14 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-spot-b5lx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 14 Dec 2022 12:07:13 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers
6e39d5a9
login.newscorpaustralia.com/akam/13/ Frame FDFB 		0
0
UALIF4B
login.newscorpaustralia.com/q-xjwRJxMiW-jzldgg/1LL30t0zX7/FUc-Ej0B/FWYkC/ Frame FDFB 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.108.119 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-108-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:15 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN52-C2
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1
accept-ranges
bytes
x-amz-cf-id
C7UKOgddxyLDLADXK4CgbCDG0pUJAIQ6oDHyfbw4ZvWwAeD_2FBSLg==
content-length
66268
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.137 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-137.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 12:49:58 GMT
server
AmazonS3
x-amz-request-id
VBSGRMDGRMTATJDJ
x-amz-cf-pop
ATL58-P1
etag
"35540205d0226005e7cee3000c54ae8f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
EUbtxkrcE1cKQzu7ZKs1tD2beamQSVDnt1xDcYZja63v86LbG_BGNw==
x-amz-id-2
l/gSRa5XquhGfXrcUKta7HP7iDuMtOTx8XKIN+IsOqP1UxdcsJYoJpFXlDIZt2GxhLkxqy5DkAo=
content-length
21840
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202212080601&cb=1671019634585
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.112.234 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-112-234.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 14 Dec 2022 12:17:14 GMT
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Fp2yHOl1Q6EBCrmf.6.R4BH9p6d4MB1Q
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 11:31:43 GMT
last-modified
Tue, 13 Dec 2022 07:19:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
2133
x-amz-server-side-encryption
AES256
etag
W/"c4a50f37b02f511ddc08ff3c6fe94ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
Ts8ZpcL1A-33Xa4-vE6ZEAHB5F_46e3GbiQNOXsUXtdkIx4OUv0UtA==
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 09:40:16 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstf3Qlg57npmhR0vkv0kYBnBq2mrwSpdlw_AtcdtNATSnuXyVw_Q87Vdt4F-pd8BxOWM5AVDrCf0IXvRUOKrcpWynpmFaIxaJV5RKvfpbnguTWVi-wok9mTj8Gdje7PbiZTewl53zhIIav4dLvw&sai=AMfl-YTiynQxAI5oCkWValmmPZxGJKVxwGT1_qdG0tKsBsP4E4_R-OJkhOmRi9KpPteqcUsDOU_VCQ2UQsOtaVdiCg&sig=Cg0ArKJSzH-pmpkj50uuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221207.74573&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:15 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fnorth&u=DRJAv0BV-velN0Boi&d=heraldsun.com.au&g=36976&g0=local%2Cnorth%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7410&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&b=14792&t=D4RBLbB1QWuAC9GqXTLw5PCClOqZq&V=139&i=North%20%7C%20Leader%20Newspapers%20North%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Preston%20Leader%20%7C%20Northcote%20Le&tz=0&_acct=anon&sn=1&sv=BLrDoRDidL6wCwJwg4B9bo1DDcBYrj&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.179.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-179-62.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:15 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 12:06:16 GMT
server
cloudflare
age
58
cf-polished
origSize=47101
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgWHiWis5dOuAlWYnDdlib7daR%2B5Z8Ww2xTP3hey1qKuO5meRHJyO8gJVuirvHmNuQ2oiSElxpe0hdfwqtCgj2fqojYCkmhGxa30pIVYq2sjzp6lQuLx7SP6vfv7M8kuxfjZ1WS5"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7796d16e991aaac3-SYD
pubads_impl_2022120701.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132289
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 09:34:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 11:47:03 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		155 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
f95b7963443c34a1f2e4ed5764702da71c60c54abab836064bdf63c75ef57d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:15 GMT
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-200.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
server
AkamaiNetStorage
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=582
content-length
65
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=7c619fd5f7d84952f9e68776555e61fc&timewithTz=2022-12-14T12:07:14.256Z&country=au&newsconnectId=&fpid=63f9db231c59ebbd872907019369e6dc
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.167.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-167-128.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:15 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671019635235
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671019635235
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671019635235
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
495685aca6e93d344c2850b74703dc250cbe960fb54c2eaddc0107d9dbfaf3b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0469f4265.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
HQ+iYR7CTS8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1564
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-apse-1-v042-05bfc25e6.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
S+tgUR10QCk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1671019635235
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-91.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 10:28:21 GMT
Content-Encoding
gzip
Via
1.1 d7fd5c1c255d6d9fadc2a242ff9a2774.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN5-C1
Age
351534
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
Wc2m9eAIn_QZ8VKWVsM0agqhO96dkuNkW6C1tndleL6yuyXqqGFYGg==
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin6.fbcdn.net
Software
/
Resource Hash
ecce55c5603a9c2f603746839939144b465549b1a374988b1619a4daba1f5d07
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 14 Dec 2022 12:07:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86088
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
6z/2CabDlqj3NNQs480x3Cuz7ExVGwczXz5U25zyZNRPVf7x1fKEmlS7ai0/qhp+8/rbBRAJ9vZewRY95zdkiA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
date
Wed, 14 Dec 2022 11:41:57 GMT
x-amz-cf-pop
SIN2-P2
age
1518
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
LrJHi_I_AHclsw4MKRWJATzbsOb6jzGSqszmR07-oeJIp7o4m88L5Q==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221214
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45447af3a3d15af287b0d9947462be3791908b3cf7004370ab6f36e15529b239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29177
x-jsd-version
1.0.1555
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4558-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"668-FHJt9QGkqB5ui1KzXm+49E7ca9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QgTiIH%2F3gHXIZ4XgoKMa%2BGWDEegel65YRulrKKWoQaii3vLsrc%2Fyi4sf9bjVizT3gxNf28bip4iS1QpDorWhiNe%2Bir8rwql3lqr7e17ohEqWzuvcYreTKRcK8KNYMqFxV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7796d174be4fa956-SYD
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13214
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
2cf1a8c6afeb94be8e34ef91319bd29987ff3a1ccf02920e61b6cc901cb38878

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
content-encoding
br
via
1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"13214...218.2022121412"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
1o61xMrcvJFBuI6rS0icQu0_5EdW6hcUC4vfN9ykMUoBlQCLk47LEg==
validate
assets.vidora.com/v1/ 		0
299 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-76.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
via
1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
fn9G4qTHVGFkrxIbiojt6vtruKOUkq7c0ud6uuBNL8ZN31NgJ4013Q==
expires
Wed, 14 Dec 2022 12:07:15 GMT
701.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
6352cfb56c2aa49fd137a1b0339f71c569050d41b7e29e733611838f86919871
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 07F9 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
149
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 14 Dec 2022 12:04:47 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront)
x-amz-cf-id
E32_gODSkrvotzBfZQdGu6znHEe2GmGYNn4N1ZLXUltvN0LWXEPUcQ==
x-amz-cf-pop
SIN2-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
swg.js
news.google.com/swg/js/v1/ 		149 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
sffe /
Resource Hash
0e5ab66331e0a6257cfd46107440d1df79174281435e0486f0f9c6455055d29b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:52:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46842
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 17:12:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:42:04 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		435 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=0d74910c-e07f-4432-909f-f86194fe8a10&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-1&slots=1&rand=0.870741729731974
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6dfdd14cd064c99b26ba45bad5b5ddba6a3f531c0564c3959ca5e00cc94698b0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
435
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		434 B
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=dbb8cafb-629f-4e43-93b9-2ed99f8d3168&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-1&slots=1&rand=0.838285435558904
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
53036bc29b4c9999f5b3aba99fbfdb5c9accc666936b060e528cacc91de04f7c

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
434
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		414 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=1d9794ac-5edf-4410-9695-6d2b8162b039&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-2&slots=1&rand=0.6890117787154872
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
055b6f859e6a487cd5a5a032212b43fde7c571da4e740a3c6107d84e0f19e2b6

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
414
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		412 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tg_i.adl=false&tg_i.pagetype=index&tg_i.sec1=local&tg_i.sec2=north&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.leader&tg_i.pbadslot=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=34b8d59b-9772-4121-a9a8-0cc9d6803c71&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-2&slots=1&rand=0.7226087888813899
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5a66762056f44f9f77e2b5ff9f4d6c36406ba3abf1c6afb2759cbae6f6627fca

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
412
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 14 Dec 2022 12:07:17 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.playground.xyz/host-config/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
e0abacf8-50d4-4814-a1b7-517089cbcfac
v2
mfad.inskinad.com/api/ 		162 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-154-76.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
fbe7ee8f135ef55b4d6780913308a31556251b7938a39a36c877239fee0ce5d3

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

expires
0
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:17 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"a2-Bvzcw43PUse9xAUeGVYGZMxNVGA"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
162
x-served-by
bifrost-production-shard001-us-east-1e-i-048f5374cc4afc166
cygnus
htlb.casalemedia.com/ 		37 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22156a9d2059c5c0c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth%3Fpagetype%3Dindex%26sec1%3Dlocal%26sec2%3Dnorth%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221628e58b65c05c3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%2219e7ab32879d144%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%2221ac43bc9228ce7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-2%22%7D%7D%2C%7B%22id%22%3A%2222b4e3ec34b938a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0db67b95ff72d7a67c24f38f9b8b8391fccdbf4aa8116c4a52a0dbe626fc9f5

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQbLdHZO8tv6jvKeWct88su3MR11AYsEHZVXnasRgRH8vFTHmFk9LDY2xhCMlSLNrNxfVjUHwc9uqzar209nymikHERXnLKori%2F0wv9JDND5KBpSAJr7axt0NQYTnXHyJNEmJItT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7796d1775b58559f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:16 GMT
AN-X-Request-Uuid
ac88b3bb-0aca-4556-88bf-0096655c6ed1
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=63321264577
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
pub
pixel.adsafeprotected.com/services/ 		822 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.leader/local/north,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.leader/local/north,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.leader/local/north,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.leader/local/north,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.leader/local/north,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.leader/local/north,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.leader/local/north,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=d07195a5-d0e8-9dcd-0ee9-58dd6223d433&url=https%253A%252F%252Fwww.heraldsun.com.au%252Fleader%252Fnorth
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
faba64e32eae3ab3d4321c6575978d7b7f379b712b61107b1aec26b3be4f372c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
server
nginx
x-server-name
app02.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
dest5.html
newscorpau.demdex.net/ Frame 8439 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.103.125 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-103-125.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-apse-1-v042-0956cf47e.edge-apse.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8lNBguKmTOY=
content-encoding
gzip
date
Wed, 14 Dec 2022 12:07:17 GMT
last-modified
Fri, 28 Oct 2022 13:37:23 GMT
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=42324559252405021974321814505107984999&ts=1671019636261
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
caae56d59f9b1ca403ceec989e6e28662e88df29e90f29c4d5e80b57a182f166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y5m8dAAAAFehmgN1
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=42300691424879755994319697651390268285
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5m8dAAAAFehmgN1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5m8dAAAAFehmgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0211422c6.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RJMdUpKXQ9U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5m8dAAAAFehmgN1
Date
Wed, 14 Dec 2022 12:07:16 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.137 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-137.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
o4WHKo6MX2y.6aPGAnmLcU3LE.8_U3Hj
date
Wed, 14 Dec 2022 12:07:18 GMT
last-modified
Wed, 07 Dec 2022 22:44:24 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
etag
"4a5e4a11bf4a74aeb574379e169fa679"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=107
accept-ranges
bytes
content-length
18049
x-amz-cf-id
_fRpZ6SHxLfhjoYE1VaiYtt_rCfphK9oFWIW70n8U3x_zG6uwl9OUQ==
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 07F9 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636&c16=sdkv,bj.6.0.0&uoo=&fp_id=qnfd98g7lfchjq1kaktgjmsnc1b3o1671019636&fp_cr_tm=1671019636064&fp_acc_tm=1671019636064&fp_emm_tm=1671019636064&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:16 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636.nuid.imrworldwide.com/ Frame 07F9 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-93.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 05:09:29 GMT
via
1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
25067
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
HILBfO8i-5wMWJnb-psglIvlWwijxxoerTVXgz9v9JyWeAZwV01KwQ==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 12:07:17 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 14 Dec 2022 12:07:18 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 3B2B 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
2146
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 14 Dec 2022 11:31:31 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 bdc887cea2b02ccd10a15dd4a890c9c2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
TYEco--BeAmwQrQI3QQiJYE3UVrPyb3C6bqCsOW4KTBPLQPbSdjCDQ==
X-Amz-Cf-Pop
SIN52-P1
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		0
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&rl=&if=false&ts=1671019636465&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1671019636464.1797895039&it=1671019635587&coo=false&exp=a1&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 12:07:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&dom=www.heraldsun.com.au&r=1671019636467&pvs=1&pvid=4fdd70e6-2540-4de4-9c42-fc1420353f67&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
dotmetrics-hit-status
01 OK
via
1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
h2C-S-ZVFZXxeA519blTTY1MuqaCOciYJRpFOuNy0AmXicsaXBpRpg==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13214&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&dom=www.heraldsun.com.au&r=1671019636467&pvs=1&pvid=4fdd70e6-2540-4de4-9c42-fc1420353f67&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-75.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 00:42:07 GMT
via
1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 10:59:12 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
41111
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
d96VT6zgnUNjRM-4tquUKhQQ41wJmYn2aTnyg2MHpVR7r3HcqheSlA==
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=218
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:16 GMT
content-encoding
br
via
1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 15:20:21 GMT
server
Kestrel
x-amz-cf-pop
SIN2-C1
etag
"1d90406186815f7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
xj1TUh4lHefSAFHm_6b8EnSr5NJt2MQqqqLw7ZIDJ6chxLP7ABw94g==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
8a2ec1469ad816a7b36e7195247805735e055d8c32da5c4cf408def7f321f2dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 14 Dec 2022 12:07:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		34 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
d253f7836bbd5af3c03201645e0c0eaae65af47b4d14a9e1fbe92cba78a3d3b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 14 Dec 2022 12:07:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
34
vary
Origin
content-type
application/json
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:38:53 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:18:18 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame 6554
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
ESF /
Resource Hash
b97eb4dea71347c02545eb048ef7f39b6b09c9c955c027c0ba8686641d1f4d57
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-ViD4UUMT_gdaSe52vfAguA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-ViD4UUMT_gdaSe52vfAguA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Wed, 14 Dec 2022 12:07:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-GXKTqHuVW8Ek7_8AKCObQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
application/binary
cross-origin-resource-policy
same-site
date
Wed, 14 Dec 2022 12:07:17 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=42324559252405021974321814505107984999&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%0163f9db231c59ebbd872907019369e6dc%011&ts=1671019637061
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
57611ce2fab62138da89d56d9d72ba464aa342fef831c097b5f85a501d30d9ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-apse-1-v042-0fadce742.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
3pwrf1gyRq8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1561
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=358&dpuuid=3968828280703796370
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3968828280703796370
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3968828280703796370
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-0f2b5f85f.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
L2Y8BAX4Tds=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:17 GMT
AN-X-Request-Uuid
080c5a4b-e0a5-44df-a685-1ab8a70d8937
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3968828280703796370
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=7060091950274067243
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7060091950274067243
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7060091950274067243
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0d9743f17.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zahSpQWgR/Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7060091950274067243
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMyMTQsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS9sZWFkZXIvbm9ydGgiLCJydXJsIjoiIiwicHZpZCI6IjRmZGQ3MGU2LTI1NDAtNGRlNC05YzQyLWZjMTQyMDM1M2Y2NyIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1671019637300
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-56.sin2.r.cloudfront.net
Software
Kestrel /
Resource Hash
13e57e5159bea16f1debe2030efbe47a5b00e1d6a377e21701df624d5fab4b25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
content-encoding
br
via
1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SIN2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
rzno_QDJyHjH9vKgW8shKlx3_xuim3TA_8Bc1uw2EFTL5jEF3kMo3w==
s46682334065329
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s46682334065329?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=14%2F11%2F2022%2012%3A7%3A17%203%200&cid.&newsnkidcookie.&id=63f9db231c59ebbd872907019369e6dc&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=63f9db231c59ebbd872907019369e6dc&mid=42324559252405021974321814505107984999&aamlh=3&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Clocal%7Cindex%7Cnorth&g=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D151&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Clocal%7Cnorth&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Cmrec%3A1%7Cleader%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=local&c5=D%3Dv5&v5=north&c9=D%3Dv9&v9=index&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=11%3A07%20PM%7CWednesday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=151&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=63f9db231c59ebbd872907019369e6dc-00000000000000000000000000000000-1671019634559-165987&v110=2022-12-14%2012%3A07%3A03&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
fd114b5b0cf5c6cb24cd8251da4b77511ab6d252ad17f79fc91e5243dab5d83f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-aam-tid
s7SEWyuiSCg=
date
Wed, 14 Dec 2022 12:07:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4951
x-xss-protection
1; mode=block
dcs
dcs-prod-apse-2-v042-00d9310b9.edge-apse.demdex.com 6 ms
pragma
no-cache
last-modified
Thu, 15 Dec 2022 12:07:17 GMT
server
jag
etag
3588487345946263552-4619849965778365710
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 13 Dec 2022 12:07:17 GMT
ibs:dpid=481&dpuuid=LBNLY3PI-1Z-DNDJ
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=42300691424879755994319697651390268285&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBNLY3PI-1Z-DNDJ?gdpr=0
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBNLY3PI-1Z-DNDJ?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcscanary-prod-apse-1-v053-0ff9cf2f3.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
c8YAiUR8QWA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=LBNLY3PI-1Z-DNDJ?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEFoQymDihmBC9R56pES7qTQ&google_cver=1
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDIzMDA2OTE0MjQ4Nzk3NTU5OTQzMTk2OTc2NTEzOTAyNjgyODU=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFoQymDihmBC9R56pES7qTQ&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFoQymDihmBC9R56pES7qTQ&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-07a5bb2db.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IsNmiU+YQDE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFoQymDihmBC9R56pES7qTQ&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.145.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-145-23.ccu50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:28:00 GMT
via
1.1 2ec72a3e72a08b5f1d2e07fe02b4fea0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CCU50-P2
age
20357
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
I7bkWyNXH9DY2FuxLgeOuYud0nuYgJs5ri5cVW8HYJZvdDw_82WqqQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		113 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&pid=O8WdbSSYpcb3H&cb=0&ws=1600x1200&v=22.1201.834&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth-ad-block-300x250-2%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.leader%2Flocal%2Fnorth-ad-block-728x90-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-30-231.sin2.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
via
1.1 e5793992853fceac3581bde796b6f5ba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
Ve9wGS7WQe7LNEOso5shP6FTBbkDlyY9B7Erv3QTwi1mJmpFoRZqkw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.145.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-145-23.ccu50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 b134897a1e2ae04456b7d6ec2f582a60.cloudfront.net (CloudFront)
date
Tue, 13 Dec 2022 19:27:00 GMT
x-amz-cf-pop
CCU50-P2
age
60019
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
skKT-zBg43J07bHCC9ufmFEcAo2_DNyA7Ukjryefx99kAImgbhPMSQ==
ibs:dpid=903&dpuuid=3a2f2ec0-b354-423a-9aed-1718f006b1d6
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3a2f2ec0-b354-423a-9aed-1718f006b1d6
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3a2f2ec0-b354-423a-9aed-1718f006b1d6
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0a72cfc58.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
d03I89ctRig=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3a2f2ec0-b354-423a-9aed-1718f006b1d6
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
189
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 6554 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BAhiemkCCoGT1fAZKne-Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-BAhiemkCCoGT1fAZKne-Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame 6554 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:48:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:38:53 GMT
ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0c3b35783.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zUUQ0DhaQSg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
server
nginx
etag
"60b842ba-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Wed, 14 Dec 2022 12:07:18 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame 6554 		178 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
a20b51d4ace7c3e44acc5b4ba618e97b461fb001f0836153e9c43c2188d74411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64122
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:53:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:43:00 GMT
ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0469f4265.edge-apse.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gYLgN3GcRTk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8GjBmNCYC0eWqOfXy%2BuJhJMf3SM6xDk7e8WbmLHMhVrq%2BA0C1sDe70UvK8fgo%2BqpTmzWSmMbdhsVOhWTv2kuI38H0QmWqKjQoz6Wz1dREoYn9WJSR3%2Baiq7s7HsrqmAf7r7FLhk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747
cache-control
no-cache
cf-ray
7796d1843f28a86e-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
fd12bd2e9de2d64a7b7fb1adcb230c1dc2aeb0a59f93921aa65ebb08f13f26cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ibs:dpid=30432&dpuuid=CI-80ae71e61dd2596d9afd1e3736967cb9
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=42300691424879755994319697651390268285&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-80ae71e61dd2596d9afd1e3736967cb9
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-80ae71e61dd2596d9afd1e3736967cb9
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-0a41412e1.edge-apse.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
J/owMe76SEo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-80ae71e61dd2596d9afd1e3736967cb9
Date
Wed, 14 Dec 2022 12:07:18 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6554 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464172&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:04:40 GMT
x-content-type-options
nosniff
age
158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 12:04:40 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&rl=&if=false&ts=1671019637969&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22North%20%7C%20Leader%20Newspapers%20North%20Melbourne%20%7C%20Local%20Community%20News%20VIC%20%7C%20Preston%20Leader%20%7C%20Northcote%20Leader%20%7C%20Whittlesea%20Leader%20%7C%20Melbourne%20Leader%20%7C%20Diamond%20Valley%20Leader%20%7C%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.2.1671019636464.1797895039&it=1671019635587&coo=false&es=automatic&tm=3&exp=a0&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Dec 2022 12:07:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=42300691424879755994319697651390268285&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=42300691424879755994319697651390268285&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0a505807c.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Z9PauiOTRDE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Wed, 14 Dec 2022 12:07:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_leader_S&asn=leader&fp_id=qnfd98g7lfchjq1kaktgjmsnc1b3o1671019636&fp_cr_tm=1671019636064&fp_acc_tm=1671019636064&fp_emm_tm=1671019636064&ve_id=&sessionId=8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,north&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,ak6las66duo0kwdmjqmjsnlg1nfh01671019636&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16710196360601203&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1671019634625&c3=st,c&c64=starttm,1671019637&adid=1671019634625&c58=isLive,false&c59=sesid,&c61=createtm,1671019638&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&c66=mediaurl,&sdd=&c62=sendTime,1671019638&rnd=981643
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.138.175.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-138-175-196.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 8439
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=42300691424879755994319697651390268285
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=42300691424879755994319697651390268285
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=42300691424879755994319697651390268285
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Server
35.164.253.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-253-230.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-served-by
beacon-n014-pdx-prod.krxd.net
date
Wed, 14 Dec 2022 12:07:19 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1671019639
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=42300691424879755994319697651390268285
date
Wed, 14 Dec 2022 12:07:19 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Dec 2022 12:07:18 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		198 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4015033100179107&correlator=3603426965499942&hxva=1&scor=4350494537183943&eid=31071186%2C31071257%2C44777899&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=5129%2Cndm.leader%2Clocal%2Cnorth&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C300x90%7C315x90%2C1x1&ifi=1&adks=3933875422%2C1903305191%2C611518222%2C3404582919%2C2415928627%2C349838715%2C1925479106&sfv=1-0-40&ists=1&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd77383f5-7ba7-11ed-8019-0ab5b06f5b88%26amznbid%3D1%26amznp%3D1%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd77383f6-7ba7-11ed-8019-0ab5b06f5b88%26amznbid%3D1%26amznp%3D1%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd77383f7-7ba7-11ed-8019-0ab5b06f5b88%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%2C50%2C60%2C70%26vw10%3D40%26pub%3D40%2C50%2C60%26amznbid%3D1%26amznp%3D1%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26id%3Dd77383f8-7ba7-11ed-8019-0ab5b06f5b88%26amznbid%3D1%26amznp%3D1%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dd77383f9-7ba7-11ed-8019-0ab5b06f5b88%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dd77383fa-7ba7-11ed-8019-0ab5b06f5b88%7Cpos%3D1%26id%3Dd77383fb-7ba7-11ed-8019-0ab5b06f5b88&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D63f9db231c59ebbd872907019369e6dc%26sec1%3Dlocal%26sec2%3Dnorth%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dindex%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%252Ce%252Cf%252Cg%252Ch%252Ca%252Cb%252Cc%26abtest%3Da%26pvid%3D63f9db231c59ebbd872907019369e6dc-00000000000000000000000000000000-1671019634559-165987%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_3005111_PG%252CIAS_3005067_PG%252CIAS_3005069_PG%252CIAS_3005175_PG%252CIAS_3008351_PG&sc=1&cookie_enabled=1&abxe=1&dt=1671019638153&lmt=1671019638&dlt=1671019631123&idt=4893&adxs=436%2C176%2C1124%2C1124%2C0%2C1124%2C0&adys=28%2C6689%2C496%2C3184%2C6689%2C438%2C7410&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&frm=20&vis=1&psz=1600x134%7C1248x0%7C300x250%7C300x250%7C1600x720%7C300x0%7C1600x7428&msz=728x133%7C1248x0%7C300x250%7C300x250%7C1600x0%7C300x0%7C1600x0&fws=512%2C0%2C512%2C512%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C300%2C0&ga_vid=517711333.1671019638&ga_sid=1671019638&ga_hid=570713299&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
5a2bc3fda966c068e51a90fe3c79992975490738754cd8ccc37c0521f7701de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32065
x-xss-protection
0
google-lineitem-id
6092339753,5275743052,6092339753,5275743052,6092339753,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138411698303,138348077551,138412295938,138415583330,138411698306,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7161 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:18 GMT
expires
Thu, 14 Dec 2023 12:07:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 8439
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=42300691424879755994319697651390268285&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-1-v042-0fadce742.edge-apse.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
B2ofbL11R8g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Wed, 14 Dec 2022 12:07:18 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
interact
edge.adobedc.net/ee/v1/ 		727 B
832 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=c65ab31f-cdd1-4be8-a3a1-273a6f4f9bc9
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.48.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
b759be2f28edc47ee78828f911826a4a9b510b07ee79019c2771ee993418baeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:17 GMT
content-encoding
deflate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-rate-limit-remaining
599
x-adobe-edge
SGP3;3
x-xss-protection
1; mode=block
x-request-id
c65ab31f-cdd1-4be8-a3a1-273a6f4f9bc9
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.11.2:836cd9b5
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 14 Dec 2022 12:07:18 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.107.36 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-107-36.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 12:07:18 GMT
Server
nginx
pixel
cm.g.doubleclick.net/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVtOGRBQUFBRmVobWdOMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVtOGRBQUFBRmVobWdOMQ==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10125-SYD
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671019639.581473,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTVtOGRBQUFBRmVobWdOMQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5m8dAAAAFehmgN1&expires=90
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5m8dAAAAFehmgN1&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-syd10125-SYD
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671019639.581658,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y5m8dAAAAFehmgN1&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
iu3
s.amazon-adsystem.com/ Frame DBE3
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 14 Dec 2022 12:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VDWZSYDV4TZXZTKFR4F7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 14 Dec 2022 12:07:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R15ASMMENY1SZ85KS1JG
Serving
bs.serving-sys.com/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=1825549124515396296&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth$$&activityValues=$$Session%3D4867479466695451943$$&ns=0&rnd=5527034807121309&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.13.105 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-13-105.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6941d9237dc0718036e837a1175a0b1e91329312e4cc9ef53cb65b0463d3c22e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2500
expires
Sun, 05-Jun-2005 22:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5m8dAAAAFehmgN1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5m8dAAAAFehmgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10125-SYD
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671019639.581601,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y5m8dAAAAFehmgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Y5m8dAAAAFehmgN1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Y5m8dAAAAFehmgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:18 GMT
AN-X-Request-Uuid
f18e9e06-3da6-4d6e-9c9f-0ab75855f8c0
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-syd10125-SYD
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671019639.672163,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Y5m8dAAAAFehmgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L... Frame 6554 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L.B1.O/am=OgwAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7-XYtK8uMU9SvZTpiSk9pfG8RoQw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
0549b2d8d2e5358d7eeedeb94d7e8abe841b71f3e72be7c5df1fc24928b30506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45915
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:54:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:53:28 GMT
sd
us-u.openx.net/w/1.0/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5m8dAAAAFehmgN1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5m8dAAAAFehmgN1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5m8dAAAAFehmgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Y5m8dAAAAFehmgN1
date
Wed, 14 Dec 2022 12:07:19 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1
1 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-syd10125-SYD
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671019639.873606,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5m8dAAAAFehmgN1&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5m8dAAAAFehmgN1&img=1&__user_check__=1&sync_id=dc01783b-7ba7-11ed-bf4e-1ce81dd60507
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y5m8dAAAAFehmgN1&img=1&__user_check__=1&sync_id=dc01783b-7ba7-11ed-bf4e-1ce81dd60507
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:20 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
56
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 14 Dec 2022 12:07:19 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=Y5m8dAAAAFehmgN1&img=1&__user_check__=1&sync_id=dc01783b-7ba7-11ed-bf4e-1ce81dd60507
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
63
Connection
keep-alive
Content-Length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Dec 2022 12:07:19 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
PETGHXM9J3BGW5Z2
age
1806
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7796d188094fa883-SYD
x-amz-id-2
l902nuCuTXsdp0ZIQMaCkRfW2ct8uPQ67Kc2I8r6jJK1DpRsnrqERhJivqdxTsz6gCPD86DiQDw=
view
securepubads.g.doubleclick.net/pcs/ Frame A10E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugLkObAJEhL_eMh1E90AmwpEdipOWj3SqxYIU1NNuiT3EE2QMXZuOnBh9BMicmGyuI2IXLxMCiCyR1xPX36XXXZfhRNdylbO5wlKhGuZGzb9MY5JFv9-KUyXrbYrUaamF8QgK2NhLQMjOYHxlbNBWry7m2WK2qdozV7etMWQTKxq20ke0Y8MOEwGTuoD4uRkSY5Np57ZHSPaSYXqKE4wUeChKGQNiXwZvVYDGDQ2XZ_sGhhVeffZPEHm8-Mhd0mhQTktjIk2Nve_ePl_pp5143coEJgLQRbl4D0DjYv07Ad39Kyz13H4XDQpcfZkToM85yuJMxRHqAAco&sai=AMfl-YQLrtRGQUH8b4xXcg6fCyUWFht6nxK18m8vnZJ4NlFe8qpEM-_Deg8tOQ6-5VMvhQgl9Gy8vqTkTWCI_ZXfPFwcApBFWzqq1mgHIf_HH8NxNDwP0c9Yz-pmCO16Gdcq&sig=Cg0ArKJSzB3pPpA1c3ovEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
invoke.do
invoke.bonzai.co/mizu/ Frame A10E 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=266612409779305452&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2665920790629314665&rnd=1572554434
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.1.163.74 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-163-74.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
4ad7a045aabb45ace692b33c8d1bf5870307315e9c82cb354cb518c8aa147a8d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Wed, 14 Dec 2022 12:07:19 GMT
server
Jetty(8.1.7.v20120910)
content-length
9616
content-type
text/html;charset=ISO-8859-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A10E 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E0BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4aNWzjeud1pPDKBttgh93-Rn7GHOt9eUWWy4kGHG_CUOU0WukgRQ3s7nXRv5YO6q8JLIC45USQp7QLQeZ2c5fyRNMr0BcQLsRrg1jdXBDaT8HyNjKqB-Tu55BCjRdpd32eK4ZtPhVWhhDru0e2qHFPIcC38XKVTG3L3m9v4U8Xt2TSMRqH1XGxRFYxmxB1dahhjJqT3tLqzTxKEBbhiAVVnaSANAD-Clptc5bU1pcmDVu2Bf13MP2-X0dvGhXufJ4lBI-4Ctv_c4fPNHJGxQFwbp2LCKXLfNuWmfWX6NnmU_t7QXjor7oRxT4mVyrrN_MzVNe-VsExNI&sai=AMfl-YT45QJTDYmHhviM4u4iHZ0ZJshb0u4PeFA8_DW9jb6rBK14uSnVdRXfesmHWGE6mPfs8ERAZPHWVlTLh2OsquLE-nIifFvYkVZeNiuhgujTQVmJASdOet1vH6XNfQM6&sig=Cg0ArKJSzL-j1RdFpRTbEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame E0BC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
44481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E0BC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame E0BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWBVlHHgAmQQgL1vygGuQm2f5v7wTHFNETw95WygPl5ypXIjkKh19dd36qqQmOJwMmr7tXT7S9dVCsU0GUpZ4U68CqJQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E0BC 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:19 GMT
13148952536986812586
tpc.googlesyndication.com/simgad/ Frame E0BC 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13148952536986812586
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 05:59:24 GMT
x-content-type-options
nosniff
age
108475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15618
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:18:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Dec 2023 05:59:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C49A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNOuZa8zuIBPXj0xlvWUtbcd43_QoIohXa6RmMI5InLSDNNNU3GJdnsdtnmfzwImbA_mX-WtuiqEwS4NCfGzjVBumyEpDXtHyCfEmE1bankTYVZjY-vu54KeIQNFm2LvHK1KCm7DvZXxXGXDWT23hPQTHPjStZOufsBR0hy_JsJgYniVxbINXLO8_iaTsZsOC0ADG6mAFCXcZYpU_41SQFUHHsPfBbBscVdYxXCces9Kjc8SnAlWdfdWExjsFrjD0-YdZ-sXY5APJPO3d1xvUyo9snkvB7TN2YjWaZZnEVyOiw45rIiGsPXralVuyfVx_azqY9U4jS9wQ&sai=AMfl-YQsBCgXgJS9WSK0vVeo64OBce0tg3Ugcsb1Nt2PhAVAcQ-ylI9vJMO8m-7-9Nu_Gzf-B4hCxUaVbKY-Szjs3dt6uQxzzaFqIJ4SG5pSUGORMrPZR7YMVnOUdCL6F_9S&sig=Cg0ArKJSzN79-rFAYfTGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1237132/66865773/dcm/ Frame C49A 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1237132/66865773/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.209.240 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-209-240.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
aa56bc1974a96ad6cd86f82c22151c606edaa0d64d6041636ce0e48af52cbec2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C49A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7D76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZpurV7h-Q6pVwEmunxKRyy_bFQWIqGQgPEKpoEpUn7ToE7r-gqIEEvzfGy7dT3YfPN_KrcWoTzgfch3NDqZLJOQQpP40gOlQIZiVq4i018gEp2F6vxTlRnsqCdjjalTkMoeKn_Rbk1Pq6BYf3qu1w3WyTlkh-82oFwO_DrMNq8UYQj5n1UsnD-u8XukRPx4VzK9EG_-kRCqWtyTNzgjqQLabH8H0-GWbUCqD0Z_Suq77jAhEHx3715Ut-oOoGHSqlqtILnzTpmkPxKHtaxk_-oJrqjk2Fkee1HnO2ylE8k-1YQ0ODj-WYvsG_YbouCjsap2fxggQMRY8&sai=AMfl-YRY0RIgnfC0QsdxgmBUKKZuFMaQ_VWS5iiEMCNBvnIednhfuj_GdEF1IGNRzFRbvTFMBwviSk4UYws3OWphhgVqqK-YVt4Go8tpVg8o8nPewMH4LQNdTRbChnPhYUYt&sig=Cg0ArKJSzG8aUuMk8rIBEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7D76 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
44481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7D76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame 7D76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUDaxyw2eGxxM36OuRmtfLbCgPJoC0B_uzyvl43N8L0b0Fkyc-5OJBSSyIp7DHdRMWeehzfr0VUX0H60uCCjlZQ-Jx1Q
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D76 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:19 GMT
13760263887154427917
tpc.googlesyndication.com/simgad/ Frame 7D76 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13760263887154427917
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0c471babdb0403ea05134aa44b7af12ec103a13859350d0c6303d25ba2e88146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 12:13:10 GMT
x-content-type-options
nosniff
age
604449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30336
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 03:00:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 07 Dec 2023 12:13:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjjHXqBluJJFRFfGZKAHnV4N24c53pgGZ30sxUGrTUdVJFoReL6jwACSuwAn8_OGhTT1rjCvSTt49vAN4ZnGye7fSmtgVSccTjhT3_26db2foc6ATubKQE0WWafMeNXh1mkAUc7dCdqHV0-rYR_zt2n3Lq-ls4DvZ_H5NkW4xvLhOXB3sACS4yTVoYRlRciBlN3MJ3Jw9qMlcM_e2sBIi-9MSaTPsQYhwIRmOlJT_l9tSNfC8k9gjC92mSulP_K8pFJ9dg4tasma6BWrm9jZWNHBwAO91FeZm0RgRx5uBmy6gyoONsE-nZ3g5cMVowBnpbY5VzyFA8KBE&sai=AMfl-YQIZ0bhTdbpgYEGHDez2H4D6o_XoK06t6I5szNw9BzfnLHOTqUSXoa2CgI_2cneIZm9Gop1fhKIuhV4SM8jETjzTndk-GN05l3TcdHdPXy-0lIalerS20Zb5iyuruf9&sig=Cg0ArKJSzNMHOeuEe1KUEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6D0F 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:45:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
44481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Dec 2022 23:45:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6D0F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 03:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
32716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 03:02:03 GMT
l
www.google.com/ads/measurement/ Frame 6D0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfxp0No9fNrvtCEpbaP8zULLUXK3hvDeDlZBp0Dpxt3fFuwsY-tsdrmW2koaG7tpoMlmmqUy3nhAkD-w7ELTBM59mxcg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D0F 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:19 GMT
4676968070248943335
tpc.googlesyndication.com/simgad/ Frame 6D0F 		145 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4676968070248943335
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a10df9f8ee59afb5af7219469ec6b960dfe1e29e3b5fa1864da765dd6fa131ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 06:18:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Dec 2023 12:07:19 GMT
b.php
www.facebook.com/fr/ Frame 8439
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5m8dAAAAFehmgN1&t=2592000&o=0
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5m8dAAAAFehmgN1&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Server
157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 04:07:19 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
c80k94c7CZg1AfMD4a/E7SwdJ/lfDGdOl6+nU5rCd5KG+VlK/+kt9w+4JENDBywO+yjCHyqCWwmHcSMoreB0kw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 14 Dec 2022 04:07:19 PST

Redirect headers

x-served-by
cache-syd10125-SYD
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671019639.187349,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y5m8dAAAAFehmgN1&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Wed, 14 Dec 2022 12:07:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
up_loader.1.1.0.js
js.adsrvr.org/ Frame A3AB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 17:08:11 GMT
Content-Encoding
gzip
Via
1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
68349
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
pvGT0xfMzyEQgvRe1LCekyYSYeEzsN3g1szTyGYZZzuC5TWKpDWAcg==
activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94
8228261.fls.doubleclick.net/ Frame 845B
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=890540216261...
401 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
cafe /
Resource Hash
5087cff911fe097c3c504d9a5560d16a0248ef7b0486469c7fdbb4b8bcd2f7eb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
Wed, 14 Dec 2022 12:07:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368
8228261.fls.doubleclick.net/ Frame F561
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=830299167674...
402 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
cafe /
Resource Hash
b96ff06969da297f7641c31dbc0f86c4a21bf1e4f88b3c0148c77d8b7311a4e2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
Wed, 14 Dec 2022 12:07:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
px
secure.adnxs.com/ Frame CB47 		0
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/px?id=1274268&seg=22404526&t=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:19 GMT
AN-X-Request-Uuid
6ecc882f-deb2-4e6e-80ff-c5d12de78ccd
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uwt.js
static.ads-twitter.com/ Frame 3FD0 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 Singapore, Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-qpg1278-QPG
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 281A 		1017 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.76 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
891c693ce3d3cf4785ef8ce23e9acad133d41dd2b4586d0a5f8d8b0571f913b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 10:30:30 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=80575
accept-ranges
bytes
content-length
490
js
www.googletagmanager.com/gtag/ Frame 8A45 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ae45753eb3dbc6d3e4f825abc89e5f5909a75d2d7d5a44592da02d71cb459d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53009
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:07:19 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 7E4F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 17:08:11 GMT
Content-Encoding
gzip
Via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
68349
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
09DfKUOLEJYVNIYyc4KrGhwDiIEC2tSyeFdY63_23iZNt5tCsXfFkA==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 36C3 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Expires
Mon, 31 Oct 2022 05:58:51 GMT
Date
Wed, 14 Dec 2022 12:07:19 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
22019
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21944-LGA, cache-syd10123-SYD
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1671019640.938810,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
672271, 5574
activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122
8228261.fls.doubleclick.net/ Frame 7AE8
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=425860925833...
402 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
cafe /
Resource Hash
acca6453f8999953a29eaf793aa58ac255482ba751c594c348c2f603ee280eeb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
224
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
Wed, 14 Dec 2022 12:07:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
www.googleadservices.com/pagead/ Frame 928C 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f156.1e100.net
Software
cafe /
Resource Hash
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16824
x-xss-protection
0
server
cafe
etag
9000569688538989929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Dec 2022 12:07:19 GMT
pixel
pixel.mediaiqdigital.com/ Frame 3242
Redirect Chain
  • https://secure.adnxs.com/px?id=1297269&seg=22449553&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3D%pu1=!;%26pixel_id%3D1297269%26uid%3D%24%7BUID%7D&t=2
  • https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=3968828280703796370
2 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=3968828280703796370
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Server
13.250.85.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-85-161.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-length
2

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:19 GMT
AN-X-Request-Uuid
64f6bdf7-c8f8-472d-9084-aa4ce0e29555
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel.mediaiqdigital.com/pixel?u1=%pu1=!;&pixel_id=1297269&uid=3968828280703796370
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:20 GMT
AN-X-Request-Uuid
ae62ad6b-a746-411e-afc0-e094cdb3d4f3
Server
nginx/1.21.3
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
trc.taboola.com/sg/adobe/1/ Frame 8439 		43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
95
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
via
1.1 varnish
x-served-by
cache-syd10154-SYD
server
nginx
x-timer
S1671019640.508779,VS0,VE95
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
truncated
/ Frame A10E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
309363ad08b7022b826822dd37f2633535a29ed25edd0248f28c5ee1909bd73f

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame CC8E 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698303&pubOrder=3070200390&cb=1468709064&custom=index&custom3=168403511&adsafe_par&impId=d77383f5-7ba7-11ed-8019-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0d8644d72b8f16b913719b2af009007eac776388011f295c1be7fc97e882fe71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L... Frame 6554 		1 KB
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7-XYtK8uMU9SvZTpiSk9pfG8RoQw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
aa3205673a8a0655f3e5024377e19fd23266537c705491a83117f03a8e7e78ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
722
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:54:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:53:28 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 6554 		585 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=7397291844515980082&bl=boq_subscribewithgoogleclientserver_20221212.04_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=43640&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f102.1e100.net
Software
ESF /
Resource Hash
9965bf363728e3f90cb9b74a5133bf72d54794e515c94dc54f4c4774e86ca3b4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
0
sync.1rx.io/usersync/adobe/ Frame 8439 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L... Frame 6554 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7-XYtK8uMU9SvZTpiSk9pfG8RoQw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
193d96c05528372b39166dc20a81de92535b0f7063f453cd6d4de2d2af938c02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:54:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:53:28 GMT
13726
check.analytics.rlcdn.com/check/ 		25 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-75.sin2.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
via
1.1 d5845d4e49f77b7f0c9511096875b3b4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-amzn-trace-id
Root=1-6399bc78-13675e1605ec35f52dbde70f
x-amzn-requestid
5bf621dc-1a3a-46eb-a7ad-4d38edd2dc03
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
dIpizG8rDoEFr4Q=
content-length
25
x-amz-cf-id
LmDD7B0QQgGledou7DKSlaLzTXq3bxhKKJqhO-ERTWnu5D6dydNvtQ==
log
play.google.com/ Frame 6554 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:07:20 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:20 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6554 		131 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:07:20 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:20 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 6554 		131 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:07:20 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:20 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/ Frame 6D0F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af007e90e6d1940a7dba9cdd796a4beb96ced55ee102d2f97cd2d0e101b0fb91

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 5C1D 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698306&pubOrder=3070200390&cb=355661226&custom=index&custom3=168403511&adsafe_par&impId=d77383f9-7ba7-11ed-8019-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
cc6537ce7817e5d29731bb346289b99035e47b3b99cdd53f52dd894d26ac2147

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame 7D76 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08394d1cc5f0f3bcd2495532b0453cb6b4fbc4130114a2988c095b1b3d1f01d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame ABD6 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1230848408&custom=index&custom3=168403511&adsafe_par&impId=d77383f8-7ba7-11ed-8019-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6f5027a750a9d2b386eb568d5cf4bac53889152cfdc77adc4ce69d7155789d02

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L... Frame 6554 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7-XYtK8uMU9SvZTpiSk9pfG8RoQw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
4f210a4df44a12a32cb361915e75e8d1ed852dc232ee6b5f721bf6c0ec4a54db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4053
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:54:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:53:28 GMT
log
play.google.com/ Frame 6554 		131 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f139.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 14 Dec 2022 12:07:20 GMT
adsct
t.co/i/ Frame 3FD0 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=0167f2b7-74de-49fe-9573-e0b29106ba82&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6c1f3eba-45ad-429d-a603-f3dc38c905d6&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
155
date
Wed, 14 Dec 2022 12:07:19 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
dff0e6054984a0dc
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
f3792ba1889830dfd8d58bcfe8acdcfdcf1537335a7059a9d806f6ee1e62f509
content-length
43
adsct
analytics.twitter.com/i/ Frame 3FD0 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0167f2b7-74de-49fe-9573-e0b29106ba82&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6c1f3eba-45ad-429d-a603-f3dc38c905d6&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time
156
date
Wed, 14 Dec 2022 12:07:19 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
61b54784db8ce089
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
da4478cb775f67ba8ffc608e964c1c231a44d03f277e8ce46d9887b19868a50c
content-length
43
truncated
/ Frame E0BC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69e87272b5c72666743af7fbcef8b8dcf0e747cea3803ddc841afb56b8a341c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame CD11 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=1795119757&custom=index&custom3=168403511&adsafe_par&impId=d77383f6-7ba7-11ed-8019-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9830c3d94b28ad782192bfd1d133d597980ab1152c89ac9cb86e78e12fdbb657

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:19 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 928C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1671019639899&cv=9&fst=1671019639899&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
b0a75ae03b6f43c5f0ea1710dcbe813458b4e677177e50974d9deb2521ebf73c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
915
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E0BC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_zMK5MgY3fpg3Y4wkWPClBLgUR9DfqdZqgG9lGmiSr7VICSH5aBdJQ42n0o6B1q80X1Q5udgR2ZI5DO_24zQHDjtq3MatRT-krw_IadukxMPX8X0TrAkRgCKZGWXFYfXb6RSz755tVM9f-2xcVv8n9Fhib84kjRtcYncBhvw4JdXMckjszkTwHxqcloGeYz-KUOZiskJm70qKX4NRQ8lQKR2Cce6WAueaotnlc0qdToOHY-LNArdk4Uj35SBu3UL51yScvFUs14KJi-HltiNuBsDskxDoMUyvJLtTHOQ8kgXJBYkYifKEfjdP0INc7doNvXsM6PU2JXbUPQ&sai=AMfl-YRUY2yv485h9fbYfI_lhUAje-9j790Dljq73tO3CrE0z2HhofBvKp1xME23pGKtrKS5msuGQR-jAbu5lXKUN91sGWSqSBkEHQk22Dn70zGOdcDsd7gFKD_apVF6IpQa&sig=Cg0ArKJSzJCFDls2Ak8aEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:20 GMT
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L... Frame 6554 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.xXj9Y43J-eU.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7-XYtK8uMU9SvZTpiSk9pfG8RoQw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.cyaYbU2KR-A.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7c44MM3eUaOqsH0BwnZNErAd-Jmw/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f94.1e100.net
Software
sffe /
Resource Hash
f0f91c310b3b2d42268941942f9bc0abacca8ea9e74968cb4d1f5d483d6834c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 17:53:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44086
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:54:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:53:28 GMT
266612409779305452_1667523674557_script.js
massets.bonzai.co/ Frame A10E 		379 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/266612409779305452_1667523674557_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=266612409779305452&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2665920790629314665&rnd=1572554434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8fe3b67d21eeb9f38a2084d60ede9a0ce9a57ce52b990b91eb9764e3b3138d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 20:33:47 GMT
content-encoding
gzip
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 01:01:23 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
1352014
etag
"e22bd2ffc46f68747a8094996dcd7cda"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31104000
accept-ranges
bytes
content-length
171164
x-amz-cf-id
G6_hP4j8xtP5-74PHycPRw2qEBW592atpbmE13VfOaDx7lxMTC44FQ==
rec
collector.bonzai.co/ Frame A10E 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=1c8efdc0e64d4fce9ae24768ecf919d&ad=266612409779305452&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.32.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-32-211.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
B28800792.350696878;dc_pre=CPrkzqCJ-fsCFS_6cwEduIoE9g;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/ Frame A10E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350696878;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350696878;dc_pre=CPrkzqCJ-fsCFS_6cwEduIoE9g;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350696878;dc_pre=CPrkzqCJ-fsCFS_6cwEduIoE9g;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350696878;dc_pre=CPrkzqCJ-fsCFS_6cwEduIoE9g;dc_trk_aid=541959421;dc_trk_cid=180800929;ord=1572554434;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame A10E 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?mode=test&adid=266612409779305452&tk=1c8efdc0e64d4fce9ae24768ecf919d&domain=www.heraldsun.com.au&pagename=/leader/north
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.32.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-32-211.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 452F 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cf70e98a2c2ffcdaff8a147dbf8b7e7874558e52dbd5444d7eed56bcaa7abcf6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 14 Dec 2022 12:07:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
J638MH23ECHCZCHE1NHC
pixie
ib.adnxs.com/ Frame 36C3 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1671019639992&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&r=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&st=1671019639991&et=1671019639992&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 7D76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWehKRGVPoi6PXXn5ZixrNeWMQsk5iR0zyAO7uD2PK8_X4s81yxCAGUB9Z8qR5H6pULhJUxnmIB1KSQlE6bmV3-ct8AcGUP6CZ77U0R7mUPgY5Nha81wilXAITC-XsFIbvI0Te1tL1-Y6Nm-KqHs3c5sWKyRd38OsV5kZUFeaarpEIydICDPetSvGvP7WUwF1FKbzGRfm0kAHWkcYLPX1yTqTfAAo2zmsWqcRWWwQ18aTdTpuJ3eLQVHGnTUj2zOVJb1fkyI6zo29Wo-jCh859OboVJpv6vVfEd0L_DcX4CoPO91cP6Uv5r8dtCMhOeHQEEXvogB2As6JE2w&sai=AMfl-YS_wwY9OvCmKODjBb0ANltDANKJKPRnE1rbn0W6Rud_MVRB0uNAQ3zFEpimt9dklxmDzHI1RnxSU4frvjMqMKECH6hSpZYw9BgSJKdWJxw5cyO38xuPQZdXL2LwTb9X&sig=Cg0ArKJSzLOf0xumzPBREAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6D0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthrYoE5JNISKdme1l2sL3k-pUnGS90e3NB2KNTzLv9AA_3tkGyVPI5eo5QQs03542SO-waij6wW1RdE8lb6rP0DopmobFvBT3v8Ox_7kD-5JnrDr7CXY-DoLUxERyq6k0gJrLB3MlJvRI3hXI4gPowER-VvlVWtdPWLA8XIUX4JaQbFVxLiektis8p3kMTrrMftOrK6ovQgBtN0YOejhC6rkisLpz2_IOiHp3bwYJISNN7xu3s8dKwMQJS4rbmI0QQwOFm72nQOMyCdKAwB5ftb85wwY8evS1heVbKYy3DTmwDYc3obHep-DTnc2Oed7-IkeX5tjlmmiWFYA&sai=AMfl-YQCkyg-uj2er2U4LdEy2gBdRHj9usbGYTKUq0KaHy4zqlEuQ4R3NLjhzmaqTd1ZnaX_L1ZzOx2gSuti5ya74bx4BRFbf6xgv9L3b6fPbX8nrbmDJTHEbycD0s0xvter&sig=Cg0ArKJSzC1qnwvBwlQAEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:20 GMT
main.19.8.374.js
static.adsafeprotected.com/ Frame CC8E 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698303&pubOrder=3070200390&cb=1468709064&custom=index&custom3=168403511&adsafe_par&impId=d77383f5-7ba7-11ed-8019-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
593755
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
fL3QCMXvEkwEFugth7hbW0hYMBpmmn3p_WHJKE5NOucG24NJhBTNCg==
main.19.8.374.js
static.adsafeprotected.com/ Frame 5C1D 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698306&pubOrder=3070200390&cb=355661226&custom=index&custom3=168403511&adsafe_par&impId=d77383f9-7ba7-11ed-8019-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
593755
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
8wH-Gpu4d-eiKDTHrqYFisCEC5MgphtT_s2ioyiJkqZQVaQatYYoFA==
dcmads.js
www.googletagservices.com/dcm/ Frame C49A
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1237132/66865773/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abedq&adsafe_url=https%3A%2F%2...
  • https://www.googletagservices.com/dcm/dcmads.js
28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/leader/north
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 11:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10900
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 17:19:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:25:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 87A5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7245064
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
bIGYxSONa_I18soC8PJDMDztRvGZ-jzRk2j5PscRCH5F9TaG46RYkg==
up
insight.adsrvr.org/track/ Frame C383 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f6a39d421bb662ccbf017ea3154baaa14f597b3709ffac41d988b71d2d4c7a37

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVusV,pingTime:-2,time:77,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:19,mdZ:1059,beA:1072,beZ:1073,mfA:1075,cmA:1076,inA:1077,inZ:1081,prA:1081,prZ:1093,si:1101,poA:1103,poZ:1130,cmZ:1130,mfZ:1130,loA:1141,loZ:1144,ltA:1149,ltZ:1149%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tpZy7dO+11%7C12%7C13%7C14%7C15%7C161%7C17%7C181%7C191%7C1a*.1237132-66865773%7C1b1%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:INS,siq:30,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_2,google_ads_iframe_/5129/ndm.leader/local/north_2__container__,ad-block-300x250-1,newscorpau_ads-182,group_3_col-136%5D,sinceFw:46,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
www.google.com/pagead/1p-user-list/859754747/ Frame 928C 		42 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1671019639899&cv=9&fst=1671019200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&fmt=3&is_vtc=1&random=4168695527&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 928C 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1671019639899&cv=9&fst=1671019200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&fmt=3&is_vtc=1&random=4168695527&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame B633 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
f6a39d421bb662ccbf017ea3154baaa14f597b3709ffac41d988b71d2d4c7a37

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.8.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-8-30.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
main.19.8.374.js
static.adsafeprotected.com/ Frame ABD6 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1230848408&custom=index&custom3=168403511&adsafe_par&impId=d77383f8-7ba7-11ed-8019-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
593755
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
q6VMY_T-Q8uzOKc3PNZLJdDNOk19uhnVejoLLCwPLBmN6oCbdIVoIg==
main.19.8.374.js
static.adsafeprotected.com/ Frame CD11 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=1795119757&custom=index&custom3=168403511&adsafe_par&impId=d77383f6-7ba7-11ed-8019-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
593755
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ex9dWB9hKdVYMFieZSNy5YIRDavdkN6Pj1_FFz3PEuFI110lRjsq9A==
usermatch
ssum-sec.casalemedia.com/ Frame 8C43 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a8c5c83246bd950db435c0e731cce2e75d50fefa7611d4d70d04f77b11a7c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7796d1919a9da868-SYD
content-encoding
br
content-type
text/html
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf60w7mMxQrEzmYxbAnoszmipIBdZYFfgeO3qzx5uPYwekK4v%2Ft3Lo9KieEHcFHTDs052%2FddbaO%2FXftRP1pvgmbkn0ft2yrxGizSLN1D0jUc7VojIqF4jL8u9EtruO1WD13ibcEvnPGwnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8A01 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 12:07:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1AD6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26973
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:20 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 14 Dec 2022 19:36:53 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
insight.old.min.js
snap.licdn.com/li.lms-analytics/ Frame 281A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.193.76 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
gzip
last-modified
Tue, 13 Dec 2022 16:10:50 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=14881
accept-ranges
bytes
content-length
4581
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 8A45 		2 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1671019640326&cv=11&fst=1671019640326&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&auid=1044080340.1671019640&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
50a34a6dad2f4036910e5b2a97d6a52dba2fefa41465683840d70c6b0c0dc4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
865
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame C383 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 23:15:33 GMT
Via
1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
46308
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
TILD5JBwjqhtGPQZooh6bQI9x_tnRwg76JHCDQo9qZ5laq_jBNYnhw==
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame B633 		487 B
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-228-218.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 23:15:33 GMT
Via
1.1 988e86815669491446c291c607aeb5e8.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-C1
Age
46308
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
MhrFvkhajk9PdpohFQAz_ASVZ3TA07_Ydf26NZokhS5KK-8iel7Nag==
dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122
adservice.google.com/ddm/fls/z/ Frame 7AE8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPfgpqCJ-fsCFUcsaAodhEELQg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4258609258332.122?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368
adservice.google.com/ddm/fls/z/ Frame F561 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJ_OpqCJ-fsCFR4raAodmh8LuQ;src=8228261;type=invmedia;cat=newsc02-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8302991676745.368?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94
adservice.google.com/ddm/fls/z/ Frame 845B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPXbpqCJ-fsCFUoxaAodY3MFxA;src=8228261;type=invmedia;cat=newsc02j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8905402162617.94?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-52.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 14 Dec 2022 12:07:21 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-52.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 14 Dec 2022 12:07:21 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
usync.html
eus.rubiconproject.com/ Frame AB4B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Dec 2022 12:07:21 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D781 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44567
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 14 Dec 2022 12:07:20 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
48, 67710
X-Served-By
cache-lga13626-LGA, cache-syd10123-SYD
X-Timer
S1671019641.586593,VS0,VE0
usermatch
ssum-sec.casalemedia.com/ Frame 7A27 		2 KB
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0d093219bd7805fddbcc0d995817517d4937817e8a24863f5ea62ea34121e8

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7796d191aab2a868-SYD
content-encoding
br
content-type
text/html
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1%2FPV3JnsjvfNABPLb3i0UdcyGdCkl1QPq3PzYvtD7w64PGldQUI%2FKHSn3tDBaqGTbkwRslMIPuJVFL6LGsgPIbSTlqV8zOZhSi2rGgi2Diyw5zu%2BK109BmEI0T51GTPz9cswMC3PkGgWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 912F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
995
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7796d1930cbea8a6-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
Wed, 14 Dec 2022 16:07:20 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9976 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=26973
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:20 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 14 Dec 2022 19:36:53 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=3968828280703796370
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=3968828280703796370
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:20 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
de5d5305-4518-438c-b065-d1ed3526e751

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:20 GMT
AN-X-Request-Uuid
2d0cde8f-81b5-4dbc-a30e-6f696fc0f0e0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=3968828280703796370
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame F7D3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bl6yjZBE2uKMOMOVgqSdRKBF0P0oTpY-~A&gdpr=0&gdpr_consent=
70 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bl6yjZBE2uKMOMOVgqSdRKBF0P0oTpY-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Wed, 14 Dec 2022 12:07:21 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bl6yjZBE2uKMOMOVgqSdRKBF0P0oTpY-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
google
match.adsrvr.org/track/cmf/ Frame 93E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2EyZjJlYzAtYjM1NC00MjNhLTlhZWQtMTcxOGYwMDZiMWQ2&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
70 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame A20E
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame B312
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-0ttSVBlE2uIpEV_XjsoDbCuB2BQN520-~A&gdpr=0&gdpr_consent=
70 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-0ttSVBlE2uIpEV_XjsoDbCuB2BQN520-~A&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

age
0
content-length
0
date
Wed, 14 Dec 2022 12:07:21 GMT
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-0ttSVBlE2uIpEV_XjsoDbCuB2BQN520-~A&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
google
match.adsrvr.org/track/cmf/ Frame D06B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=M2EyZjJlYzAtYjM1NC00MjNhLTlhZWQtMTcxOGYwMDZiMWQ2&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
70 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:20 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=3a2f2ec0-b354-423a-9aed-1718f006b1d6&google_gid=CAESECnxGpKLZaBvGsg3g84CfBc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame F910
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:21 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
content-length
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame 8A45 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1671019640326&cv=11&fst=1671019200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=17365296&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 8A45 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1671019640326&cv=11&fst=1671019200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=17365296&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v92.js
www.googletagservices.com/dcm/ Frame C49A 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v92.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1237132/66865773/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045,c:wLVus9,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-8dpms,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tpZy7dO+11%7C12%7C13%7C14%7C15%7C161%7C17%7C181%7C191%7C1a*.1237132-66865773%7C1b1%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:INS,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:29,oid:dbd704da-7ba7-11ed-9b3e-56335f7572b8,v:19.8.374,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 07:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23563
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:32:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 07:58:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 1AD6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91847474&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5740e7aa5b552ae1d9833e15253993a6a621dc8f0cac5b10d54acf57c9d2688d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 14 Dec 2022 12:07:21 GMT
content-length
1672
content-type
text/html; charset=UTF-8
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 281A 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-10.sin52.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Dec 2022 11:49:23 GMT
content-encoding
gzip
via
1.1 50f11b94d86cc6d83642be5c3577d6fc.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
1078
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
lZo8QlWCFRiBOomxHfvYrF3z2rZwd3ADPC2rFMXwWWULV9yU3TfdAg==
/
p.adsymptotic.com/d/px/ Frame 281A
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671019640652&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671019640652&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1671019640652%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1671019640652&url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3ae8d3d8-8461-43df-b4b2-97f8ceb50e90
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3ae8d3d8-8461-43df-b4b2-97f8ceb50e90&_expected_cookie=249357f4249119862c02639b...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3ae8d3d8-8461-43df-b4b2-97f8ceb50e90&_expected_cookie=249357f4249119862c02639b940e1393
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 14 Dec 2022 12:07:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7796d19dfc13a868-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=3ae8d3d8-8461-43df-b4b2-97f8ceb50e90&_expected_cookie=249357f4249119862c02639b940e1393
date
Wed, 14 Dec 2022 12:07:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7796d19cbb26a868-SYD
content-length
0
token
cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1765380/domain/heraldsun.com.au/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-10.sin52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
1800
age
54698
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Tue, 13 Dec 2022 20:55:43 GMT
via
1.1 50f11b94d86cc6d83642be5c3577d6fc.cloudfront.net (CloudFront)
x-amz-cf-id
SsNsASYidlqBGA8gc83LDtgbPxKqBdwl4hj4Gfz0Ji4GEuYyjtMpdg==
x-amz-cf-pop
SIN52-C3
x-cache
Hit from cloudfront
async_usersync
ib.adnxs.com/ Frame D781 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:20 GMT
AN-X-Request-Uuid
fd3105d4-9be1-4ad7-bbaf-27fb2ea45f7d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVuAk,time:536,type:e,im:%7Bimprf:%7Bttecl:1530,ecd:441,tsecr:5%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:537,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B530~0%5D,as:%5B530~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tpZy7dO+11%7C12%7C13%7C14%7C15%7C161%7C17%7C181%7C191%7C1a*.1237132-66865773%7C1b1%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a*,rmeas:1,rend:0,renddet:INS,siq:30,sis:477%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 8C43
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5m8dv0N3AkSf0kz7V94TwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMEPResZfn-Emn26JOXqE3o&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMEPResZfn-Emn26JOXqE3o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMEPResZfn-Emn26JOXqE3o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8C43 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3G31X2V79VVY12D9EMGV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8C43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGofFiTrp7VLeKV4Jt24964&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGofFiTrp7VLeKV4Jt24964&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7syaScTO2QqxzHhXO0AGruhieDtN%2FTvd2eAi37ZuwtGfcXCY%2FMJpocqz2VGge0PS%2BeV1uxOr%2FakJwZQSOC1zAfxDHuqV8oU%2BRRElQOtVpfykDUrqpnKwI65mf7%2BCHytvwDPnBjuoZnu9SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7796d19539abaaf6-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGofFiTrp7VLeKV4Jt24964&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8C43 		70 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8C43
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_6399bc7a0aca3&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a0aca3
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a0aca3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a0aca3
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
rum
dsum-sec.casalemedia.com/ Frame 8C43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7060091950274067243
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7060091950274067243
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7060091950274067243
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 8C43
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=c7d24a5e-c491-b1c4-e5202f64
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=c7d24a5e-c491-b1c4-e5202f64
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 12:07:21 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=c7d24a5e-c491-b1c4-e5202f64
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 8C43
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3968828280703796370
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3968828280703796370
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
AN-X-Request-Uuid
c9369ee7-6315-40b0-b29c-6f44ecfadf91
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3968828280703796370
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8C43 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8MSSZX5QM5V4NPJT5PNF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B191 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4181d8ab44fa35cdd205013c3d4e3f278a415c0a7ec525a7b6748fb52f9569ee

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7796d19498ebaaf6-SYD
content-encoding
br
content-type
text/html
date
Wed, 14 Dec 2022 12:07:21 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07krpasRr6x9VZqda6xYZhCm%2FbodBwQMnmn%2BVXnO3DBgmismX3e1ndZRrGv5VVhADNFZgwd3JCXD1TkIJEOe%2FndDbFB5ZYZGfiE2IdRP23V6POxZ%2FK4%2BVO4wGPphziQkdEyIv7IigGFJfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7A27 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.92.117 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-92-117.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 7A27
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9536399-bc79-4e00-97be-e2d5559b3450
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9536399-bc79-4e00-97be-e2d5559b3450
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f9536399-bc79-4e00-97be-e2d5559b3450
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Dec 2022 12:07:20 GMT
Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7A27
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
18.140.92.117 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-92-117.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5m8dv0N3AkSf0kz7V94TwAAEosAAAIB
date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 7A27
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwcU7HM3kAACFFL2fW0A&expiration=1672229242
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwcU7HM3kAACFFL2fW0A&expiration=1672229242
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADwcU7HM3kAACFFL2fW0A&expiration=1672229242
Date
Wed, 14 Dec 2022 12:07:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7A27
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vSFUyelxWsmmJFjE6StAkbIgXcSmcQmU6CCNRzC1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vSFUyelxWsmmJFjE6StAkbIgXcSmcQmU6CCNRzC1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=vSFUyelxWsmmJFjE6StAkbIgXcSmcQmU6CCNRzC1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7A27
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgdYBSVT1P5qxH5
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgdYBSVT1P5qxH5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-052f9362e060162a9@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=WgdYBSVT1P5qxH5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7A27
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686744441&external_user_id=92cbcfa8-fab1-483e-92d4-16e329911d88
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686744441&external_user_id=92cbcfa8-fab1-483e-92d4-16e329911d88
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 12:07:21 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686744441&external_user_id=92cbcfa8-fab1-483e-92d4-16e329911d88
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747
dpm.demdex.net/ Frame 7A27 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5m8dv0N3AkSf0kz7V94TwAA%264747?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.252.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-229-252-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS
dcs-prod-apse-2-v042-0469f4265.edge-apse.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HnDKzEPwSdo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame 7A27 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Y5m8dv0N3AkSf0kz7V94TwAA%264747
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-154-76.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1e-i-0821d2832a700133c
B28800792.350694868;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1224494890;ord=xrve2n;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHmhWu_RRGwea8LYdEE9qY6pdYXdTO4vqANm58W0W6...
ad.doubleclick.net/ddm/adj/N800014.272810NEWSDIGITALMEDIAAU/ Frame C49A 		65 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350694868;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1224494890;ord=xrve2n;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHmhWu_RRGwea8LYdEE9qY6pdYXdTO4vqANm58W0W6X1BJgZWLVf3DKfw7ZhrPLpQvh-nfrJbsvn2IIJ1CuzjMBahT8F2n6bmeeJDkCt5oY4WcapB61j22ZTk4mGYn5Goh_p1I0umV87qDm_sdUCPnSi8NzGIqfeaY4dlR4WuLEn91wFHu23KyTYgSD2bNWwnMcT6FXx6uQkRXCQvAwA0x7GMtYn4_5hbTEYt46jbcM89IU9YirswvlGDe57mwIZMuE9Z0ybUymZq3Z0nC3RI3VFQlg0l-wXrFZX6v9UxO5FSHXy2N9yJcXipSDdt7bODCDMWuKMI%26sai%3DAMfl-YR7x8PSpxqMaoJcLU5v2grbr4fnL0ZhhMhy09DycnSbk_o53EDuBdcYvzrWKisr9zfmHN7BUYX9Vt9BXkqAD8ZdkYZUrNBsunGTKBSyW18OI0UBub07zJIiR6wCbnFl%26sig%3DCg0ArKJSzFIXGpNmtkG5EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth$0;xdt=0;crlt=HGxEB).'NP;stc=1;chaa=1;sttr=311;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
4f09ae58e33cbd694d0f295f1c160484e2ceffb6facd7cec9fd6c6a8e3bf69ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28093
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame F91E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7245065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2KmltUbMwObi_Qvj3sEiS-FZy_rBnDkcSUgKnUokeznGPelvhhe7uQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698303&pubOrder=3070200390&cb=1468709064&custom=index&custom3=168403511&adsafe_par&impId=d77383f5-7ba7-11ed-8019-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:3dc35355-11ec-c911-a7e2-d620b5b18d4c,c:wLVuFd,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-wr6t5,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:884,mot:0,app:0,maw:0,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C191%7C1a1%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:905,oid:dbed7319-7ba7-11ed-8bd0-02f2a80ddf4a,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuFf,pingTime:-8,time:906,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:906,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C191%7C1a1%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuFx,pingTime:0,time:925,type:pf,im:%7BpBlk:922%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:925,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~100%5D,as:%5B38~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C191%7C1a1%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuFK,pingTime:-2,time:937,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:795,beZ:796,mfA:1679,cmA:1681,inA:1681,inZ:1685,prA:1685,prZ:1693,si:1700,poA:1702,bl:1717,poZ:1717,cmZ:1717,mfZ:1717,loA:1727,loZ:1730,ltA:1732,ltZ:1732,mdA:797,mdZ:1670%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:937,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~100%5D,as:%5B50~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C191%7C1a1%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_0,google_ads_iframe_/5129/ndm.leader/local/north_0__container__,ad-block-728x90-1%5D,sinceFw:30,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuGe,time:968,type:e,im:%7BpWait:4%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:968,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~100%5D,as:%5B81~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C191%7C1a1%7C1b1%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/266612409779305452_1667523674557_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:22 GMT
content-encoding
gzip
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
HZahN72cFXvESAGLGnrmK_ZcJocD-TCljBKkUPAxoHHlzH5SDjpg0A==
rec
collector.bonzai.co/ Frame A10E 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=1c8efdc0e64d4fce9ae24768ecf919d&ad=266612409779305452&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.32.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-32-211.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px.gif
dcollector.bonzai.co/ Frame A10E 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjcxMDE5NjQxMTI4LCJmaSI6ZmFsc2UsInRrIjoiMWM4ZWZkYzBlNjRkNGZjZTlhZTI0NzY4ZWNmOTE5ZCIsImFkIjoiMjY2NjEyNDA5Nzc5MzA1NDUyIiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2NTkyMDc5MDYyOTMxNDY2NSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwibWVzc2FnZSI6IkRldGVjdGVkIFNESywgV2ViIn0=&etc=0.8769816019187191
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-15.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:00:41 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
47201
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
KH8VcsdG7l1I3X9Z_-22ZjUcDNKzdCAbuvKyPzyREnAtd3lLwScXlg==
rec
collector.bonzai.co/ Frame A10E 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=1c8efdc0e64d4fce9ae24768ecf919d&ad=266612409779305452
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.32.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-32-211.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B191
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69DAA22820B64B95BCC8D7D7B2102C5B
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69DAA22820B64B95BCC8D7D7B2102C5B
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69DAA22820B64B95BCC8D7D7B2102C5B
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 13 Dec 2022 12:07:21 GMT
tp_out
d.adroll.com/cm/index/ Frame B191 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.81.3 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-81-3.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame B191
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=658dd76c-9652-42e0-a48c-270caecfa3b8&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=658dd76c-9652-42e0-a48c-270caecfa3b8&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=658dd76c-9652-42e0-a48c-270caecfa3b8&us_privacy=null&gdpr_consent=null&gdpr=null
date
Wed, 14 Dec 2022 12:07:22 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B191
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=index_exchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5m8ecCo8YsAADF-hwQAAAAA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5m8ecCo8YsAADF-hwQAAAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

X-SO-Cluster-ID
0
Date
Wed, 14 Dec 2022 12:07:21 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=index_exchange","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.64","key":"Y5m8ecCo8YsAADF-hwQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40004"}
X-SO-Key
Y5m8ecCo8YsAADF-hwQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40004
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=206&external_user_id=Y5m8ecCo8YsAADF-hwQAAAAA
Cache-Control
private
X-SO-HostName
a-ad40004.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-IP
173.245.209.64
crum
dsum-sec.casalemedia.com/ Frame B191
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=ToDyCtzL1ULv5jtSLCtz&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2VDPIR4UG...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ToDyCtzL1ULv5jtSLCtz
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ToDyCtzL1ULv5jtSLCtz
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:23 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=ToDyCtzL1ULv5jtSLCtz
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame B191
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3968828280703796370
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3968828280703796370
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pvNIyWOIKNJb8BZVLDag68dvf1zkOyFLcWI602wmAYjimUeSXTEvDYIyG%2Fh5lBFNl20x%2BuasmpohS9BAm9gCvK01LYuwsLAj15CbIqfjzl%2F%2Fc01q559QKvdnJfORqdL%2B9oaLu6s"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7796d1989860a93d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
AN-X-Request-Uuid
28855157-f884-4b69-800c-aef85e105bb1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3968828280703796370
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B191
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=af083bea-b4f1-2355-8b18426b
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=af083bea-b4f1-2355-8b18426b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 12:07:21 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=af083bea-b4f1-2355-8b18426b
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame B191
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030002_6399bc7a3d451&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a3d451
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a3d451
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030002_6399bc7a3d451
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame B191 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5m8dv0N3AkSf0kz7V94TwAA%264747
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
49059
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7796d1975fa56a68-SYD
content-length
43
expires
Thu, 15 Dec 2022 12:07:21 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C49A 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 08:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 08:19:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame C49A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N800014.272810NEWSDIGITALMEDIAAU/B28800792.350694868;dc_ver=92.271;sz=300x250;u_sd=1;dc_adk=1224494890;ord=xrve2n;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstHmhWu_RRGwea8LYdEE9qY6pdYXdTO4vqANm58W0W6X1BJgZWLVf3DKfw7ZhrPLpQvh-nfrJbsvn2IIJ1CuzjMBahT8F2n6bmeeJDkCt5oY4WcapB61j22ZTk4mGYn5Goh_p1I0umV87qDm_sdUCPnSi8NzGIqfeaY4dlR4WuLEn91wFHu23KyTYgSD2bNWwnMcT6FXx6uQkRXCQvAwA0x7GMtYn4_5hbTEYt46jbcM89IU9YirswvlGDe57mwIZMuE9Z0ybUymZq3Z0nC3RI3VFQlg0l-wXrFZX6v9UxO5FSHXy2N9yJcXipSDdt7bODCDMWuKMI%26sai%3DAMfl-YR7x8PSpxqMaoJcLU5v2grbr4fnL0ZhhMhy09DycnSbk_o53EDuBdcYvzrWKisr9zfmHN7BUYX9Vt9BXkqAD8ZdkYZUrNBsunGTKBSyW18OI0UBub07zJIiR6wCbnFl%26sig%3DCg0ArKJSzFIXGpNmtkG5EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth$0;xdt=0;crlt=HGxEB).'NP;stc=1;chaa=1;sttr=311;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 09:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 09:40:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C49A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 23:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217816
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Dec 2023 23:37:05 GMT
truncated
/ Frame C49A 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a0ea4c38ffbc3f0ae600a3aff4b808d1bb01500c2972aa95960609ca3d90898

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 6EAF 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138412295938&pubOrder=3070200390&cb=1771868052&custom=index&custom3=168403511&adsafe_par&impId=d77383f7-7ba7-11ed-8019-0ab5b06f5b88
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
30fab9f49823641970f46424df36577214afdc57957c502aa0fceb2ec15f3e54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
usync.js
eus.rubiconproject.com/ Frame 8A01 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
da7703b02caf19aa8b0d7431223134abe5ba64f8e2aeb5cd92c099073c9054af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 02:58:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53381
Connection
keep-alive
Content-Length
10066
Expires
Thu, 15 Dec 2022 02:57:02 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVuL7,time:1205,type:e,env:%7Bnr_p:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1205,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1198~0%5D,as:%5B1198~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:501,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18.10507%7C181%7C191%7C1a*.1237132-66865773%7C1b1%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a*,rmeas:1,rend:0,renddet:INS,siq:30,sis:477%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 57C2 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7245065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
soiM4QpEcg1yeCFTZkj_r0LEKp7yq2SsikY5FvQQFGjO7JiTscpA2A==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138411698306&pubOrder=3070200390&cb=355661226&custom=index&custom3=168403511&adsafe_par&impId=d77383f9-7ba7-11ed-8019-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:10f861e9-81e4-c6e6-d9d1-4596bc73cea0,c:wLVuLu,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-6cb89b946f-sb6lx,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:0.6989.1.1,am:i,cc:0.6989.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1273,mot:0,app:0,maw:0,fm:tpZy7cQ+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C181%7C182%7C191%7C1a1%7C1a2%7C1b1%7C1c*.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1289,oid:dbf0ce75-7ba7-11ed-b00b-ced688cbc29f,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=10f861e9-81e4-c6e6-d9d1-4596bc73cea0&tv=%7Bc:wLVuLV,pingTime:-2,time:1315,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:385,beZ:386,mfA:1658,cmA:1659,inA:1659,inZ:1660,prA:1660,prZ:1668,si:1674,poA:1674,poZ:1685,cmZ:1685,mfZ:1685,loA:1694,loZ:1696,ltA:1700,ltZ:1700,mdA:387,mdZ:1639%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1671019641398,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:1288%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1315,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1288,wc:0.0.1600.1200,ac:0.6989.1.1,am:i,cc:0.6989.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7cQ+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C181%7C182%7C191%7C1a1%7C1a2%7C1b1%7C1c*.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1c*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1289,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_4,google_ads_iframe_/5129/ndm.leader/local/north_4__container__,ad-block-1000x50-1%5D,sinceFw:26,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame A10E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/266612409779305452_1667523674557_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:22 GMT
content-encoding
gzip
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
x-amz-server-side-encryption
AES256
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
tlnNGybkjJ2tXUROw9X3zJ2luZOTysIPIuME7-IPyCx1ksZGXA4V2g==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=10f861e9-81e4-c6e6-d9d1-4596bc73cea0&tv=%7Bc:wLVuMv,time:1351,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1351,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1288,wc:0.0.1600.1200,ac:0.6989.1.1,am:i,cc:0.6989.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7cQ+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C181%7C182%7C191%7C1a1%7C1a2%7C1b1%7C1c*.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1c*,rmeas:1,rend:1,renddet:IMG.qs,siq:1289%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
main.19.8.374.js
static.adsafeprotected.com/ Frame 6EAF 		195 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.374.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138412295938&pubOrder=3070200390&cb=1771868052&custom=index&custom3=168403511&adsafe_par&impId=d77383f7-7ba7-11ed-8019-0ab5b06f5b88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 15:11:26 GMT
x-amz-version-id
B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
593756
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 07 Dec 2022 14:12:43 GMT
server
AmazonS3
etag
W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
pJpj1sbJQXntrhQ8N6o5-wybSudXo8b4NlD72CJGZK88Hk9xAFuyCQ==
usync.js
eus.rubiconproject.com/ Frame AB4B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.5.52 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-5-52.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
da7703b02caf19aa8b0d7431223134abe5ba64f8e2aeb5cd92c099073c9054af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 12:07:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Dec 2022 02:58:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53381
Connection
keep-alive
Content-Length
10066
Expires
Thu, 15 Dec 2022 02:57:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 58A8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82e46399-bc79-4e00-9098-3e1494e0ed32&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82e46399-bc79-4e00-9098-3e1494e0ed32&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 14 Dec 2022 12:07:21 GMT
Expires
Wed, 14 Dec 2022 12:07:20 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master nrt-pixel-x20 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:82e46399-bc79-4e00-9098-3e1494e0ed32&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 95D3 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID1D8ACF3E-7D16-4AD4-9D49-181320D60310
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 14 Dec 2022 12:07:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CKT8PEZC0AG07R95ZGD4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1AD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HYrPPn0WStSdSRgTINYDEA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.65.228.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-65-228-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=26972
accept-ranges
bytes
content-length
5549
expires
Wed, 14 Dec 2022 19:36:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1AD6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=1D8ACF3E-7D16-4AD4-9D49-181320D60310
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=1D8ACF3E-7D16-4AD4-9D49-181320D60310
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=985c1ea0-a3e2-4159-9bb1-4f344f74483c%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3a2f2ec0-b354-423a-9aed-1718f006b1d6&ttd_puid=985c1ea0-a3e2-4159-9bb1-4f344f74483c%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3a2f2ec0-b354-423a-9aed-1718f006b1d6&ttd_puid=985c1ea0-a3e2-4159-9bb1-4f344f74483c%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3a2f2ec0-b354-423a-9aed-1718f006b1d6&ttd_puid=985c1ea0-a3e2-4159-9bb1-4f344f74483c%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
qmap
sync.crwdcntrl.net/ Frame 1AD6
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.74.158.193 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-158-193.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.7.191
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.16.131
content-length
0
expires
0
info
uipglob.semasio.net/pubmatic/1/ Frame 1AD6 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=1D8ACF3E-7D16-4AD4-9D49-181320D60310&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Wed, 14 Dec 2022 12:07:17 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif
Pug
image2.pubmatic.com/AdServer/ Frame 1AD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUQ4QUNGM0UtN0QxNi00QUQ0LTlENDktMTgxMzIwRDYwMzEw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1AD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEO664IgYOdJ3c3PaA6e5T8&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEO664IgYOdJ3c3PaA6e5T8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEO664IgYOdJ3c3PaA6e5T8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1AD6
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C7E94711BF34045A348DA473DB4FC34
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C7E94711BF34045A348DA473DB4FC34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:1C7E94711BF34045A348DA473DB4FC34
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 13 Dec 2022 12:07:21 GMT
1D8ACF3E-7D16-4AD4-9D49-181320D60310
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1AD6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/1D8ACF3E-7D16-4AD4-9D49-181320D60310?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.92.117 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-92-117.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 1AD6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=
42 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
ecm3
s.amazon-adsystem.com/ Frame 8A01
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBNLY3PI-1Z-DNDJ
  • https://s.amazon-adsystem.com/ecm3?id=LBNLY3PI-1Z-DNDJ&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBNLY3PI-1Z-DNDJ&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JPHB86KA971RGF9M992Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBNLY3PI-1Z-DNDJ&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Expires
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame A8BE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7245065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
NwfSZpJ5_n1EMhCjNlrUAXhjKOl2AymqoyY4y54CVHpSBP6IrvO60A==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138415583330&pubOrder=2553375348&cb=1230848408&custom=index&custom3=168403511&adsafe_par&impId=d77383f8-7ba7-11ed-8019-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:c46abff1-1c71-25bb-8080-76d5138414f4,c:wLVuPv,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-j65hr,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.3344.300.250,am:i,cc:1124.3344.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1332,mot:0,app:0,maw:0,fm:tpZy7fV+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C1a1%7C1a2%7C1b*.10507%7C1b1%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1346,oid:dbf6c21d-7ba7-11ed-810d-128ac238c49f,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
app04.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c46abff1-1c71-25bb-8080-76d5138414f4&tv=%7Bc:wLVuPQ,pingTime:-2,time:1367,type:a,im:%7BpBlk:1357,sf:0,pom:1,prf:%7BbeA:539,beZ:540,mfA:1870,cmA:1870,inA:1870,inZ:1871,prA:1871,prZ:1881,si:1884,poA:1885,bl:1895,poZ:1895,cmZ:1895,mfZ:1895,loA:1902,loZ:1903,ltA:1905,ltZ:1905,mdA:540,mdZ:1849%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:1346%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1367,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1346,wc:0.0.1600.1200,ac:1124.3344.300.250,am:i,cc:1124.3344.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7fV+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C1a1%7C1a2%7C1b*.10507%7C1b1%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1346,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_3,google_ads_iframe_/5129/ndm.leader/local/north_3__container__,ad-block-300x250-2,newscorpau_ads-184,group_3_col-137subarea-2,group_3_col-137%5D,sinceFw:21,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
skeleton.gif
static.adsafeprotected.com/
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1237132/66865763/skeleton.gif?
  • https://static.adsafeprotected.com/skeleton.gif?
43 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.gif?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78a100131e7307c7f41d002b24b358c9ee7f690a16b73938ae787e9769e08ecc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 01:30:24 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7468619
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
lUbL6HWzJxJ3fpofmt70PQNxbU7DPJwi9uWwVMhHrrui5_oD4WZD3w==

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?
cache-control
no-cache
content-length
0
async_usersync
ib.adnxs.com/ Frame D781 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:21 GMT
AN-X-Request-Uuid
ef6e4477-8320-4801-9995-76f937c0280d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVuQR,pingTime:-10,time:1561,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671019641709%7C%7Ccf90ec6b03ba50e788d6c76759a1779a%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7C29b832e243639ec9e6154ad69c85b778%7C%7C505e3571b0d6679f3beb6d30061a28e9%7C%7C79ccf220080c412027c8d7227d08a794%7C%7C30703b8571c984e7f61039dca50a20d1%7C%7C5d1fa0de523eb0eda2d3409c337ee74e%7C%7C1663701684,im:%7Bpci:%7Btdr:1526%7D%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8A01 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1B8ZXC5QZXGC615J5S6Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8A01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOTFkzUEktMVotRE5ESg==
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOTFkzUEktMVotRE5ESg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOTFkzUEktMVotRE5ESg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 8A01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNLY3PI-1Z-DNDJ
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNLY3PI-1Z-DNDJ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 8E408D813DDB4D3AB4C9DBEDBC7EA8D8 Ref B: MEL01EDGE0809 Ref C: 2022-12-14T12:07:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXvyJQ4Qo2TkXsT4pmnKQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNLY3PI-1Z-DNDJ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8A01
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3a2f2ec0-b354-423a-9aed-1718f006b1d6&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 8A01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFlNDRmZDYzYjkyNjViZTRiNTc3MzBlNDNlNDc3ZmNkNzMxZTU4NA
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFlNDRmZDYzYjkyNjViZTRiNTc3MzBlNDNlNDc3ZmNkNzMxZTU4NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFlNDRmZDYzYjkyNjViZTRiNTc3MzBlNDNlNDc3ZmNkNzMxZTU4NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8A01
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YhWZM0KvyT9pn9dQ8UW6Csn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0lCULKFE2oJdNQQ1E0BDieHUsxZ.e7qLoKiQ3A--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0lCULKFE2oJdNQQ1E0BDieHUsxZ.e7qLoKiQ3A--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 14 Dec 2022 12:07:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0lCULKFE2oJdNQQ1E0BDieHUsxZ.e7qLoKiQ3A--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 8A01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQ9Nc0VSQbep3oJWkI3fvU&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQ9Nc0VSQbep3oJWkI3fvU&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDQ9Nc0VSQbep3oJWkI3fvU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 8A01
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=RlY67HejT2WpSrXFNrsXTw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RlY67HejT2WpSrXFNrsXTw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RlY67HejT2WpSrXFNrsXTw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Dec 2022 12:07:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8GXEA78CMC5EHWHAPNM0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=RlY67HejT2WpSrXFNrsXTw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c46abff1-1c71-25bb-8080-76d5138414f4&tv=%7Bc:wLVuRj,time:1458,type:e,im:%7BpWait:7%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1458,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1346,wc:0.0.1600.1200,ac:1124.3344.300.250,am:i,cc:1124.3344.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7fV+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C1a1%7C1a2%7C1b*.10507%7C1b1%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1b*,rmeas:1,rend:1,renddet:IMG.qs,siq:1346%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame A10E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZtFeEkdr-jkUd3809wX-yuyPj8p305xswpSLKk3rTFFffGYy2u6pCua-9iHJF0DhDqpe6hLBA-_7KUUVBwNgOO0U2J-SN81QWu9P__ovjWEyAwOQdtghgSwrobJ5N_t08XTAT5jqvX8W6mFnUymIrigrmYWVqH7dMPtdmM7MAyLZ3M28TrqjbAzXUdf_p-DFvd9PXB5rdVvBz7TsabFEZnjT_t_Wzh7fJCQqJTMXBQejAbz-rMIgtnFFE9cyfn0ZwqtlzxnDFO6xpIsXlNuDE1OiOVHsbHGq6qu1tmG-_ACgiFkV5yKcnAmsIbwUFFVOHvlhfbCVUgNgkMg&sai=AMfl-YQSdXFyOsb5D3TXpIdkwcp1-Yt73vl80dvsaG9x-Zp4TZ47oszitNMgL9MZYlg8Zx_yICyanuer2rIzxqv0MHS5DWW11Nja4Sjkyb2FoBSFWS7J-RuL8zfBdjhVsAJS&sig=Cg0ArKJSzJOdgPpfIPvZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A5EF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
53392
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Dec 2022 21:17:29 GMT
expires
Wed, 13 Dec 2023 21:17:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4126 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7245065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
5p6sJAq8MO5k1lfDtMY-zyeTYdgsTHcEX41dapSoyop_U4bUncd3kQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=168752591&placementId=5275743052&pubCreative=138348077551&pubOrder=2553375348&cb=1795119757&custom=index&custom3=168403511&adsafe_par&impId=d77383f6-7ba7-11ed-8019-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:7c6d12e5-7e2b-148b-5efa-513454d7f738,c:wLVuS4,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-g8tpn,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.6805.728.90,am:i,cc:436.6805.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1489,mot:0,app:0,maw:0,fm:tpZy7fZ+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C19*.10507%7C191%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1501,oid:dc0d302c-7ba7-11ed-b4ef-0eb52ccfe550,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7c6d12e5-7e2b-148b-5efa-513454d7f738&tv=%7Bc:wLVuSs,pingTime:-2,time:1525,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:392,beZ:393,mfA:1881,cmA:1881,inA:1881,inZ:1882,prA:1882,prZ:1889,si:1893,poA:1893,poZ:1902,cmZ:1902,mfZ:1902,loA:1911,loZ:1913,ltA:1916,ltZ:1916,mdA:393,mdZ:1853%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1501%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1525,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1501,wc:0.0.1600.1200,ac:436.6805.728.90,am:i,cc:436.6805.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7fZ+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C19*.10507%7C191%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1501,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_1,google_ads_iframe_/5129/ndm.leader/local/north_1__container__,ad-block-728x90-2%5D,sinceFw:23,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuSV,time:1754,type:e,im:%7BpLoad:1675%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1754,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B867~100%5D,as:%5B867~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:397,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7c6d12e5-7e2b-148b-5efa-513454d7f738&tv=%7Bc:wLVuT8,time:1567,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1567,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1501,wc:0.0.1600.1200,ac:436.6805.728.90,am:i,cc:436.6805.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7fZ+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C19*.10507%7C191%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:1501%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:21 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame B9A9 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 d14b1425e1938e6a7b583f77205097f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
age
7245066
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
-cXptY2sq5WUSn1q8kFPiwF7HNV0mDrUiCbg0ADS-G-24n80jEGDqQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=751815071&chanId=168752591&placementId=6092339753&pubCreative=138412295938&pubOrder=3070200390&cb=1771868052&custom=index&custom3=168403511&adsafe_par&impId=d77383f7-7ba7-11ed-8019-0ab5b06f5b88&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:d934e5cc-2929-1343-44d4-bfd5f8a1657e,c:wLVuVt,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-744bf54998-6txx5,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1124.580.300.250,am:i,cc:1124.580.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:515,mot:0,app:0,maw:0,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:526,oid:dcde636d-7ba7-11ed-876d-06545e77cb59,v:19.8.374,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.76.220 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-76-220.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVuVE,pingTime:0,time:536,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:536,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1124.580.300.250,am:i,cc:1124.580.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~100%5D,as:%5B20~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVuVH,pingTime:-2.1,time:1861,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1861,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1854~0%5D,as:%5B1854~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:275,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18.10507%7C181%7C19.10507%7C191%7C1a*.1237132-66865773%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a.d934e5cc-2929-1343-44d4-bfd5f8a1657e.17_10507%7C1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_2,google_ads_iframe_/5129/ndm.leader/local/north_2__container__,ad-block-300x250-1,newscorpau_ads-182,group_3_col-136%5D,sinceFw:46,readyFired:true,sis:477%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVuVW,pingTime:-2,time:554,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:207,beZ:208,mfA:722,cmA:723,inA:723,inZ:724,prA:724,prZ:730,si:733,poA:733,poZ:741,cmZ:741,mfZ:741,loA:747,loZ:748,ltA:761,ltZ:761,mdA:209,mdZ:707%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.254,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:555,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1124.580.300.250,am:i,cc:1124.580.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~100%5D,as:%5B39~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,slid:%5Bgoogle_ads_iframe_/5129/ndm.leader/local/north_2,google_ads_iframe_/5129/ndm.leader/local/north_2__container__,ad-block-300x250-1,newscorpau_ads-182,group_3_col-136%5D,sinceFw:28,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame A5EF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 19:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 19:16:48 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVuWs,time:586,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:586,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1124.580.300.250,am:i,cc:1124.580.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B70~100%5D,as:%5B70~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuWD,pingTime:1,time:1984,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1984,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1097~100%5D,as:%5B1097~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:397,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuWD,pingTime:1,time:1984,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1984,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1097~100%5D,as:%5B1097~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:397,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuWD,pingTime:1,time:1984,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1984,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1097~100%5D,as:%5B1097~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:397,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVuWE,pingTime:1,time:1985,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1985,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1098~100%5D,as:%5B1098~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:397,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=10f861e9-81e4-c6e6-d9d1-4596bc73cea0&tv=%7Bc:wLVuXZ,pingTime:-10,time:2063,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671019641709%7C%7Ccf90ec6b03ba50e788d6c76759a1779a%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7C29b832e243639ec9e6154ad69c85b778%7C%7C505e3571b0d6679f3beb6d30061a28e9%7C%7C79ccf220080c412027c8d7227d08a794%7C%7C30703b8571c984e7f61039dca50a20d1%7C%7C5d1fa0de523eb0eda2d3409c337ee74e%7C%7C1663701684,sca:%7Bspg:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1px.gif
dcollector.bonzai.co/ Frame A10E 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjcxMDE5NjQyMTUyLCJmaSI6ZmFsc2UsInRrIjoiMWM4ZWZkYzBlNjRkNGZjZTlhZTI0NzY4ZWNmOTE5ZCIsImFkIjoiMjY2NjEyNDA5Nzc5MzA1NDUyIiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2NTkyMDc5MDYyOTMxNDY2NSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwibWVzc2FnZSI6IlBhZ2UgZnVuY3Rpb24gY2FsbGVkLCBkdHNNYWluIn0=&etc=0.9819813352619815
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-15.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:00:41 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
47202
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
k1ijJo_DsyLqRGDnZMfprIE50keGGc8pzVdXR2f649IWWf9ytRqALw==
rec
collector.bonzai.co/ Frame A10E 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2NzEwMTk2NDIxNTYsIm1vZGUiOiJsaXZlIiwidGsiOiIxYzhlZmRjMGU2NGQ0ZmNlOWFlMjQ3NjhlY2Y5MTlkIiwiYWQiOiIyNjY2MTI0MDk3NzkzMDU0NTIifQ==&etc=0.16031737492910114
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.32.211 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-32-211.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		70 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98a70fef75a51fbfb16e8853baa13786bef1ea391ce641449fa94fe117b0861f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/jpeg
83b92a54-12bc-4643-b316-8e7f3efc43c7_v1_5.png
massets.bonzai.co/ Frame A10E 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/83b92a54-12bc-4643-b316-8e7f3efc43c7_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3529e00f7f0e90a1f6fc46335f14a7401722626a1690e348b4ce9f4284e38e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"1bd8366cc450d2b15a2b5bdba721796f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
211802
x-amz-cf-id
RSM8JmzHqklRI4Im5soZ_UANyhXQMe5Dpd6iCCIjW1cd7y6gccLCiA==
4f3150d4-e19e-42b8-80d1-0a235ecaf475_v1_5.png
massets.bonzai.co/ Frame A10E 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/4f3150d4-e19e-42b8-80d1-0a235ecaf475_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be065df1b3835c39a1557184cd3047c5490e801751a3b353181d874cd577dc2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"823267a3f551dcec16e151a600d618d6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
161130
x-amz-cf-id
28-uKNhvtzcOjY02JcAYrFpwLvX9XSKAP_0QPYmRU7afCWWsDmOaaQ==
21b02289-8a8f-4e85-a503-6b3a3826b558_v1_5.png
massets.bonzai.co/ Frame A10E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/21b02289-8a8f-4e85-a503-6b3a3826b558_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
351cac7f8efdbcff15e58f5ba57decf8ccb00cf9a7a98cef26c0bf7874ec4eb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"df791c3797b5970ae49ed38a6da3c1fa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1473
x-amz-cf-id
WknekwIZQ4PEBGHrTN9rqjb0lNV6uRey-R81H0UI6VWWWFwQ_iP12g==
3f060894-5179-499d-bb4f-49015d2189b2_v1_5.png
massets.bonzai.co/ Frame A10E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/3f060894-5179-499d-bb4f-49015d2189b2_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc9a40449cfb8802861bf566130aed184ffa145c7a4418b5ff96463039faa5a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:12:08 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"b67d1837e5c9660b9d307a04891242fe"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2909
x-amz-cf-id
WLJoTHHhfG2u4_-UMqEM6qpj0JWifI-GqLylmBfsE1INwczaNNqq8w==
268ef0c0-a558-4be0-918c-71d02a97022a_v1_5.png
massets.bonzai.co/ Frame A10E 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/268ef0c0-a558-4be0-918c-71d02a97022a_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85e197ec859258caef2e62d8fd86008422d97d9881812e74d9379e2d11cc1398

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:12:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"abea1a44235b5d301018dd89723fadd5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
101493
x-amz-cf-id
_Y1HU9pwZrjq57fbbOCSHE8mT2DNjp40WgPZrdLnhtF99c8XL9a-EQ==
3d610a0c-ab0c-49ba-8cc7-d1e2002819e5_v1_5.png
massets.bonzai.co/ Frame A10E 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/3d610a0c-ab0c-49ba-8cc7-d1e2002819e5_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45249e7de6c73e8b9fe7c7497c3996fbfd48dcf7e2863424e802c1cd10d63197

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:05:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"ed29054242dbf47a9cf43a0e2418ed5b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
85865
x-amz-cf-id
hxiDGE6Qlhz-oYv7CYgAKS_yaBUSAmtbTo1BheXHxRn_EFkJl9Xkbg==
8efb782f-a6d5-4c5f-9973-340f4bf700af_v1_5.png
massets.bonzai.co/ Frame A10E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/8efb782f-a6d5-4c5f-9973-340f4bf700af_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36f63f2874b24074700f4d237cd1c153dfe8017d669f0d31fee99f1a598835bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"43fe207c93e70262c45898ed07cd70d7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11050
x-amz-cf-id
RAaq6Kele8sGgnuBmGcjahJTYBgcGnck0izHnc0UptCSsRD6JBanmg==
WWSUP6013_Xmas22_300x250_Wk7_halflegham.html
s0.2mdn.net/sadbundle/10664822726205636608/ Frame F26C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
a1d44a73478ed01b2a9f64ad315ad8bf8aa4040f369611d2114045aa6040f4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1668
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:22 GMT
expires
Thu, 14 Dec 2023 12:07:22 GMT
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C49A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN-b_VWkTtoL_nd3yoLXzqIsQFFspPruUMEklFHy5s6Dakl9TGB6C0Vn56bm9FUXDAz13cDzF0vEIeFlc3rCLN4I4Nk1rl5BvRjZzIaSohE7jc7zReziesg1g8l7zPjmogIrXuyYceOhlDyFN5LlJAK-0_-5bXPn3vAN8EUT7zqm-XMl2QhBa7eGN9BBrN&sai=AMfl-YQ5gUOef0-yK2TZKr_b6cW3Lv5Zm5umv8AN9MV9HLhOWzGg50hcCdTO5EsoS3TH92uWhKL27ajuaCq0e_fp4Xty8sL95VDAS95w8DzH&sig=Cg0ArKJSzOEXTYlQCwfsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=941&cbvp=1&cstd=933&cisv=r20221207.36352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:22 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=c46abff1-1c71-25bb-8080-76d5138414f4&tv=%7Bc:wLVuZy,pingTime:-10,time:1969,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671019641709%7C%7Ccf90ec6b03ba50e788d6c76759a1779a%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7C29b832e243639ec9e6154ad69c85b778%7C%7C505e3571b0d6679f3beb6d30061a28e9%7C%7C79ccf220080c412027c8d7227d08a794%7C%7C30703b8571c984e7f61039dca50a20d1%7C%7C5d1fa0de523eb0eda2d3409c337ee74e%7C%7C1663701684,sca:%7Bspg:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame A5EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4DZKebyZY6PBAu6y4t4P0ua2-AEAAAAAOAHgBAI&bg=!bW6lbirNAAYgquz3AKo7ACkAdvg8WgzjLHqM6hLmvt9qAwGr2jNpq7D97HJ6BNPLECVpZhiiprofDAIAAABUUgAAAAJoAQcKAFeK1FV_CzJPfLcjr_Mw6DY5pVqBvhuoF5N9TxykJAuxCh04HnVeO5-YEwEFlcNlZJouQg2vH8V-QupSNaKB-I5c1tK5eK1TtIhUTyxl8xkhq8I5npt6usyZAvVUIZEYC2NIKOapYaZpV09SxFTvfhiTQEYsUCWQKPWIp2tqlBbD3FS_PISlfq6eJzfF_DZ2KgHuNS7vSnEU68lrKaOA5sSPJW8IX1ZekaYkkLGC1x0qLx_gsqxubj7RsGuR9HFfNZFO8zqAELYLGjsqF_kw8rasWoxOeH83PEGyqNQ6fa-tsXtZ6yhv3NhDZXZm2sBInOAQZLYZTCL_1M8SsjEssexbZCgV_ZjGE_oy6ohMcsr0lryEOMbgfHn4XDQHFDkWtAM5wijzclMsPXJebxVLUjJQqyV-TjmLNElEInEclL1yxrPxIqZ6qWuPnCL5OeUnlZsmOqQlY7wRlvneiRn7ig3Ge9aUMBbZsbXRVKI2b-26TPNtm26xMqkiIWyTkH3pZQ4ycVl6CAvG0NWZeHf8kfY_IJETd9i6NTe0BzTsx4x2BVxA7TRpm3zoxmUz5_3Qog0Hd9e_IOPzN-3wrW8_N-SxwkLsRaFrIwduArco65lk50KhcYiWocMq05S8BFVgUWWb2CzO6nR6y-FLiKJQn7-Wr4Y7RW0rgeq2iep8bAgrK16RhVmmaPCfo9B4Tg2qn1kNQ-ufSC8pbp8GOeCwWht5FHktFM9aKTUVjRwLsmZ9_TUqZWFwf5LDlzL2PW6pkCOpcG98WCPjiUFIwU9WnVyChSBYhIj6QclJPoTb-DW08sgN2fggTl-x_Yzu41iWO2dPnSKqh9lhxmrtnBAWzi9dBGsHmvbIsnzfMf9uGl6XMJrhVeBN7St-wll7ygnwam2_-D9WirKhFSlkH11XCw5jGI-PNr-gS1KwcZUHEEyS-W1j-peynelJjpHGNZSid2zL1Oco2faHkwdUQ0TumowyPzjvLgBXcZuFxT39zEZLFleKN1Bo3eFmK5OzpjiSSFFkfsTC_sk13g7f3bADaXSJHnCVD2hM-Kjp1F3glhWZu0vzRNfKSWbqVLon2gOkA0Fm5rljNQirbBMpMxR5RRMQc9KSDkpohuN-Xw9XG_ez
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F26C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 06:47:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19169
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Dec 2022 06:47:53 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame F26C 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.193.133 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-133.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:23 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:22:23 GMT
WWSUP6013_Xmas22_300x250_Wk7_halflegham.js
s0.2mdn.net/sadbundle/10664822726205636608/ Frame F26C 		134 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
d7f4171f40c7db2f13aca682fc67136269bd2f832e068b97eeb4aa6136c1d057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Dec 2023 12:07:22 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVv6u,pingTime:-10,time:2595,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671019641709%7C%7Ccf90ec6b03ba50e788d6c76759a1779a%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7C29b832e243639ec9e6154ad69c85b778%7C%7C505e3571b0d6679f3beb6d30061a28e9%7C%7C79ccf220080c412027c8d7227d08a794%7C%7C30703b8571c984e7f61039dca50a20d1%7C%7C5d1fa0de523eb0eda2d3409c337ee74e%7C%7C1663701684,sca:%7Bspg:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:22 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame F26C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
4468e54b7b0dbae3ac268e7b9d858a6e76ed4f07a1e0556cd5982d0265a55c50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
83b92a54-12bc-4643-b316-8e7f3efc43c7_v1_5.png
massets.bonzai.co/ 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/83b92a54-12bc-4643-b316-8e7f3efc43c7_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3529e00f7f0e90a1f6fc46335f14a7401722626a1690e348b4ce9f4284e38e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:53 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"1bd8366cc450d2b15a2b5bdba721796f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
211802
x-amz-cf-id
fOrCyqfzFCvQ_FpMp_xGJuoo5bs-9pp3XwiQTbHI9Vg7ndpXgfOZiA==
4f3150d4-e19e-42b8-80d1-0a235ecaf475_v1_5.png
massets.bonzai.co/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/4f3150d4-e19e-42b8-80d1-0a235ecaf475_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2be065df1b3835c39a1557184cd3047c5490e801751a3b353181d874cd577dc2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:57 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"823267a3f551dcec16e151a600d618d6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
161130
x-amz-cf-id
obaQixItCGr6ROIPzCav1z2ryQa5J_itR5oUCvczJ510amkvtiO7UA==
21b02289-8a8f-4e85-a503-6b3a3826b558_v1_5.png
massets.bonzai.co/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/21b02289-8a8f-4e85-a503-6b3a3826b558_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
351cac7f8efdbcff15e58f5ba57decf8ccb00cf9a7a98cef26c0bf7874ec4eb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:59 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"df791c3797b5970ae49ed38a6da3c1fa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1473
x-amz-cf-id
bUTw6Lkx9AioA-8kEX1k26tBACRAShipjOxYzY1vBs0-JpS7-1qN7g==
3f060894-5179-499d-bb4f-49015d2189b2_v1_5.png
massets.bonzai.co/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/3f060894-5179-499d-bb4f-49015d2189b2_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc9a40449cfb8802861bf566130aed184ffa145c7a4418b5ff96463039faa5a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:12:08 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"b67d1837e5c9660b9d307a04891242fe"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2909
x-amz-cf-id
miZgnjTMoP1VVPaYsH9yeBt-S_gUUOvwMMZ0ynijz0Lh9xfBD5cHYQ==
268ef0c0-a558-4be0-918c-71d02a97022a_v1_5.png
massets.bonzai.co/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/268ef0c0-a558-4be0-918c-71d02a97022a_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85e197ec859258caef2e62d8fd86008422d97d9881812e74d9379e2d11cc1398

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:12:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"abea1a44235b5d301018dd89723fadd5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
101493
x-amz-cf-id
DvZD9LX6rczyHIyvGpOEsnaZpmnOz7dvVzF_gtY3KuLfWdvvI0c-YQ==
3d610a0c-ab0c-49ba-8cc7-d1e2002819e5_v1_5.png
massets.bonzai.co/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/3d610a0c-ab0c-49ba-8cc7-d1e2002819e5_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45249e7de6c73e8b9fe7c7497c3996fbfd48dcf7e2863424e802c1cd10d63197

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:05:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"ed29054242dbf47a9cf43a0e2418ed5b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
85865
x-amz-cf-id
L-CulO9qheih_gKQ-nxZBPyzTHM9uGXpSWDkhx7TP6zXFgQz2uv_0A==
8efb782f-a6d5-4c5f-9973-340f4bf700af_v1_5.png
massets.bonzai.co/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/8efb782f-a6d5-4c5f-9973-340f4bf700af_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-94.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36f63f2874b24074700f4d237cd1c153dfe8017d669f0d31fee99f1a598835bf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 21:31:18 GMT
via
1.1 0da14962afa287e5ba55c7d30c902392.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 02:04:50 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
3076565
etag
"43fe207c93e70262c45898ed07cd70d7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11050
x-amz-cf-id
fZzUpAd-L-w0x2ooyJQwRSkbuncHl_Mf2Oh0hi_WhhJ1CM4kTn9MyA==
1px.gif
dcollector.bonzai.co/ Frame A10E 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjcxMDE5NjQyODA1LCJmaSI6ZmFsc2UsInRrIjoiMWM4ZWZkYzBlNjRkNGZjZTlhZTI0NzY4ZWNmOTE5ZCIsImFkIjoiMjY2NjEyNDA5Nzc5MzA1NDUyIiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2NTkyMDc5MDYyOTMxNDY2NSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwibWVzc2FnZSI6IlBhZ2UgcmVhZHksICoifQ==&etc=0.11495444877869954
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-15.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:00:41 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
47202
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
IUIaglVVD9XaYiqGlt4VNlNlAmOKvs_BvQp-kV9cOFbkyuS7nQ7LVg==
1px.gif
dcollector.bonzai.co/ Frame A10E 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjcxMDE5NjQyODIyLCJmaSI6ZmFsc2UsInRrIjoiMWM4ZWZkYzBlNjRkNGZjZTlhZTI0NzY4ZWNmOTE5ZCIsImFkIjoiMjY2NjEyNDA5Nzc5MzA1NDUyIiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2NTkyMDc5MDYyOTMxNDY2NSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwibWVzc2FnZSI6IlBhZ2UgcmVhZHksIGR0c01haW4ifQ==&etc=0.21478712680158596
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-15.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:00:41 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
47202
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
3bX6__53E7q1pevwRSU3pbdM-oR4XiF1dcHQHcvKQ5VVM-COpZivUA==
1px.gif
dcollector.bonzai.co/ Frame A10E 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjcxMDE5NjQyODM0LCJmaSI6ZmFsc2UsInRrIjoiMWM4ZWZkYzBlNjRkNGZjZTlhZTI0NzY4ZWNmOTE5ZCIsImFkIjoiMjY2NjEyNDA5Nzc5MzA1NDUyIiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2NTkyMDc5MDYyOTMxNDY2NSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwibWVzc2FnZSI6IlBhZ2UgbG9hZCwgKiJ9&etc=0.5660819688260343
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-15.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:00:41 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
47202
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
92ymoj46DwOgkO5_qjEpoKBlyCSAhgad4rQO_MSzLHEJyzFp4KrCqg==
1px.gif
dcollector.bonzai.co/ Frame A10E 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjcxMDE5NjQyODM0LCJmaSI6ZmFsc2UsInRrIjoiMWM4ZWZkYzBlNjRkNGZjZTlhZTI0NzY4ZWNmOTE5ZCIsImFkIjoiMjY2NjEyNDA5Nzc5MzA1NDUyIiwiY250IjoiZGl2Iiwic24iOiJERlAgKFBHKSIsInBsIjoiMjY2NTkyMDc5MDYyOTMxNDY2NSIsImNzIjoiIiwic2NyIjoiYm9uemFpX3NjcmlwdF8wIiwibWVzc2FnZSI6IlBhZ2UgbG9hZCwgZHRzTWFpbiJ9&etc=0.20531613500724766
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-15.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 23:00:41 GMT
via
1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
47202
x-amz-server-side-encryption
AES256
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
EJbVx6-H02RWrtje2begaM6chgK1oPuxnIQJATHKeS9HslMrwNlFnQ==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVvbN,pingTime:1,time:1537,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1537,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1021~100%5D,as:%5B1021~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:278,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,sis:767%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVvbO,pingTime:1,time:1538,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1538,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:278,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,sis:767%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVvbO,pingTime:1,time:1538,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1538,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:278,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,sis:767,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVvbO,pingTime:1,time:1538,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1538,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:278,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,sis:767,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame C49A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc8jRtE-iP8nDSlxh4qDZSdfpD9l0EFLmVUuTQm64tLqojo3-uY9bKuS5g_sQAhKi9jDT-wCLjpB1jyh3Yb1kKMfQbyiBu6es&sig=Cg0ArKJSzG3CJdTIU7A7EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=1224494890&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671019639077&rpt=3138&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVvgN,pingTime:1,time:3169,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:2166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:2166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2160~0,0~100%5D,as:%5B2160~300.250%5D%7D%7D,%7Bsl:i,t:2166,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:280,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18.10507%7C181%7C19.10507%7C191%7C1a*.1237132-66865773%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a.d934e5cc-2929-1343-44d4-bfd5f8a1657e.17_10507%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:477%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVvgN,pingTime:1,time:3169,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:2166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1003,o:2166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2160~0,0~100%5D,as:%5B2160~300.250%5D%7D%7D,%7Bsl:i,t:2166,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:280,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18.10507%7C181%7C19.10507%7C191%7C1a*.1237132-66865773%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a.d934e5cc-2929-1343-44d4-bfd5f8a1657e.17_10507%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:477%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 1AD6 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=7c6d12e5-7e2b-148b-5efa-513454d7f738&tv=%7Bc:wLVvlN,pingTime:-10,time:3344,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671019641709%7C%7Ccf90ec6b03ba50e788d6c76759a1779a%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7C29b832e243639ec9e6154ad69c85b778%7C%7C505e3571b0d6679f3beb6d30061a28e9%7C%7C79ccf220080c412027c8d7227d08a794%7C%7C30703b8571c984e7f61039dca50a20d1%7C%7C5d1fa0de523eb0eda2d3409c337ee74e%7C%7C1663701684,sca:%7Bspg:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F26C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:23 GMT
_300x250_Ribbons1.png
s0.2mdn.net/sadbundle/10664822726205636608/images/ Frame F26C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/images/_300x250_Ribbons1.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
e4397b21dfe8c3bd4f2d32c9cd296213221972667c8d08d56fe6f8d5a27edd33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:31:17 GMT
x-content-type-options
nosniff
age
48966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7135
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 22:31:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C49A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN-b_VWkTtoL_nd3yoLXzqIsQFFspPruUMEklFHy5s6Dakl9TGB6C0Vn56bm9FUXDAz13cDzF0vEIeFlc3rCLN4I4Nk1rl5BvRjZzIaSohE7jc7zReziesg1g8l7zPjmogIrXuyYceOhlDyFN5LlJAK-0_-5bXPn3vAN8EUT7zqm-XMl2QhBa7eGN9BBrN&sai=AMfl-YQ5gUOef0-yK2TZKr_b6cW3Lv5Zm5umv8AN9MV9HLhOWzGg50hcCdTO5EsoS3TH92uWhKL27ajuaCq0e_fp4Xty8sL95VDAS95w8DzH&sig=Cg0ArKJSzOEXTYlQCwfsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2459&vt=11&dtpt=1518&dett=3&cstd=933&cisv=r20221207.36352&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/leader/north?nk=63f9db231c59ebbd872907019369e6dc-1671019623
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C49A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxvWOk0PRxVBiUEiUEjv2FTSl83ZiDdk1dYjpk0Q_zbz0otRrapgiyShfVwIpBQ2iYZSKjsc0-DnKMJLN62zxiNHqcayC4WMWjrUcanrIhsfokSFIbrheqarK6XL388hw4p_mdLdJc4ibzBHVBnJuKtHpwDZErkN5TYUHIPQYv_rE-dHlYCAMRxKV6fERIoZoqKVEPj_PUR_ZdJpM-26_vx2feN_c_r0TqbtG1Q6rWs9g8fbJGiPeEMOCrmL731lnKsRucw2TtB6LgZTsu0OT9qlhb55qFOnbaoJlHa2442yhm82kHrpLGdrDH7BCXRm-axEDu-bj4laQSVw&sai=AMfl-YTw9o-42Kenyh4DJwpHEmAOqhros_49wrNcgDRsacesDl4kLO6dDdItrJjhyf2_FTG1eFPRo5yMMtBewsfqjVlYDgTxq7ylGOxG8v-cDhfX2sQfV7h369RPvH2CrT3Y&sig=Cg0ArKJSzNmg2pES7DI4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 14 Dec 2022 12:07:23 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9976 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83401309&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e1b8d78543d2b5efc9b50b49fe17f8731b5a332c770c1c7f64ca4d6583904dd9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 14 Dec 2022 12:07:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic1667795052595.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		488 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1667795052595.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
jCGTQi4_RFbdnA8OewUtWZX0YOSF.4hd
content-encoding
gzip
via
1.1 varnish
date
Wed, 14 Dec 2022 12:07:23 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
FXZ1RF8RBE8ZAY78
x-cache
HIT
content-length
87773
x-amz-id-2
+bdNMokYQM7Z5lM99eQR8hNT6ycg17weoWj1Z0nSQfq3CnP+x/2zLqG/PGgU9+rGtl9gXIdGPNs=
x-served-by
cache-syd10158-SYD
last-modified
Mon, 07 Nov 2022 04:24:13 GMT
server
AmazonS3
x-timer
S1671019644.947988,VS0,VE0
etag
"dc42a6bc14439dd64332b6ca8f523136"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
202722
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
683ee639979745f50883dab60b711c00501fb7da9681eca3875aefb953bcefb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11228
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 828B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:24 GMT
server
Kestrel
server-processing-duration-in-ticks
828431
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
Alaska_Xmas22_Bauble_21122.png
s0.2mdn.net/sadbundle/10664822726205636608/images/ Frame F26C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/images/Alaska_Xmas22_Bauble_21122.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
529510906614153cba79a187bb1aa98400a261d0c74add89b2082d8b2ec7beb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:31:17 GMT
x-content-type-options
nosniff
age
48967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8528
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 22:31:17 GMT
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 594D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 19:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 19:16:48 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVvru,pingTime:-10,time:2510,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS45OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1671019641709%7C%7Ccf90ec6b03ba50e788d6c76759a1779a%7C%7C0de43d4db49fea79bddae584752a1e87%7C%7C29b832e243639ec9e6154ad69c85b778%7C%7C505e3571b0d6679f3beb6d30061a28e9%7C%7C79ccf220080c412027c8d7227d08a794%7C%7C30703b8571c984e7f61039dca50a20d1%7C%7C5d1fa0de523eb0eda2d3409c337ee74e%7C%7C1663701684,sca:%7Bspg:f7fe6a94-cafe-c26a-5856-8b1a3b1d5045%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:24 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 12:07:24 GMT
aus_pork_pnplockup_RGB.png
s0.2mdn.net/sadbundle/10664822726205636608/images/ Frame F26C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/images/aus_pork_pnplockup_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
cdb15b207ef64c36bdca22f99faaf39412a3e7eecd6f13415531d78940fc42c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:31:17 GMT
x-content-type-options
nosniff
age
48967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8912
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 22:31:17 GMT
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTggU2FmYXJpLzUzNy4zNiIsInNlc3Npb25fcGxhdGZvcm0iOiAiV2luMzIiLCJwYWdlX3RpdGxlIjogIk5vcnRoIHwgTGVhZGVyIE5ld3NwYXBlcnMgTm9ydGggTWVsYm91cm5lIHwgTG9jYWwgQ29tbXVuaXR5IE5ld3MgVklDIHwgUHJlc3RvbiBMZWFkZXIgfCBOb3J0aGNvdGUgTGVhZGVyIHwgV2hpdHRsZXNlYSBMZWFkZXIgfCBNZWxib3VybmUgTGVhZGVyIHwgRGlhbW9uZCBWYWxsZXkgTGVhZGVyIHwgSGVyYWxkIFN1biIsInBhZ2VfdXJsIjogImh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvbGVhZGVyL25vcnRoIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NzEwMTk2NDQyMDQiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE4NTEwODg0NTFlYjItMGMyNTljYTkwMTc3ZjEtMWIzYjNhNzUtMWQ0YzAwLTE4NTEwODg0NTFmYjI1IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXN5ZDEiLCJhY2NvdW50SWQiOiAxMzIyMjIsInVybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1L2xlYWRlci9ub3J0aCIsIndlYnNpdGVJZCI6IDEzMjIyNCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJtZF9pc1N1cnZleVN1Ym1pdHRlZEluU2Vzc2lvbiI6ICIiLCJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYjAxNS0yYWE5LTY1ZTYtNjRiMC1lZTg2LWJjMzgtNjAxNC1lYTQ2Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NzEwMTk2NDQxOTkiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMzQxMSwia2FtcHlsZV92ZXJzaW9uIjogIjIuNDguMCIsIm9uc2l0ZV92ZXJzaW9uIjogIjIuNDguMCIsImhpc3RvcnlfbGVuZ3RoIjogMiwiZXZlbnRfbG9jYWxfdGltZXN0YW1wIjogMTY3MTAxOTY0NDIwNCwicG9zaXRpb24iOiBudWxsLCJpc1VzZXJJZGVudGlmaWVkIjogZmFsc2V9Cl19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-j8hx
date
Wed, 14 Dec 2022 12:07:24 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
content-length
0
x-application-context
application:9090
match
c1.adform.net/serving/cookie/ Frame 8299
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 14 Dec 2022 12:07:25 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 14 Dec 2022 12:07:25 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B6AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1&gdpr=0&gdpr_consent=
1 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 14 Dec 2022 12:07:24 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5m8dAAAAFehmgN1&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10125-SYD
x-timer
S1671019644.311760,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame CFB6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3968828280703796370&gdpr=0&gdpr_consent=
42 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3968828280703796370&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
1deab488-7470-4c45-9a6e-fcfa68b50dff
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Dec 2022 12:07:24 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3968828280703796370&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.64; 173.245.209.64; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame A80D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC
42 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 14 Dec 2022 12:07:24 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 298C
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6mom2gd9eb
1 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6mom2gd9eb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Wed, 14 Dec 2022 12:07:25 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=y6mom2gd9eb
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
usersync.aspx
dis.criteo.com/dis/ Frame 7E3F 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:23 GMT
expires
Wed, 14 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
288350
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5FE3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y21bpzuAR85gMki8Gwl1pq310UA
42 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y21bpzuAR85gMki8Gwl1pq310UA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Dec 2022 12:07:25 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Y21bpzuAR85gMki8Gwl1pq310UA
SPug
image4.pubmatic.com/AdServer/ Frame 9976
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=82e46399-bc79-4e00-9098-3e1494e0ed32
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=82e46399-bc79-4e00-9098-3e1494e0ed32
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 14 Dec 2022 12:07:24 GMT
Server
MT3 180 1fd3e2d master nrt-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=82e46399-bc79-4e00-9098-3e1494e0ed32
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 14 Dec 2022 12:07:23 GMT
458249.gif
idsync.rlcdn.com/ Frame 9976
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=1D8ACF3E-7D16-4AD4-9D49-181320D60310
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDFEOEFDRjNFLTdEMTYtNEFENC05RDQ5LTE4MTMyMEQ2MDMxMBAAGg0I_PjmnAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7219b131cbba57ae5cd8a39999bb05f892b77e804ba735ded063d3f80347bcd4791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3MjE5YjEzMWNiYmE1N2FlNWNkOGEzOTk5OWJiMDVmODkyYjc3ZTgwNGJhNzM1ZGVkMDYzZDNmODAzNDdiY2Q0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3MjE5YjEzMWNiYmE1N2FlNWNkOGEzOTk5OWJiMDVmODkyYjc3ZTgwNGJhNzM1ZGVkMDYzZDNmODAzNDdiY2Q0NzkxNDI2YjU0MTdkY2UyMRAAGgwI_fjmnAYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=a59bd0af-2fbf-4594-9300-46a2243f76fc
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=a59bd0af-2fbf-4594-9300-46a2243f76fc
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=a59bd0af-2fbf-4594-9300-46a2243f76fc
date
Wed, 14 Dec 2022 12:07:26 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9976
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=1D8ACF3E-7D16-4AD4-9D49-181320D60310&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RVfuIitE2uWDV6.mvpp6lnitriSUBaU-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RVfuIitE2uWDV6.mvpp6lnitriSUBaU-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-RVfuIitE2uWDV6.mvpp6lnitriSUBaU-~A&gdpr=0&gdpr_consent=
date
Wed, 14 Dec 2022 12:07:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 9976
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4033d73b-f5d5-43c0-962f-74e120b694d2&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c1a40f26-864b-4501-b9e8-f8047a90ce51&gdpr=&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c1a40f26-864b-4501-b9e8-f8047a90ce51&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c1a40f26-864b-4501-b9e8-f8047a90ce51&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 14 Dec 2022 12:07:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9976
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5521857733821939844
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5521857733821939844
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 14 Dec 2022 12:07:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5521857733821939844
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9976
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7060091950274067243&gdpr=0&gdpr_consent=&us_privacy=
1 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7060091950274067243&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 14 Dec 2022 12:07:24 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7060091950274067243&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4449 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
369346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 05:31:38 GMT
expires
Sun, 10 Dec 2023 05:31:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2D29 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f99.1e100.net
Software
GSE /
Resource Hash
72afd644bb140458f9cd4006a56f1e46d55361cb3ed49bd142ea3fa22c399e58
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9SdfFKdbNin7WUCOsY7Sig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-9SdfFKdbNin7WUCOsY7Sig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 12:07:24 GMT
expires
Wed, 14 Dec 2022 12:07:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
WM024040170438_1.jpg
s0.2mdn.net/sadbundle/10664822726205636608/images/ Frame F26C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/images/WM024040170438_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
c0fdaf9cacd1176108442ae8c3d8d40aabbecc317b596ca2b1e66369188a10f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:31:17 GMT
x-content-type-options
nosniff
age
48967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19929
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 22:31:17 GMT
json
gum.criteo.com/sid/ Frame 828B 		443 B
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=www.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
353ee94b022b8d58a4f133d410d98c0759e8dab0f2b16da17051bf4fa11f50e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1933658
expires
0
WWSUP5855_S12_HalfLegHam_Option_02_V4_OP3_LOWRES.jpg
s0.2mdn.net/sadbundle/10664822726205636608/images/ Frame F26C 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10664822726205636608/images/WWSUP5855_S12_HalfLegHam_Option_02_V4_OP3_LOWRES.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
be98c485891e815d1eff9ae2752f0d048c42846f76b8f9b1c8f6d92a0ea74490
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10664822726205636608/WWSUP6013_Xmas22_300x250_Wk7_halflegham.html?e=69&leftOffset=0&topOffset=0&c=IxWuTVl5XJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 22:31:17 GMT
x-content-type-options
nosniff
age
48967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33868
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 23:27:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 22:31:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2D29 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=4015033100179107&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
pagead2.googlesyndication.com/bg/ Frame 4449 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 19:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15878
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 19:16:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C49A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHPw28lVtntANrnNxo4xq6n8GIjEVYhJzNjDhr1Oe_htalMOaFWSALcMLhOV4cb5jFklEG4APmqOpnRQkbzcOrrUmLJQmOmh2xmEjBmk07q0dcWzHO&sig=Cg0ArKJSzA3_Im7sZ8q4EAE&id=lidar2&mcvt=1000&p=642,1130,892,1430&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=611518222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671019639077&rpt=4626&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4449 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WqhtcA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=4015033100179107&bg=!JSalJmLNAAYgquz3AKo7ACkAdvg8Wp5LJGeMNN31inTp5ztwMkKPEluufa1KsWSwkGgWjWUHTu2E4QIAAACRUgAAAAJoAQeZAtrUQR4HYdeb47ay3bOapO3_hPNmre7Y4VyBfMjM8zEkrxpVnx3JWGEJtq8kAZmsI9PiEcf2TEdYdsHIcoS6co-NwJLMLWAVHXOLLWrOT_xp27i-BNhMuCClTsktJUywYguq3yFCiuG6IxPL93D3BROFKX8KCkrH722SnTtsgjaZxYMLZFu1K2ooZok7bc-UFhozTCuMuje4obc_qWuTSJMdTXUgHIVSnfV-4Or2hxcKcvlbhDWbnH6yJr0SDgG9o_7vMz7GVVxL6WYeV84-jlXQKPdbOdggP5JzhCbRONsFjE6xAGXNDSH2d6Yo_1fxeQlAhHuH6nKyBJ1jWWxIIef_IfagclLU5SuOlwHEnwgaiWhDJhXYuR2muJv2H_qTg8SrPSjPdNXttRXgor7GCxpbiJTt6hzFU2Ayjw4ttPi2a68K6jVLiowrHMrmqxlKndV04u-fGJofcqlWCCeLwZvOjJNZ80RUfzXSs9anybWnjQrl-O1p5-RQMOZQkqsN5mK5lhhiX5SqzGVFmjF5LujHpx3MWiV9sfiEgeEnk8mCnf51SexKDXomUeygFkasbF-RUmb5vf1NEIEnn-cbsZdCfzoWwV21qynBdf41rpM3abqECNfWHbkcgRoMOYeaKrOoZbEQaldyiaFUXcK-swFhEHthU4tU3JZFl3I-a8Jr4VCQwqugB89YcHPxLQWnwsSpZVUYVB-K0XbKLL7f5ZeCxfGH5DU61yxdKBW0ZlZRZGUVtR4E9bCqNF5YxOTlRzij6tC2yS98nhGZGPHgtBBQcerIXsMfzDMCoYD0D-FPcV6fsTp0Ny9gNg76TiEzA8Y-hXwhqMFxcq9YCpWKWz8Sf8MCgBaVuMOVnAmEj7KBm90dUKcxqz7mkBMuPw5S5iX2OlxYKqLTGy-4gK2O5-GSy7wiRYNO5BVwfxgbD5v1D_MQvSFdYf-RYGiHctjxECmeAa6v4f12UPZW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVvZ6,pingTime:5,time:5981,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5981,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5094~100%5D,as:%5B5094~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:272,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:26 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=3dc35355-11ec-c911-a7e2-d620b5b18d4c&tv=%7Bc:wLVvZ7,pingTime:5,time:5982,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:904%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5982,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:904,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5095~100%5D,as:%5B5095~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:272,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C1613%7C17%7C18*.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:906,sis:1127%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:26 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 9976 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:07:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVwej,pingTime:5,time:5537,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5537,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5021~100%5D,as:%5B5021~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:299,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,sis:767%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:27 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=d934e5cc-2929-1343-44d4-bfd5f8a1657e&tv=%7Bc:wLVwej,pingTime:5,time:5537,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:525%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5537,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:525,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5022~100%5D,as:%5B5022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:299,fm:tpZy7z8+11%7C12%7C13%7C14%7C15%7C1611%7C1612%7C16131%7C16132%7C17%7C181%7C182%7C191%7C192%7C1a*.10507%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l11%7C1l12%7C1l13%7C1m%7C1n1%7C1o%7C1p%7C1q%7C1r%7C1s1%7C1t,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:526,sis:767%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:27 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVwji,pingTime:5,time:7168,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:2166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:2166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2160~0,0~100%5D,as:%5B2160~300.250%5D%7D%7D,%7Bsl:i,t:2166,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:271,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18.10507%7C181%7C19.10507%7C191%7C1a*.1237132-66865773%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a.d934e5cc-2929-1343-44d4-bfd5f8a1657e.17_10507%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:477%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:27 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1237132&asId=f7fe6a94-cafe-c26a-5856-8b1a3b1d5045&tv=%7Bc:wLVwji,pingTime:5,time:7168,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:28%7D,%7Bpiv:100,vs:i,r:,t:2166%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:2166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:1124.624.300.250,am:i,cc:1124.624.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2160~0,0~100%5D,as:%5B2160~300.250%5D%7D%7D,%7Bsl:i,t:2166,wc:0.0.1600.1200,ac:1130.642.300.250,am:i,cc:1130.642.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:271,fm:tpZy7cL+11%7C12%7C13%7C14%7C15%7C161%7C17%7C18.10507%7C181%7C19.10507%7C191%7C1a*.1237132-66865773%7C1b.10507%7C1b1%7C1c.10507%7C1c1%7C1d%7C1e1%7C1f%7C1g1%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n1%7C1o,idMap:1a.d934e5cc-2929-1343-44d4-bfd5f8a1657e.17_10507%7C1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:477%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.165.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-165-94.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 12:07:27 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2Fleader%2Fnorth&u=DRJAv0BV-velN0Boi&d=heraldsun.com.au&g=36976&g0=local%2Cnorth%2Cindex%2Cno_video&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7782&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&b=14792&t=D4RBLbB1QWuAC9GqXTLw5PCClOqZq&V=139&tz=0&_acct=anon&sn=2&sv=BLrDoRDidL6wCwJwg4B9bo1DDcBYrj&sd=1&im=062b0732&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.179.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-179-62.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 14 Dec 2022 12:07:30 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/6e39d5a9
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/q-xjwRJxMiW-jzldgg/1LL30t0zX7/FUc-Ej0B/FWYkC/UALIF4B
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2224d6a8d425c06df%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-1%22%2C%22254cf2c7d5e2582%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-1%22%2C%22263790f91ae48e2%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-2%22%2C%22270d3d83c300ea6%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&s=87745fe5-6435-4194-a192-903370b3d5ca&pv=dfc98b2b-56a9-4368-a88f-11baebc538d0&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Domain
au.audience.newscgp.com
URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=63f9db231c59ebbd872907019369e6dc&&bust=16710196364470.33524556536335015&errors-in-body=1

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| oncontentvisibilityautostatechange object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr undefined| $ function| jQuery function| admiral object| googletag function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| lazySizes object| ads_api function| algoliasearch function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| 4dm1r11545242527 object| app object| vidora function| vidoraTrackExtraElements object| vidoraHelper object| auth object| vidora_ns object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m object| KAMPYLE_EMBED object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent function| setImmediate function| clearImmediate object| ID5 number| interval function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| brandmetrics function| __assign function| __spreadArrays object| _brandmetrics object| ggeac object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| npt object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts object| atsenvelopemodule object| ats object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig boolean| excludeKargo object| adUnits object| pbjs object| __iasPET object| kw_ignore function| pbjsChunk object| _pbjsGlobals object| apsUnits object| nca_ipsos object| dm function| omrhp boolean| isAlloyConfigured undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents function| GeaLoader object| Criteo object| diagPixSentCodes object| __iasAdRefreshConfig object| ajax object| instance object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| DotMetricsInitScript object| DotMetricsSettings object| UrlCache object| SUBSCRIPTIONS object| SWG object| DotmetricsJSON object| CryptoJS object| DotMetricsObj string| s_tnt function| cookieWrite function| cookieRead string| g function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global boolean| apstagLOADED object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 undefined| oneTagObj function| ebDecode object| bsResponseObj function| __IntegralASAdPush object| categoryData object| googDdmPs object| __IntegralASExec object| GoogleGcLKhOms object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK object| KAMPYLE_INTEGRATION object| cooladata object| google_image_requests

172 Cookies

Domain/Path Name / Value
.heraldsun.com.au/leader Name: nk
Value: 63f9db231c59ebbd872907019369e6dc
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 63f9db231c59ebbd872907019369e6dc
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1671019623
.heraldsun.com.au/ Name: nk
Value: 63f9db231c59ebbd872907019369e6dc
www.heraldsun.com.au/ Name: lux_uid
Value: 167101963177753476
.heraldsun.com.au/ Name: bm_sv
Value: BFF8160C160AEE295A728C84A451C2D6~YAAQ3V8yuGNYzwmFAQAABBmIEBIBY26oDxXFwMelGvpA6j53p3fLNO0CIY9gRG84zNFF8xZuyd8Z12aWjoLngM4Sf889198uFKIXHOEqn8tFJ7V9orWZwoF8eODGY3xW+HehbKWrh1YQX4/ktKvvJ6+TbKSGLgyECsK0JtDOMRabv12W80L+e1EHrzm7ykZ9s0dhbhfd37gdcuutXqy9YaAG97wgjDn9L9yweZqmB8JCA02MGV1dtb+aEN0zFI/QZjP6c1mq~1
www.heraldsun.com.au/ Name: AWSALB
Value: uZmx10YBMHjr769YERer7cLlFRBCiPv2P4r7jF5mc+cAOYUPSQDecbYN8k3aTHqs0OYYBFnEFYtz1hPY9NYNIeohF/dELMhGX4JQzWecdunZ2h5mVvOkAIAFpU1P
.heraldsun.com.au/ Name: ak_bmsc
Value: 243C4461CF869A7FBB08029885FB0BD8~000000000000000000000000000000~YAAQ3V8yuHdYzwmFAQAAGR2IEBKAYjNwCw3y0rBaaTzwdzlE5/LUQOAQG40K88sm6a6igeiUPDBwNRkhBl9KaA0mpxMHgqP/uG62g966iRk/tWQffQKw0frr9izM0KIrLAi1kE3JzWDeK837dIQ33/ZjnVBLdSkf7xjCXGLcuWfWwz6SINpAyuH3weUMmWjayQHpqhK2BiK2iY9kqbsaiNjuHwJgh6sQX8IUKDFYdkz7Ldld72n4fww2he4a8fKqFz17pvPc75nlHTa43aPJIbLjBEM7kLa8vu1fElJ6nQfWQTaqUa1eFcFg+HGOIdWqErgqW3cLFEj7XfxwQFNqCeMHE8sk5mdNYnXj+pZ7I0ZdpIMvIrLsZHaPBAqXidbKFiTX+oCKAvHbCSU9BNH6bHHl55MMXzJwwlvkR06g7LeDqR9rcmZRZ8USxi1Jrz2QcmH1uLJEKmTOrU3Es8omf9Ebbo6fEt2PFR9x/IYNGpPDcUK8BpZjP9+BJlUXqpfT+Q==
www.heraldsun.com.au/ Name: AWSALBCORS
Value: uZmx10YBMHjr769YERer7cLlFRBCiPv2P4r7jF5mc+cAOYUPSQDecbYN8k3aTHqs0OYYBFnEFYtz1hPY9NYNIeohF/dELMhGX4JQzWecdunZ2h5mVvOkAIAFpU1P
.heraldsun.com.au/ Name: utag_main
Value: v_id:018510881e40001dd291499d8caf03073002906b00b08$_sn:1$_se:1$_ss:1$_st:1671021434241$ses_id:1671019634241%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.05867095245164622
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Ad89d0f40-7ba7-11ed-bcbe-4d4b93598ebd.bMwVAD5YOGmQkgDEdpzRcUTHeNN5JgLp8lENKwygWGg
.heraldsun.com.au/ Name: _cb
Value: DRJAv0BV-velN0Boi
.heraldsun.com.au/ Name: _chartbeat2
Value: .1671019634912.1671019634912.1.BLrDoRDidL6wCwJwg4B9bo1DDcBYrj.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _awl
Value: 3.1671019634.0.5-9e8a686be5e49b14003fc889498f82a8-6763652d617369612d6561737431-0
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncid
Value: 7c619fd5f7d84952f9e68776555e61fc
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
www.heraldsun.com.au/ Name: vidoraUserId
Value: f0u8hsr4n52k5rb62vni2qurqj5h8t
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.demdex.net/ Name: demdex
Value: 42300691424879755994319697651390268285
.heraldsun.com.au/ Name: nol_fpid
Value: qnfd98g7lfchjq1kaktgjmsnc1b3o1671019636|1671019636064|1671019636064|1671019636064
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1671019636464.1797895039
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=f1024012-043a-42ca-ade0-85c05524ed6c&Created=12/14/2022 12:07:16&UserMode=0&guid=e800211d-6579-4e84-b190-cba0e872fca7&ver=1
ads.playground.xyz/ Name: connect.sid
Value: s%3ArstDsU6eQtk1b_Y65vIflWxAZHQ3VU52.CiKeHdho7pijH4Pef74Ngqbjaxf1I4rV%2BcVoadldpQo
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5m8dAAAAFehmgN1
.imrworldwide.com/ Name: IMRID
Value: da2eabc2-7ba7-11ed-a2bf-ede1e2fde8bb
.rubiconproject.com/ Name: khaos
Value: LBNLY3PI-1Z-DNDJ
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C42324559252405021974321814505107984999
.dpm.demdex.net/ Name: dpm
Value: 42300691424879755994319697651390268285
.id5-sync.com/ Name: 3pi
Value:
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13214
Value: 1
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19341%7CMCMID%7C42324559252405021974321814505107984999%7CMCAAMLH-1671624437%7C3%7CMCAAMB-1671624437%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C250294949%7CMCOPTOUT-1671026837s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19348%7CvVersion%7C5.1.1
.heraldsun.com.au/ Name: s_nr30
Value: 1671019637341-New
.heraldsun.com.au/ Name: s_tslv
Value: 1671019637342
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Clocal%7Cindex%7Cnorth
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_cc
Value: true
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: ea74128b-23d1-4d00-a421-14c6a735315f.1671019635.1.1671019637.1671019635.09ea014b-8a53-4937-8ff3-85249592677a
.adnxs.com/ Name: uuid2
Value: 3968828280703796370
mfad.inskinad.com/ Name: azk
Value: ue1-897a920615aa4f42bc4b677d4d8e9c94
mfad.inskinad.com/ Name: azk-ss
Value: true
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898
.heraldsun.com.au/ Name: aam_uuid
Value: 42300691424879755994319697651390268285
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: T37a3fWY7mZRZN4Q2bLbWSOW+yqNljqrB7ye0DRUyLUSk+qZRMGG4IXfed1nDCLOk932+Dg8RcIo2brMe+2OspWHlaPUIUpUfRKfPzmsZwpAkVEMwylv+uEjg6tt
.doubleclick.net/ Name: IDE
Value: AHWqTUmi_UuYTISAYSsiiLi74zrBbfMmRxN5Axn1GCGziGYd67qsOQUoWgEtt-qXJ_o
.adsrvr.org/ Name: TDID
Value: 3a2f2ec0-b354-423a-9aed-1718f006b1d6
.turn.com/ Name: uid
Value: 7060091950274067243
.id5-sync.com/ Name: id5
Value: 7852b3c0-8848-7857-b263-02a52642a455#1671019637045#2
.casalemedia.com/ Name: CMID
Value: Y5m8dv0N3AkSf0kz7V94TwAA
.casalemedia.com/ Name: CMPS
Value: 4747
.casalemedia.com/ Name: CMPRO
Value: 4747
.newscgp.com/ Name: sp
Value: 5bff41cf-f22e-4ab9-9522-6cae74e6d84c
.eyeota.net/ Name: mako_uid
Value: 18510882fc0-5ef60000010850cc
.eyeota.net/ Name: SERVERID
Value: 20684~DM
.scanscout.com/ Name: uid
Value: CI-80ae71e61dd2596d9afd1e3736967cb9
.scanscout.com/ Name: UIAA
Value: 42300691424879755994319697651390268285
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1671019638701"
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY0MjMyNDU1OTI1MjQwNTAyMTk3NDMyMTgxNDUwNTEwNzk4NDk5OVIPCO3foITRMBgBKgRTR1Az8AHt36CE0TA=
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: sgp3
.heraldsun.com.au/ Name: __gads
Value: ID=4e2e6a8a6c6f5c7b:T=1671019638:S=ALNI_MbwrC7kAVBSHdLSg15Q3L8MZUtYsg
.heraldsun.com.au/ Name: __gpi
Value: UID=00000b902ee90b73:T=1671019638:RT=1671019638:S=ALNI_MbxzJd65st-c93AsJt6Q9PhEFEapg
.bluekai.com/ Name: bku
Value: pSL99cSXZV1fT3/P
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004c3mCEI0_
.serving-sys.com/ Name: G4
Value: 0009fM00Jo_
.serving-sys.com/ Name: OT2
Value: 0001DC1rJY
.serving-sys.com/ Name: u2
Value: eb9843ad-b829-4626-bd6f-d66730fd8a874Kc050
.openx.net/ Name: i
Value: 9758f7be-443d-4299-901c-d1bd004b1f3b|1671019639
.demdex.net/ Name: dextp
Value: 358-1-1671019637194|470-1-1671019637295|481-1-1671019637396|771-1-1671019637497|903-1-1671019637609|19566-1-1671019637711|23728-1-1671019637813|30432-1-1671019637914|30064-1-1671019638015|66757-1-1671019638116|134096-1-1671019638217|144230-1-1671019638318|144231-1-1671019638419|144232-1-1671019638520|144233-1-1671019638620|144234-1-1671019638721|144235-1-1671019638822|144236-1-1671019638929|144237-1-1671019639135|147592-1-1671019639248|461447-1-1671019639349
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5m8dAAAAFehmgN1&KRTB&22978-Y5m8dAAAAFehmgN1&KRTB&23194-Y5m8dAAAAFehmgN1&KRTB&23209-Y5m8dAAAAFehmgN1
.amazon-adsystem.com/ Name: ad-id
Value: Ax8qALjt00Apsl18docG81w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.spotxchange.com/ Name: audience
Value: dc0177e9-7ba7-11ed-bf4e-1ce81dd60507
.krxd.net/ Name: _kuid_
Value: PQdkukaR
.adnxs.com/ Name: anj
Value: dTM7k!M4/YEVNsVF']wIg2In7o7Xyh!v2GQe!9nk00wnS<T7p8.S[-z/2p0#ljtvOj/=`^cE[>:PN@DHN3FR@PsXH%!)zH[4bVPY
.t.co/ Name: muc_ads
Value: 926d4853-afb8-417c-b8c3-c59e43cf0114
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.1044080340.1671019640
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.twitter.com/ Name: personalization_id
Value: "v1_BEDSxvva6lq8x6vvw3T8NA=="
.google.com/ Name: NID
Value: 511=TvCdxyJZHMhHYk4TUhdV7INVG7PF8norYOLppHIHkR6izu3yvzciLJqNBRyG0WNMzjzpi9PjUn7pKDS2TAvY67J8M_6_t74ZSvXyZxapHpNID-4Z5JMDIWJhSeec0v2uJESiEfmlcd1uLT6OcYeDoUZTwt2Tl3paJzIS1zLYpt0
.linkedin.com/ Name: li_sugr
Value: 3ae8d3d8-8461-43df-b4b2-97f8ceb50e90
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&121379d3-9eb5-4ea2-875f-0d773b254895"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2771:u=1:x=1:i=1671019641:t=1671106041:v=2:sig=AQFWS_jp6Ngn14BRunRJ9kX_8WbbajDj"
.linkedin.com/ Name: UserMatchHistory
Value: AQJjrVuQRd_V4wAAAYUQiDoA2bwN3GQaVbjlqvJYThdjuJf8HP-ya0DtBJHkXTprNmh4Yutt4FkzPw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIaKi62R4mKawAAAYUQiDoBZMQ3S7lCuyFYJ9L0RdCtcPXXz_VU5aCC7KbcWtBjQ_s8Y3SWbSB5Ll0MvgeBcQ
.brand-display.com/ Name: _knxq_
Value: af083bea-b4f1-2355-8b18426b.1671019641.0.1671019641.1671019641
.quantserve.com/ Name: mc
Value: 6399bc79-654b9-a9204-cddc2
.www.heraldsun.com.au/ Name: ln_or
Value: d
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1D8ACF3E-7D16-4AD4-9D49-181320D60310
.company-target.com/ Name: tuuid
Value: 92cbcfa8-fab1-483e-92d4-16e329911d88
.company-target.com/ Name: tuuid_lu
Value: 1671019641
.w55c.net/ Name: wfivefivec
Value: WgdYBSVT1P5qxH5
.yahoo.com/ Name: A3
Value: d=AQABBHm8mWMCEDQYngzIRT5cX9DmFt13A3EFEgEBAQENm2OjYwAAAAAA_eMAAA&S=AQAAAkXvita3edWj4zSV564lczY
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&202212141207216e882341-c275-4f4e-80a0-d83e4d4ed569AQGkrn7sDeQ08322OKq04jPnss3DhyLl"
.mathtag.com/ Name: uuid
Value: 82e46399-bc79-4e00-9098-3e1494e0ed32
.simpli.fi/ Name: suid
Value: 1C7E94711BF34045A348DA473DB4FC34
.w55c.net/ Name: matchcasale
Value: 5
.tapad.com/ Name: TapAd_TS
Value: 1671019641884
.tapad.com/ Name: TapAd_DID
Value: 985c1ea0-a3e2-4159-9bb1-4f344f74483c
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3a2f2ec0-b354-423a-9aed-1718f006b1d6&KRTB&22918-3a2f2ec0-b354-423a-9aed-1718f006b1d6&KRTB&23031-3a2f2ec0-b354-423a-9aed-1718f006b1d6
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEO664IgYOdJ3c3PaA6e5T8&KRTB&16514-CAESEEO664IgYOdJ3c3PaA6e5T8&KRTB&23025-CAESEEO664IgYOdJ3c3PaA6e5T8&KRTB&23386-CAESEEO664IgYOdJ3c3PaA6e5T8
.socdm.com/ Name: SOC
Value: Y5m8ecCo8YsAADF-hwQAAAAA
.bidr.io/ Name: bito
Value: AADwcU7HM3kAACFFL2fW0A
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:82e46399-bc79-4e00-9098-3e1494e0ed32&KRTB&16736-uid:82e46399-bc79-4e00-9098-3e1494e0ed32&KRTB&23019-uid:82e46399-bc79-4e00-9098-3e1494e0ed32&KRTB&23208-uid:82e46399-bc79-4e00-9098-3e1494e0ed32
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1C7E94711BF34045A348DA473DB4FC34
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: f92e695190f56b6579a03f849ff7c90d
.csync.loopme.me/ Name: viewer_token
Value: 658dd76c-9652-42e0-a48c-270caecfa3b8
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIvN6L9rj1rjsQBRIZCgpyaWdodG1lZGlhEgsI4umPjLn1rjsQBRIVCgZnb29nbGUSCwiG6J-RufWuOxAFEhYKB3J1Ymljb24SCwjSpa6aufWuOxAFEhQKBXRhcGFkEgsIwrO9oLn1rjsQBRgBIAEoAjILCMKrwM3P9a47EAU4AVoFdGFwYWRgAg..
.adsymptotic.com/ Name: U
Value: 249357f4249119862c02639b940e1393
.zemanta.com/ Name: zuid
Value: ToDyCtzL1ULv5jtSLCtz
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8364
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMI5Am2S4yVN4rUyebV3a1sthxQGyyN+099NAx3BjzOtTfy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe5ElgYJ7z+6k=
.dyntrk.com/ Name: dyn_u
Value: 07030002_6399bc7a3d451
.casalemedia.com/ Name: CMTS
Value: 4729
.heraldsun.com.au/ Name: s_tp
Value: 7782
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Clocal%257Cindex%257Cnorth%2C15%2C15%2C1200%2C1%2C6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: DPSync3
Value: 1672185600%3A197_201_245_226%7C1671062400%3A174%7C1671580800%3A164_248
.pubmatic.com/ Name: SyncRTB3
Value: 1671580800%3A223_2%7C1672272000%3A35%7C1671840000%3A63%7C1672185600%3A247_56_7_54_21_233_13_3_8_71_220_22
www.heraldsun.com.au/ Name: mdLogger
Value: false
www.heraldsun.com.au/ Name: kampyle_userid
Value: b015-2aa9-65e6-64b0-ee86-bc38-6014-ea46
www.heraldsun.com.au/ Name: kampyleUserSession
Value: 1671019644199
www.heraldsun.com.au/ Name: kampyleUserSessionsCount
Value: 1
www.heraldsun.com.au/ Name: kampyleSessionPageCounter
Value: 1
www.heraldsun.com.au/ Name: kampyleUserPercentile
Value: 39.74091176122154
.quantserve.com/ Name: d
Value: ELIBEgHnJ_ijC_vLEA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~28uc:18z8~28uc"
.criteo.com/ Name: uid
Value: 838c87d7-8000-48df-8167-dc42cada71d8
.heraldsun.com.au/ Name: cto_bundle
Value: 4SaM919ZaGN3OGxTOEglMkJ4VU9pbm55Q2xONmtFYUZtcms3cVp0eGR5WHdBY2NsQzFBTXZFMGRpVm80a3ZJWWZMaWdBeEhndENHJTJGbWRjaGNPQ0JubURDWVd3ZU5QdlhLTlVqM2xTekY5eXNHYzhHUXgyZmFWVWo5RkREbVlWdENGbUZEY2lXWU9tV1d3bmFHeWplNjVlYVpHejA1ZFRQMFRnNjI3RUZBbnVxRzMwU1V3JTNE
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3968828280703796370&KRTB&23339-3968828280703796370
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC&KRTB&19420-BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC&KRTB&22979-BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC&KRTB&23403-BqqSM1L6nDMdr54-UqCGawmrmz4d-s9uU6vTAtCC
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7060091950274067243&KRTB&23150-7060091950274067243
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: y6mom2gd9eb
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-y6mom2gd9eb
.rlcdn.com/ Name: rlas3
Value: v4TGduP9VgwynpZoDfz30vBKg56wx14Xik4pk1lEbUo=
.rlcdn.com/ Name: pxrc
Value: CP345pwGEgUI6AcQABIFCOhHEAA=
.bidswitch.net/ Name: tuuid
Value: c1a40f26-864b-4501-b9e8-f8047a90ce51
.bidswitch.net/ Name: c
Value: 1671019645
.bidswitch.net/ Name: tuuid_lu
Value: 1671019645
.adform.net/ Name: C
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-636d5ba7-3b80-47ce-6032-48bc1b0975a6.KI6DVqxKEeKg4HOJXSvzFcK4VL2XJwpGtrkrRNfKX%2Bc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AY21bpzuAR85gMki8Gwl1pq310UA.4ynwe0JC6OOznb01td6IqX2aYjjmGgvJO8n2AcjBy8Q
.pippio.com/ Name: did
Value: aG_XIN5XxlubFjcq
.pippio.com/ Name: didts
Value: 1671019645
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Y21bpzuAR85gMki8Gwl1pq310UA&KRTB&23334-Y21bpzuAR85gMki8Gwl1pq310UA&KRTB&23417-Y21bpzuAR85gMki8Gwl1pq310UA&KRTB&23426-Y21bpzuAR85gMki8Gwl1pq310UA
.adform.net/ Name: uid
Value: 2130940965993771854
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5521857733821939844&KRTB&23263-5521857733821939844
.pubmatic.com/ Name: PugT
Value: 1671019646
.pippio.com/ Name: pxrc
Value: CP745pwGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: SPugT
Value: 1671019646
.sportradarserving.com/ Name: zuuid
Value: 4033d73b-f5d5-43c0-962f-74e120b694d2
.sportradarserving.com/ Name: c
Value: 1671019646
.sportradarserving.com/ Name: zuuid_lu
Value: 1671019646
.linksynergy.com/ Name: rmuid
Value: a59bd0af-2fbf-4594-9300-46a2243f76fc
.linksynergy.com/ Name: icts
Value: 2022-12-14T12:07:26Z

10 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=572269364782.3491?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.heraldsun.com.au/leader/north
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2224d6a8d425c06df%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-1%22%2C%22254cf2c7d5e2582%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-1%22%2C%22263790f91ae48e2%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-2%22%2C%22270d3d83c300ea6%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&s=87745fe5-6435-4194-a192-903370b3d5ca&pv=dfc98b2b-56a9-4368-a88f-11baebc538d0&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2224d6a8d425c06df%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-1%22%2C%22254cf2c7d5e2582%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-1%22%2C%22263790f91ae48e2%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-300x250-2%22%2C%22270d3d83c300ea6%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.leader%2Flocal%2Fnorth%23ad-block-728x90-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2Fleader%2Fnorth&s=87745fe5-6435-4194-a192-903370b3d5ca&pv=dfc98b2b-56a9-4368-a88f-11baebc538d0&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://www.heraldsun.com.au/leader/north
Message:
Refused to execute script from 'https://static.adsafeprotected.com/skeleton.gif?' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23ee70882f63c0df24afee42ebec89f5.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
8jiojcdvkzv3gb9gsgk1k97we2m1t1671019636.nuid.imrworldwide.com
a.sportradarserving.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
b1sync.zemanta.com
beacon.krxd.net
bedsberry.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.speedcurve.com
cdn1.adoberesources.net
check.analytics.rlcdn.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
collector.bonzai.co
connect.facebook.net
content.api.news
csync.loopme.me
d.adroll.com
d.turn.com
dcollector.bonzai.co
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
invoke.bonzai.co
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
massets.bonzai.co
match.adsrvr.org
match.prod.bidr.io
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.mediaiqdigital.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
udc-neb.kampyle.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
www.northcoteleader.com.au
x.bidswitch.net
au.audience.newscgp.com
login.newscorpaustralia.com
syd-1-apex.go.sonobi.com
103.229.10.247
103.229.205.242
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.43.90.114
103.43.90.54
103.71.26.125
104.16.86.20
104.18.33.19
104.18.36.94
104.18.99.194
104.244.42.133
104.244.42.195
104.65.228.208
104.65.228.244
104.69.108.119
104.83.196.116
104.83.196.200
107.178.244.193
107.178.254.65
119.9.108.191
124.146.215.46
13.107.43.14
13.227.254.10
13.227.254.75
13.228.32.211
13.229.252.154
13.250.85.161
13.33.30.231
13.33.33.75
13.33.88.15
13.33.88.94
13.33.91.15
13.35.8.91
139.5.84.243
141.95.33.111
141.95.98.64
142.251.10.132
142.251.10.157
142.251.10.97
142.251.12.148
151.101.1.108
151.101.129.175
151.101.129.44
151.101.194.217
151.101.2.49
157.240.7.26
157.240.7.35
162.19.138.117
165.69.249.4
172.217.194.154
172.217.194.94
172.217.194.99
172.253.118.148
172.253.118.94
172.64.154.237
172.67.38.106
172.67.69.247
18.136.76.220
18.138.175.196
18.138.18.111
18.140.27.177
18.140.92.117
18.155.68.80
18.155.68.87
18.164.145.23
18.182.72.188
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
184.31.5.52
184.87.193.133
184.87.193.137
184.87.193.76
185.84.60.21
199.127.207.191
199.232.44.157
199.36.158.100
23.106.69.73
23.52.112.182
23.52.112.234
23.8.97.76
3.1.163.74
3.73.8.30
34.102.253.54
34.111.151.213
34.120.155.137
34.160.169.226
34.194.167.128
34.202.12.145
34.225.154.76
34.83.125.63
34.96.71.22
34.98.67.3
35.164.253.230
35.190.60.146
35.213.12.39
35.213.93.179
35.214.223.115
35.241.45.82
35.244.159.8
35.71.131.137
44.224.165.94
50.116.239.135
52.192.218.52
52.21.179.62
52.46.151.131
52.54.29.118
52.64.107.36
52.74.13.196
52.74.158.193
52.76.103.125
52.76.209.240
52.76.76.143
52.84.228.218
52.84.45.86
52.95.115.196
52.95.133.2
54.169.64.129
54.192.150.12
54.192.150.56
54.192.150.76
54.192.150.93
54.192.150.94
54.254.81.3
54.255.13.105
63.140.48.139
64.202.112.191
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.102
74.125.24.132
74.125.24.155
74.125.24.156
74.125.24.157
74.125.68.139
74.125.68.156
74.125.68.94
8.43.72.98
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0549b2d8d2e5358d7eeedeb94d7e8abe841b71f3e72be7c5df1fc24928b30506
055b6f859e6a487cd5a5a032212b43fde7c571da4e740a3c6107d84e0f19e2b6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08394d1cc5f0f3bcd2495532b0453cb6b4fbc4130114a2988c095b1b3d1f01d2
0b138b9fc239dca61b264d7ca5b7d504ec937f8817507b2de8004e6d731d39dd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c471babdb0403ea05134aa44b7af12ec103a13859350d0c6303d25ba2e88146
0d8644d72b8f16b913719b2af009007eac776388011f295c1be7fc97e882fe71
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e5ab66331e0a6257cfd46107440d1df79174281435e0486f0f9c6455055d29b
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e57e5159bea16f1debe2030efbe47a5b00e1d6a377e21701df624d5fab4b25
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
193d96c05528372b39166dc20a81de92535b0f7063f453cd6d4de2d2af938c02
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1ad4794a2327551b3b4c89fc345ca763c117d50a001fc64f050dd4ce1ef7ddfc
1af93a79baedcd0b0141f5ea252e90b09939df173357ac3dbcba632498e5385d
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e598350485430106ce15a2db0eefa83278a3ec8470a540711321e527c420188
1e5b8e36471f58025ddc9e4d36d2f3239b28c019326638c5b207aed348b457c5
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
24410676eb08d5eb735d4106f35c8e1de84e2c6d10e4f6b68222125d6a52da6a
24713e413b9683a29e14f18d8cfe3a6657f2d693c59aa833bc58706f490150c5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2be065df1b3835c39a1557184cd3047c5490e801751a3b353181d874cd577dc2
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2cf1a8c6afeb94be8e34ef91319bd29987ff3a1ccf02920e61b6cc901cb38878
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
309363ad08b7022b826822dd37f2633535a29ed25edd0248f28c5ee1909bd73f
30fab9f49823641970f46424df36577214afdc57957c502aa0fceb2ec15f3e54
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320461403493c494e9e7914f1eb19eb61cf6ce0b568819e9e66c11a85ab2b2ea
351cac7f8efdbcff15e58f5ba57decf8ccb00cf9a7a98cef26c0bf7874ec4eb0
353ee94b022b8d58a4f133d410d98c0759e8dab0f2b16da17051bf4fa11f50e7
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36a1d1c43e402933e481767a31986cd28968a959cd0fcfb614fa1b2da6a8b7cc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36f63f2874b24074700f4d237cd1c153dfe8017d669f0d31fee99f1a598835bf
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee38cb0c201c34e3410588f50f1a631224a0bb647096e46dc95179fba5d18e5
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
4181d8ab44fa35cdd205013c3d4e3f278a415c0a7ec525a7b6748fb52f9569ee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4468e54b7b0dbae3ac268e7b9d858a6e76ed4f07a1e0556cd5982d0265a55c50
45249e7de6c73e8b9fe7c7497c3996fbfd48dcf7e2863424e802c1cd10d63197
45447af3a3d15af287b0d9947462be3791908b3cf7004370ab6f36e15529b239
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ba7b05e1d859de4d8e8b14ca9d863bdf3320043de4e25e1f3bcd1e8f225173
495685aca6e93d344c2850b74703dc250cbe960fb54c2eaddc0107d9dbfaf3b9
4ad7a045aabb45ace692b33c8d1bf5870307315e9c82cb354cb518c8aa147a8d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dac27962abc535e8e0c5707e167d2fe63d16dbfda95ce820c6c8218796d24c1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e33994e519659f18f6e3253154999b4fa6f47192de0e16c47936fbe261b3100
4f09ae58e33cbd694d0f295f1c160484e2ceffb6facd7cec9fd6c6a8e3bf69ca
4f210a4df44a12a32cb361915e75e8d1ed852dc232ee6b5f721bf6c0ec4a54db
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5087cff911fe097c3c504d9a5560d16a0248ef7b0486469c7fdbb4b8bcd2f7eb
50a34a6dad2f4036910e5b2a97d6a52dba2fefa41465683840d70c6b0c0dc4ec
529510906614153cba79a187bb1aa98400a261d0c74add89b2082d8b2ec7beb0
53036bc29b4c9999f5b3aba99fbfdb5c9accc666936b060e528cacc91de04f7c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5740e7aa5b552ae1d9833e15253993a6a621dc8f0cac5b10d54acf57c9d2688d
57611ce2fab62138da89d56d9d72ba464aa342fef831c097b5f85a501d30d9ce
5a2bc3fda966c068e51a90fe3c79992975490738754cd8ccc37c0521f7701de8
5a66762056f44f9f77e2b5ff9f4d6c36406ba3abf1c6afb2759cbae6f6627fca
5b59dcd417f5de61b57ee737a9eeb7d124533a580114e97fbf42add0250368b2
5d9d7e78e22202af03b2d09ad31952e031e3423006cba4a29fd506c5664c7761
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6352cfb56c2aa49fd137a1b0339f71c569050d41b7e29e733611838f86919871
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
64bef2d8024ff0095b597adc6b85c3ea22a68bc266e7bd22d49d90e7abdefa82
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
683ee639979745f50883dab60b711c00501fb7da9681eca3875aefb953bcefb1
6941d9237dc0718036e837a1175a0b1e91329312e4cc9ef53cb65b0463d3c22e
69e87272b5c72666743af7fbcef8b8dcf0e747cea3803ddc841afb56b8a341c6
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0999b7b320afdff8edfd1456a44e57cf25d784bfcfc07f7c8de8957230e2ee
6c77d9fedc0a692cdb6cfd3f9f2d9ad7e38f17d11d5d860c86bee2357b1f4bec
6dfdd14cd064c99b26ba45bad5b5ddba6a3f531c0564c3959ca5e00cc94698b0
6f31e08174a2c5faf665d6cced153a270adb26d94cbf1812c5b4be5363e3f5ec
6f5027a750a9d2b386eb568d5cf4bac53889152cfdc77adc4ce69d7155789d02
72afd644bb140458f9cd4006a56f1e46d55361cb3ed49bd142ea3fa22c399e58
73d7194f51616ea395b52934db721b5cb4de766c0aaf33f05ea197379686654c
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912
757066733cc5808a89fa43b99da0148bc8fad6820af900f0ab67d6109ee1af11
785465b09f140b9b51cd3cd6df111c999e5ae3b678f1f4a034463ee62f04da56
78a100131e7307c7f41d002b24b358c9ee7f690a16b73938ae787e9769e08ecc
7a0e6f2a587632ff817b7752cf46be09649ec8e5b0288b1efcc59b54c67d984d
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
806316c78684b96dcfdbd7631f484c0e425af0df3e92adb929753d8e34e88116
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82abd351cc44ce888587e81355124ba7f09e06448c6218d0d37b028f85b5588b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84745e85a96d262b5058cbbc464e4aadc0d6d236c8a842f41a38183f26262912
85e197ec859258caef2e62d8fd86008422d97d9881812e74d9379e2d11cc1398
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
871692dfb0891aec6f11a20084973748da4f55804d2c982b1f6e10c4855fe7da
891c693ce3d3cf4785ef8ce23e9acad133d41dd2b4586d0a5f8d8b0571f913b7
899e334ecb2b93249a53e7a1117b2d29057c3fb11850d36e80d15bff4a51f7fa
8a2ec1469ad816a7b36e7195247805735e055d8c32da5c4cf408def7f321f2dd
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9830c3d94b28ad782192bfd1d133d597980ab1152c89ac9cb86e78e12fdbb657
98a70fef75a51fbfb16e8853baa13786bef1ea391ce641449fa94fe117b0861f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9965bf363728e3f90cb9b74a5133bf72d54794e515c94dc54f4c4774e86ca3b4
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0ea4c38ffbc3f0ae600a3aff4b808d1bb01500c2972aa95960609ca3d90898
9c81b0def31d443566cd071a3655b39a85ea7a0083e38adba8defd9e96e9cd5f
9f0d093219bd7805fddbcc0d995817517d4937817e8a24863f5ea62ea34121e8
9f20d92c37155a1281d057f626e58292ab336661e3586ddafeb6da1bb8f85e42
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10df9f8ee59afb5af7219469ec6b960dfe1e29e3b5fa1864da765dd6fa131ac
a1d44a73478ed01b2a9f64ad315ad8bf8aa4040f369611d2114045aa6040f4d6
a20b51d4ace7c3e44acc5b4ba618e97b461fb001f0836153e9c43c2188d74411
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
a96160db5ebc18f79c88fe9167a1e4d95faf078f67776f6de1bf1bbbee382e6b
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa3205673a8a0655f3e5024377e19fd23266537c705491a83117f03a8e7e78ff
aa56bc1974a96ad6cd86f82c22151c606edaa0d64d6041636ce0e48af52cbec2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acca6453f8999953a29eaf793aa58ac255482ba751c594c348c2f603ee280eeb
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae45753eb3dbc6d3e4f825abc89e5f5909a75d2d7d5a44592da02d71cb459d25
af007e90e6d1940a7dba9cdd796a4beb96ced55ee102d2f97cd2d0e101b0fb91
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b0a75ae03b6f43c5f0ea1710dcbe813458b4e677177e50974d9deb2521ebf73c
b0a8c3de7f270d648cc44d03823860788a1510bca352556006609c8a16ab309d
b0e3f8264efae0bccf0c34f32f588a6bc610df37a8a53552da41b76e9b1c7708
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5e1f5e47fcd4c4a4923cf617a5025ac465087f7c99384f3e45121c2b5d6c5e9
b759be2f28edc47ee78828f911826a4a9b510b07ee79019c2771ee993418baeb
b96ff06969da297f7641c31dbc0f86c4a21bf1e4f88b3c0148c77d8b7311a4e2
b97eb4dea71347c02545eb048ef7f39b6b09c9c955c027c0ba8686641d1f4d57
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be98c485891e815d1eff9ae2752f0d048c42846f76b8f9b1c8f6d92a0ea74490
c0db67b95ff72d7a67c24f38f9b8b8391fccdbf4aa8116c4a52a0dbe626fc9f5
c0fdaf9cacd1176108442ae8c3d8d40aabbecc317b596ca2b1e66369188a10f8
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c6ade056ebc802456d3ce84c008e16565a931f57a145295baf75810db9e18ba0
c8fe3b67d21eeb9f38a2084d60ede9a0ce9a57ce52b990b91eb9764e3b3138d3
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
caae56d59f9b1ca403ceec989e6e28662e88df29e90f29c4d5e80b57a182f166
cb805ed0f4abf2c0cd626b8cb5022191bce25dcae35c3dca265b174998600eac
cbdaa0d9ab150be50ea53f75a1d0ef126a96cf88511bbc00577be698db00fb9e
cc6537ce7817e5d29731bb346289b99035e47b3b99cdd53f52dd894d26ac2147
cc9a40449cfb8802861bf566130aed184ffa145c7a4418b5ff96463039faa5a3
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
cdb15b207ef64c36bdca22f99faaf39412a3e7eecd6f13415531d78940fc42c2
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf70e98a2c2ffcdaff8a147dbf8b7e7874558e52dbd5444d7eed56bcaa7abcf6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfdce298b842f59959bed7e6a0bedb581dc40e8945ee1c5a0a8b790f1ca5a1ff
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d253f7836bbd5af3c03201645e0c0eaae65af47b4d14a9e1fbe92cba78a3d3b2
d2a8c5c83246bd950db435c0e731cce2e75d50fefa7611d4d70d04f77b11a7c2
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d4a9b2e1495aff1c72b808d366bbc3cc6a43706e817befbb5aee91611f9884b3
d7f4171f40c7db2f13aca682fc67136269bd2f832e068b97eeb4aa6136c1d057
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
da7703b02caf19aa8b0d7431223134abe5ba64f8e2aeb5cd92c099073c9054af
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1b8d78543d2b5efc9b50b49fe17f8731b5a332c770c1c7f64ca4d6583904dd9
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4397b21dfe8c3bd4f2d32c9cd296213221972667c8d08d56fe6f8d5a27edd33
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecce55c5603a9c2f603746839939144b465549b1a374988b1619a4daba1f5d07
ee3529e00f7f0e90a1f6fc46335f14a7401722626a1690e348b4ce9f4284e38e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f0f91c310b3b2d42268941942f9bc0abacca8ea9e74968cb4d1f5d483d6834c1
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f2c45f3e3dc1a63d69c7efd2ed0de3d4484e1983369e8244449dabd21d2f3c55
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f330fa9c4e1ca4f8fa1832a764502525d52d020298b59e1a854157069e890823
f6a39d421bb662ccbf017ea3154baaa14f597b3709ffac41d988b71d2d4c7a37
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f948c330c0e25b79dfcb7a2f039dfa3af4ddacdbea9077cbfe722d438f09f5a4
f95b7963443c34a1f2e4ed5764702da71c60c54abab836064bdf63c75ef57d86
faba64e32eae3ab3d4321c6575978d7b7f379b712b61107b1aec26b3be4f372c
fbdf12aa1eb94ab45dd826b6349c4fd915ab7a585cbe8d4c68d46a68caa37043
fbe7ee8f135ef55b4d6780913308a31556251b7938a39a36c877239fee0ce5d3
fccce227d9a5f1459e45a4bc9912010b5ec2dd97f78b44ce21dfd53811b48fa6
fd114b5b0cf5c6cb24cd8251da4b77511ab6d252ad17f79fc91e5243dab5d83f
fd12bd2e9de2d64a7b7fb1adcb230c1dc2aeb0a59f93921aa65ebb08f13f26cb
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fec72676feb48045880ac7db884269bb0a4ddf1c622714818c644d2615c119b4