urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.207.36.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Submission: On September 23 via manual from IN — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 12 countries across 107 domains to perform 522 HTTP transactions. The main IP is 23.207.36.111, located in Jakarta, Indonesia and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 319578.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 39 23.207.36.111 16625 (AKAMAI-AS)
1 22 23.207.36.189 16625 (AKAMAI-AS)
1 151.101.194.217 54113 (FASTLY)
1 17 151.101.65.44 54113 (FASTLY)
1 192.0.66.122 2635 (AUTOMATTIC)
4 3.5.168.14 16509 (AMAZON-02)
1 52.84.251.73 16509 (AMAZON-02)
5 142.251.12.132 15169 (GOOGLE)
1 3 13.227.254.75 16509 (AMAZON-02)
1 172.64.133.15 13335 (CLOUDFLAR...)
3 34.160.46.16 15169 (GOOGLE)
2 7 141.226.229.48 200478 (TABOOLA-AS)
3 104.84.196.155 16625 (AKAMAI-AS)
4 23.207.36.241 16625 (AKAMAI-AS)
2 52.84.251.4 16509 (AMAZON-02)
11 52.84.45.86 16509 (AMAZON-02)
1 18 142.251.10.148 15169 (GOOGLE)
1 13.35.19.109 16509 (AMAZON-02)
2 157.240.235.1 32934 (FACEBOOK)
1 13.227.254.25 16509 (AMAZON-02)
2 52.221.16.11 16509 (AMAZON-02)
2 151.101.193.175 54113 (FASTLY)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 23.207.36.231 16625 (AKAMAI-AS)
17 49 172.217.194.156 15169 (GOOGLE)
3 13.225.2.118 16509 (AMAZON-02)
1 52.84.251.49 16509 (AMAZON-02)
2 104.26.7.155 13335 (CLOUDFLAR...)
2 42.99.140.187 4637 (ASN-TELST...)
3 13.224.250.80 16509 (AMAZON-02)
1 199.36.158.100 54113 (FASTLY)
1 15 35.167.146.49 16509 (AMAZON-02)
15 74.125.200.157 15169 (GOOGLE)
4 142.251.10.154 15169 (GOOGLE)
1 34.192.92.212 14618 (AMAZON-AES)
1 52.84.251.10 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
4 52.84.251.6 16509 (AMAZON-02)
1 20.50.2.28 8075 (MICROSOFT...)
4 54.206.8.238 16509 (AMAZON-02)
1 13.227.254.113 16509 (AMAZON-02)
1 13.224.250.29 16509 (AMAZON-02)
10 16 69.173.158.64 26667 (RUBICONPR...)
10 103.231.98.194 62713 (AS-PUBMATIC)
11 13 35.71.131.137 16509 (AMAZON-02)
1 2 209.191.163.208 14744 (INTERNAP-...)
1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.53 59253 (LEASEWEB-...)
1 34.204.58.250 14618 (AMAZON-AES)
1 1 182.161.73.146 55569 (CRITEO-AS...)
5 6 35.213.12.39 15169 (GOOGLE)
3 3 202.131.200.84 17941 (BIT-ISLE ...)
1 1 202.131.200.82 17941 (BIT-ISLE ...)
2 2 35.156.160.21 16509 (AMAZON-02)
2 4 34.98.64.218 15169 (GOOGLE)
1 2 52.223.2.229 16509 (AMAZON-02)
1 44.231.196.20 16509 (AMAZON-02)
1 31.220.27.155 39572 (ADVANCEDH...)
2 2 3.231.251.159 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
1 9 74.125.200.139 15169 (GOOGLE)
1 141.226.230.50 200478 (TABOOLA-AS)
3 157.240.235.35 32934 (FACEBOOK)
1 141.95.98.69 16276 (OVH)
2 54.87.77.212 14618 (AMAZON-AES)
4 10 104.254.151.69 29990 (ASN-APPNEX)
4 69.173.158.65 26667 (RUBICONPR...)
1 182.161.73.145 55569 (CRITEO-AS...)
1 103.231.98.193 62713 (AS-PUBMATIC)
2 34.102.253.54 15169 (GOOGLE)
2 8 104.18.18.126 13335 (CLOUDFLAR...)
11 54.169.222.109 16509 (AMAZON-02)
1 13.35.17.5 16509 (AMAZON-02)
2 18.139.71.162 16509 (AMAZON-02)
1 13.224.250.85 16509 (AMAZON-02)
1 52.33.194.179 16509 (AMAZON-02)
2 63.140.36.101 16509 (AMAZON-02)
1 1 3.1.235.254 16509 (AMAZON-02)
1 18.139.202.127 16509 (AMAZON-02)
3 141.95.98.65 16276 (OVH)
1 63.140.36.103 16509 (AMAZON-02)
2 3 50.116.239.135 6336 (TURN-US-ASN)
1 1 50.116.239.150 6336 (TURN-US-ASN)
4 13.35.15.213 16509 (AMAZON-02)
1 146.75.112.157 54113 (FASTLY)
1 42.99.140.192 4637 (ASN-TELST...)
2 142.251.12.97 15169 (GOOGLE)
2 151.101.193.108 54113 (FASTLY)
2 4 142.251.12.148 15169 (GOOGLE)
3 142.250.4.155 15169 (GOOGLE)
1 35.227.202.26 15169 (GOOGLE)
3 104.254.151.60 29990 (ASN-APPNEX)
3 23.207.36.196 16625 (AKAMAI-AS)
5 142.251.10.94 15169 (GOOGLE)
1 1 199.127.207.184 26120 (RHYTHMONE)
2 2 18.141.109.184 16509 (AMAZON-02)
1 1 3.231.177.24 14618 (AMAZON-AES)
1 52.12.199.59 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
1 1 23.207.37.206 16625 (AKAMAI-AS)
9 9 151.101.194.49 54113 (FASTLY)
5 6 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.102.194 13335 (CLOUDFLAR...)
3 14 104.18.19.126 13335 (CLOUDFLAR...)
1 13.227.254.80 16509 (AMAZON-02)
11 142.251.10.157 15169 (GOOGLE)
5 142.251.10.147 15169 (GOOGLE)
3 142.251.12.94 15169 (GOOGLE)
2 3.126.109.107 16509 (AMAZON-02)
6 8 52.74.162.2 16509 (AMAZON-02)
1 2 103.71.26.125 132134 (SPOTX-AS-...)
1 74.118.186.45 26120 (RHYTHMONE)
2 182.161.73.129 55569 (CRITEO-AS...)
7 142.251.12.113 15169 (GOOGLE)
1 74.125.130.155 15169 (GOOGLE)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 54.95.212.5 16509 (AMAZON-02)
1 23.207.36.240 16625 (AKAMAI-AS)
2 23.75.85.227 16625 (AKAMAI-AS)
1 103.231.98.196 62713 (AS-PUBMATIC)
4 7 52.46.155.104 16509 (AMAZON-02)
1 5 18.136.174.146 16509 (AMAZON-02)
2 2 35.247.47.28 396982 (GOOGLE-CL...)
1 1 34.111.151.213 15169 (GOOGLE)
1 52.76.80.16 16509 (AMAZON-02)
1 2 185.84.60.21 198622 (ADFORM)
2 2 103.229.206.241 30419 (MEDIAMATH...)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 ()
1 1 34.98.67.3 ()
3 103.231.98.195 62713 (AS-PUBMATIC)
2 2 13.230.152.89 ()
1 1 103.229.10.211 16509 (AMAZON-02)
2 3 54.239.38.253 ()
2 2 23.106.69.73 59253 (LEASEWEB-...)
1 54.169.170.163 16509 (AMAZON-02)
1 104.18.13.76 13335 (CLOUDFLAR...)
7 142.251.10.132 15169 (GOOGLE)
11 13.224.250.40 16509 (AMAZON-02)
5 54.169.224.149 16509 (AMAZON-02)
22 104.16.13.64 ()
1 1 52.77.147.158 ()
1 1 52.45.175.185 ()
3 3 174.137.133.49 ()
1 2 139.99.49.250 ()
6 13.224.250.113 ()
35 3.94.67.15 ()
2 182.161.73.136 ()
1 35.241.45.82 ()
522 128
39    23.207.36.111 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-111.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
22    23.207.36.189 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-189.deploy.static.akamaitechnologies.com
tags.news.com.au
resourcesssl.newscdn.com.au
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
17    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
widget.perfectmarket.com
trc.taboola.com
images.taboola.com
match.taboola.com
pips.taboola.com
1    192.0.66.122 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
origin.go.heraldsun.com.au
4    3.5.168.14 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
1    52.84.251.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-73.sin5.r.cloudfront.net
edition.pagesuite.com
5    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
3    13.227.254.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-75.sin52.r.cloudfront.net
sb.scorecardresearch.com
1    172.64.133.15 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    34.160.46.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.46.160.34.bc.googleusercontent.com
bedsberry.com
7    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sg-trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
3    104.84.196.155 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-196-155.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
4    23.207.36.241 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-241.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
2    52.84.251.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-4.sin5.r.cloudfront.net
assets.vidora.com
11    52.84.45.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-86.mrs52.r.cloudfront.net
static.adsafeprotected.com
18    142.251.10.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f148.1e100.net
ad.doubleclick.net
s0.2mdn.net
1    13.35.19.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-19-109.sin5.r.cloudfront.net
static.chartbeat.com
2    157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net
connect.facebook.net
1    13.227.254.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-25.sin52.r.cloudfront.net
au.tags.newscgp.com
2    52.221.16.11 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
pixel.zprk.io
2    151.101.193.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
1    172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.207.36.231 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-231.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
49    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
www.googletagservices.com
3    13.225.2.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-2-118.sin52.r.cloudfront.net
c.amazon-adsystem.com
1    52.84.251.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-49.sin5.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.7.155 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    42.99.140.187 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-187.pacnet.net
secure-ds.serving-sys.com
3    13.224.250.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-80.sin52.r.cloudfront.net
cdn-gl.imrworldwide.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
ts2020-indies-client.web.app
15    35.167.146.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-146-49.us-west-2.compute.amazonaws.com
dpm.demdex.net
15    74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net
pagead2.googlesyndication.com
4    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
googleads4.g.doubleclick.net
googleads.g.doubleclick.net
1    34.192.92.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-92-212.compute-1.amazonaws.com
ping.chartbeat.net
1    52.84.251.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-10.sin5.r.cloudfront.net
cdn.adsafeprotected.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    52.84.251.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-6.sin5.r.cloudfront.net
au-script.dotmetrics.net
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
4    54.206.8.238 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-8-238.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    13.227.254.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-113.sin52.r.cloudfront.net
ncg.tags.news.com.au
1    13.224.250.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-29.sin52.r.cloudfront.net
au.audience.newscgp.com
16    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
10    103.231.98.194 (Japan)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
13    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    23.106.127.53 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    34.204.58.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-58-250.compute-1.amazonaws.com
e1.emxdgt.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
6    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
3    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    202.131.200.82 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-tapi.admatrix.jp
2    35.156.160.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-160-21.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    44.231.196.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-196-20.us-west-2.compute.amazonaws.com
visitor.omnitagjs.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    3.231.251.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-251-159.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
9    74.125.200.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f139.1e100.net
news.google.com
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
1    141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    54.87.77.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-77-212.compute-1.amazonaws.com
mfad.inskinad.com
10    104.254.151.69 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    103.231.98.193 (Japan)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
8    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
11    54.169.222.109 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    13.35.17.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-17-5.sin5.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    18.139.71.162 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-71-162.ap-southeast-1.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    13.224.250.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-85.sin52.r.cloudfront.net
f0g6h1vavlivdekwpg159mmvwiov41663966140.nuid.imrworldwide.com
1    52.33.194.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-194-179.us-west-2.compute.amazonaws.com
newscorpau.demdex.net
2    63.140.36.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-101.data.adobedc.net
metrics.heraldsun.com.au
1    3.1.235.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-235-254.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    18.139.202.127 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-202-127.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    63.140.36.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-103.data.adobedc.net
edge.adobedc.net
3    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
r.turn.com
1    50.116.239.150 (United States)

ASN6336 (TURN-US-ASN, US)
d3273622690172371738-t3804033771104967681.id.amgdgt.com
4    13.35.15.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-15-213.sin5.r.cloudfront.net
js.adsrvr.org
1    146.75.112.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net
snap.licdn.com
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net
8228261.fls.doubleclick.net
3    142.250.4.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f155.1e100.net
www.googleadservices.com
1    35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com
au-gmtdmp.mookie1.com
3    104.254.151.60 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
3    23.207.36.196 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-196.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
5    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
1    199.127.207.184 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
2    18.141.109.184 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-109-184.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
1    3.231.177.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-177-24.compute-1.amazonaws.com
usermatch.krxd.net
1    52.12.199.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-199-59.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    23.207.37.206 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com
tags.bluekai.com
9    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
14    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    13.227.254.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-80.sin52.r.cloudfront.net
check.analytics.rlcdn.com
11    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
adservice.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
5    142.251.10.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f147.1e100.net
www.google.com
3    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.google.com.au
2    3.126.109.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-109-107.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
8    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    103.71.26.125 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
7    142.251.12.113 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net
play.google.com
1    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
adservice.google.com.au
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    54.95.212.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-212-5.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    23.207.36.240 (Jakarta, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-36-240.deploy.static.akamaitechnologies.com
js-sec.indexww.com
2    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    18.136.174.146 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-174-146.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    35.247.47.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com
um.simpli.fi
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    52.76.80.16 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-80-16.ap-southeast-1.compute.amazonaws.com
invoke.bonzai.co
2    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (None, )

ASN- ()
pippio.com
1    34.98.67.3 (None, )

ASN- ()
tags.rd.linksynergy.com
3    103.231.98.195 (Japan)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    13.230.152.89 (None, )

ASN- ()
pool.admedo.com
1    103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    54.239.38.253 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    23.106.69.73 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
gu.dyntrk.com
1    54.169.170.163 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-170-163.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    104.18.13.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
7    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
11    13.224.250.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-40.sin52.r.cloudfront.net
massets.bonzai.co
5    54.169.224.149 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-224-149.ap-southeast-1.compute.amazonaws.com
collector.bonzai.co
22    104.16.13.64 (None, )

ASN- ()
c.bannerflow.net
1    52.77.147.158 (None, )

ASN- ()
ads.yieldmo.com
1    52.45.175.185 (None, )

ASN- ()
im.bluevoox.com
3    174.137.133.49 (None, )

ASN- ()
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    139.99.49.250 (None, )

ASN- ()
onetag-sys.com
6    13.224.250.113 (None, )

ASN- ()
dcollector.bonzai.co
35    3.94.67.15 (None, )

ASN- ()
dt.adsafeprotected.com
2    182.161.73.136 (None, )

ASN- ()
gum.criteo.com
1    35.241.45.82 (None, )

ASN- ()
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 178
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 110246
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
261 KB
58 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 575
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3496
pixel.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com
495 KB
26 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 319578
origin.go.heraldsun.com.au
subscriptions.heraldsun.com.au
metrics.heraldsun.com.au
847 KB
24 google.com
news.google.com — Cisco Umbrella Rank: 5276
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 24
74 KB
24 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
token.rubiconproject.com — Cisco Umbrella Rank: 667
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3131
eus.rubiconproject.com — Cisco Umbrella Rank: 564
25 KB
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
118 KB
23 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 186708
massets.bonzai.co — Cisco Umbrella Rank: 193648
collector.bonzai.co — Cisco Umbrella Rank: 181713
dcollector.bonzai.co
467 KB
23 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 697
sg-trc-events.taboola.com — Cisco Umbrella Rank: 26307
images.taboola.com — Cisco Umbrella Rank: 1779
sync.taboola.com — Cisco Umbrella Rank: 1037
sync-t1.taboola.com — Cisco Umbrella Rank: 1309
match.taboola.com — Cisco Umbrella Rank: 2758
pips.taboola.com — Cisco Umbrella Rank: 1549
cds.taboola.com — Cisco Umbrella Rank: 1446
202 KB
22 bannerflow.net
c.bannerflow.net
239 KB
22 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum.casalemedia.com — Cisco Umbrella Rank: 1370
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
18 KB
18 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 690
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433
image5.pubmatic.com — Cisco Umbrella Rank: 50237
image2.pubmatic.com — Cisco Umbrella Rank: 883
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
image4.pubmatic.com — Cisco Umbrella Rank: 835
simage4.pubmatic.com
28 KB
17 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
js.adsrvr.org — Cisco Umbrella Rank: 1428
insight.adsrvr.org — Cisco Umbrella Rank: 624
16 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
newscorpau.demdex.net — Cisco Umbrella Rank: 66394
20 KB
16 api.news
content.api.news — Cisco Umbrella Rank: 42682
301 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com — Cisco Umbrella Rank: 432
33 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com
54 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
149 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
4 KB
13 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 51772
mhr.talk.news.com.au — Cisco Umbrella Rank: 702378
ncg.tags.news.com.au — Cisco Umbrella Rank: 94296
235 KB
11 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 60072
83 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
329 KB
10 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1036
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
2 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
www.linkedin.com — Cisco Umbrella Rank: 623
4 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
3 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2458
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6490
f0g6h1vavlivdekwpg159mmvwiov41663966140.nuid.imrworldwide.com
67 KB
6 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 70114
au.pixel.newscgp.com — Cisco Umbrella Rank: 128998
au.audience.newscgp.com — Cisco Umbrella Rank: 142688
49 KB
5 rlcdn.com
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3955
api.rlcdn.com — Cisco Umbrella Rank: 804
idsync.rlcdn.com — Cisco Umbrella Rank: 331
1 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
129 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1967
bs.serving-sys.com — Cisco Umbrella Rank: 1209
lm.serving-sys.com — Cisco Umbrella Rank: 1924
26 KB
4 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24554
adservice.google.com.au — Cisco Umbrella Rank: 97372
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 650
us-u.openx.net — Cisco Umbrella Rank: 396
612 B
4 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 688
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com
7 KB
4 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 38507
39 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1122
id5-sync.com — Cisco Umbrella Rank: 463
20 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1002
23 KB
4 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 978457
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
60 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 128
48 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 1042
ad.turn.com
r.turn.com
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
306 B
3 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3148
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3283
collector.brandmetrics.com — Cisco Umbrella Rank: 3593
17 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4494
udc-neb.kampyle.com
87 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 106093
28 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
3 KB
3 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
18 KB
2 onetag-sys.com
onetag-sys.com
959 B
2 e-volution.ai
rtb2-useast.e-volution.ai
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1315
1 KB
2 admedo.com
pool.admedo.com
1 KB
2 pippio.com
pippio.com
717 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
57 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 492
467 B
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1103
beacon.krxd.net — Cisco Umbrella Rank: 513
529 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 961
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
92 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3623
404 B
2 inskinad.com
mfad.inskinad.com — Cisco Umbrella Rank: 23442
14 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
826 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
740 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 877
1 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 16772
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 15230
6 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 76006
3 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3573
32 KB
1 adkernel.com
dsp.adkernel.com
541 B
1 bluevoox.com
im.bluevoox.com
573 B
1 yieldmo.com
ads.yieldmo.com
511 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
181 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
543 B
1 linksynergy.com
tags.rd.linksynergy.com
390 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1727
367 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
99 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 511
490 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
396 B
1 t.co
t.co — Cisco Umbrella Rank: 489
377 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 29849
698 B
1 mookie1.com
au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 310341
641 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 613
15 KB
1 amgdgt.com
d3273622690172371738-t3804033771104967681.id.amgdgt.com
386 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 7004
832 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1406
lbs.eu-1-id5-sync.com Failed
334 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
464 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
46 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1057
385 B
1 admatrix.jp
sync-tapi.admatrix.jp — Cisco Umbrella Rank: 95675
529 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1308
67 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649
696 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
729 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220
201 B
1 web.app
ts2020-indies-client.web.app — Cisco Umbrella Rank: 83178
3 KB
1 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 6003
44 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 30792
20 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317
24 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 884
12 KB
1 pagesuite.com
edition.pagesuite.com — Cisco Umbrella Rank: 94219
51 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5641
7 KB
0 sonobi.com Failed
syd-1-apex.go.sonobi.com Failed
0 mediarithmics.com Failed
cookie-matching.mediarithmics.com Failed
522 107
Domain Requested by
35 dt.adsafeprotected.com www.heraldsun.com.au
29 cm.g.doubleclick.net 17 redirects www.heraldsun.com.au
googleads.g.doubleclick.net
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
22 c.bannerflow.net ad.doubleclick.net
www.heraldsun.com.au
c.bannerflow.net
22 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
16 content.api.news www.heraldsun.com.au
15 pagead2.googlesyndication.com ad.doubleclick.net
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
15 dpm.demdex.net 1 redirects www.heraldsun.com.au
tags.news.com.au
ssum-sec.casalemedia.com
14 dsum-sec.casalemedia.com 3 redirects www.heraldsun.com.au
js.adsrvr.org
ssum-sec.casalemedia.com
googleads.g.doubleclick.net
13 s0.2mdn.net www.heraldsun.com.au
s0.2mdn.net
11 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
11 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
ad.doubleclick.net
11 pixel.rubiconproject.com 5 redirects www.heraldsun.com.au
js.adsrvr.org
11 static.adsafeprotected.com bedsberry.com
pixel.adsafeprotected.com
www.heraldsun.com.au
11 resourcesssl.newscdn.com.au www.heraldsun.com.au
ts2020-indies-client.web.app
11 tags.news.com.au 1 redirects www.heraldsun.com.au
tags.tiqcdn.com
au.tags.newscgp.com
10 www.googletagservices.com securepubads.g.doubleclick.net
www.googletagservices.com
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
www.heraldsun.com.au
10 ib.adnxs.com 4 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
googleads.g.doubleclick.net
10 match.adsrvr.org 10 redirects
10 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
9 sync-tm.everesttech.net 9 redirects
9 news.google.com 1 redirects subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
8 ups.analytics.yahoo.com 6 redirects js.adsrvr.org
7 tpc.googlesyndication.com 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
7 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
www.heraldsun.com.au
7 play.google.com www.gstatic.com
7 googleads4.g.doubleclick.net ad.doubleclick.net
www.heraldsun.com.au
6 dcollector.bonzai.co www.heraldsun.com.au
6 x.bidswitch.net 5 redirects www.heraldsun.com.au
6 trc.taboola.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
6 cdn.taboola.com www.heraldsun.com.au
cdn.taboola.com
5 collector.bonzai.co www.heraldsun.com.au
5 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 www.google.com www.heraldsun.com.au
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 px.ads.linkedin.com 4 redirects www.heraldsun.com.au
5 googleads.g.doubleclick.net www.googleadservices.com
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
www.heraldsun.com.au
5 token.rubiconproject.com 5 redirects
5 simage2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
5 ad.doubleclick.net 1 redirects tags.tiqcdn.com
www.googletagservices.com
www.heraldsun.com.au
4 ssum-sec.casalemedia.com tags.news.com.au
ssum-sec.casalemedia.com
js-sec.indexww.com
4 www.gstatic.com news.google.com
www.gstatic.com
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 fastlane.rubiconproject.com tags.news.com.au
4 au.pixel.newscgp.com au.tags.newscgp.com
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
4 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
3 aax-eu.amazon-adsystem.com 2 redirects www.heraldsun.com.au
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 www.google.com.au www.heraldsun.com.au
3 adservice.google.com 8228261.fls.doubleclick.net
securepubads.g.doubleclick.net
3 secure.adnxs.com www.heraldsun.com.au
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 www.googleadservices.com secure-ds.serving-sys.com
www.googletagmanager.com
3 id5-sync.com cdn.id5-sync.com
www.heraldsun.com.au
tags.news.com.au
3 www.facebook.com www.heraldsun.com.au
3 u.openx.net 2 redirects www.heraldsun.com.au
3 sync-dsp.ad-m.asia 3 redirects
3 sync-t1.taboola.com www.heraldsun.com.au
3 sync.taboola.com 2 redirects www.heraldsun.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.heraldsun.com.au
3 cdn.ampproject.org www.heraldsun.com.au
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 onetag-sys.com 1 redirects 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
2 rtb2-useast.e-volution.ai 2 redirects
2 gu.dyntrk.com 2 redirects
2 pool.admedo.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 pippio.com 2 redirects
2 sync.mathtag.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 eus.rubiconproject.com tags.news.com.au
eus.rubiconproject.com
2 ads.pubmatic.com tags.news.com.au
ads.pubmatic.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static.criteo.net tags.news.com.au
static.criteo.net
2 sync.search.spotxchange.com 1 redirects www.heraldsun.com.au
2 lm.serving-sys.com secure-ds.serving-sys.com
2 p.adsymptotic.com 1 redirects www.heraldsun.com.au
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 2 redirects
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 metrics.heraldsun.com.au tags.news.com.au
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 mfad.inskinad.com tags.news.com.au
ssum-sec.casalemedia.com
2 sync.srv.stackadapt.com 2 redirects
2 eb2.3lift.com 1 redirects www.heraldsun.com.au
2 rtb.mfadsrvr.com 2 redirects
2 ce.lijit.com 1 redirects www.heraldsun.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 nebula-cdn.kampyle.com tags.tiqcdn.com
nebula-cdn.kampyle.com
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 assets.vidora.com www.heraldsun.com.au
assets.vidora.com
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 news-networkeditorial.s3-ap-southeast-2.amazonaws.com www.heraldsun.com.au
2 news-networkeditorial.s3.ap-southeast-2.amazonaws.com www.heraldsun.com.au
1 udc-neb.kampyle.com
1 simage4.pubmatic.com ads.pubmatic.com
1 dsp.adkernel.com 1 redirects
1 im.bluevoox.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 r.turn.com 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 invoke.bonzai.co www.heraldsun.com.au
1 dmp.brand-display.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 js-sec.indexww.com tags.news.com.au
1 api.rlcdn.com tags.news.com.au
1 adservice.google.com.au securepubads.g.doubleclick.net
1 sync.1rx.io www.heraldsun.com.au
1 us-u.openx.net www.heraldsun.com.au
1 check.analytics.rlcdn.com tags.news.com.au
1 www.linkedin.com 1 redirects
1 tags.bluekai.com 1 redirects
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 fonts.gstatic.com news.google.com
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com www.heraldsun.com.au
1 au-gmtdmp.mookie1.com www.heraldsun.com.au
1 snap.licdn.com www.heraldsun.com.au
1 static.ads-twitter.com www.heraldsun.com.au
1 d3273622690172371738-t3804033771104967681.id.amgdgt.com 1 redirects
1 d.turn.com 1 redirects
1 edge.adobedc.net cdn1.adoberesources.net
1 bs.serving-sys.com secure-ds.serving-sys.com
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 f0g6h1vavlivdekwpg159mmvwiov41663966140.nuid.imrworldwide.com www.heraldsun.com.au
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com www.heraldsun.com.au
1 s.uuidksinc.net www.heraldsun.com.au
1 visitor.omnitagjs.com www.heraldsun.com.au
1 match.taboola.com www.heraldsun.com.au
1 sync-tapi.admatrix.jp 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.heraldsun.com.au
1 rtb-csync.smartadserver.com www.heraldsun.com.au
1 bh.contextweb.com www.heraldsun.com.au
1 au.audience.newscgp.com au.tags.newscgp.com
1 ncg.tags.news.com.au au.tags.newscgp.com
1 collector.brandmetrics.com cdn.brandmetrics.com
1 cdn.jsdelivr.net tags.news.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 ping.chartbeat.net www.heraldsun.com.au
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 ts2020-indies-client.web.app www.heraldsun.com.au
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 cdn.id5-sync.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 mhr.talk.news.com.au www.heraldsun.com.au
1 images.taboola.com www.heraldsun.com.au
1 sg-trc-events.taboola.com www.heraldsun.com.au
1 use.fontawesome.com cdn.taboola.com
1 edition.pagesuite.com www.heraldsun.com.au
1 origin.go.heraldsun.com.au www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 syd-1-apex.go.sonobi.com Failed tags.news.com.au
0 lbs.eu-1-id5-sync.com Failed cdn.id5-sync.com
0 cookie-matching.mediarithmics.com Failed
522 184
Subject Issuer Validity Valid
news.com.au
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-16 -
2023-08-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
origin.go.heraldsun.com.au
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
*.s3-ap-southeast-2.amazonaws.com
Amazon		 2021-12-15 -
2022-12-14		 a year crt.sh
edition.pagesuite.com
Amazon		 2022-09-17 -
2023-10-15		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
bedsberry.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.vidora.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-03 -
2022-10-01		 3 months crt.sh
au.tags.newscgp.com
Amazon		 2022-01-11 -
2023-02-08		 a year crt.sh
*.zprk.io
Amazon		 2021-11-18 -
2022-12-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
web.app
GTS CA 1D4		 2022-08-12 -
2022-11-10		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.adsafeprotected.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.dotmetrics.net
Amazon		 2022-09-23 -
2023-10-21		 a year crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-11 -
2023-06-11		 a year crt.sh
www.newsconnect.com.au
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
au.audience.newscgp.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
uuidksinc.net
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
mfad.inskinad.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
ads.playground.xyz
GTS CA 1D4		 2022-08-15 -
2022-11-13		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics.heraldsun.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-17 -
2023-07-18		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
edge.adobedc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-18 -
2022-11-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-10 -
2023-02-10		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
lm.serving-sys.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
bonzai.co
Amazon		 2021-11-28 -
2022-12-26		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.bonzai.co
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh

This page contains 61 frames:

Primary Page: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Frame ID: CF95E56A7C5A28EEE2C6C381BF85091F
Requests: 231 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=sFrsQxIOCp83C0Q6QYiq7iihiL7YOL83&nonce=lEo-VVmDzg~VYQ4g9qrV8Si5HSt9cvDA&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 6CBD8BB7EDDBF34B364827F44915DF1A
Requests: 3 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 450C6049A5F0248BAAC1E9CCE0550E5D
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EYH703-1T-FCM1
Frame ID: EB40AB4B448ECFB04EA0818E2B98BC38
Requests: 21 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 9FDD0CC00A30C0994C606A597338146F
Requests: 3 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 37732C29172BBF519547CFE390964C65
Requests: 22 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
Frame ID: CF959DCCCF12C902534675F7F95D09B7
Requests: 13 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: FCC357F88E6BABF6E0E95970B26697FD
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 81379175ED5B76A0F8D3A1BB4735423C
Requests: 3 HTTP requests in this frame

Frame: https://snap.licdn.com/li.lms-analytics/insight.min.js
Frame ID: BE364BD83586DE10D772B6B390FA06D3
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 97B88B9945B603478EF2D6E55AC1C3ED
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 8E185CD60A2B5F5490564F480F0DEED4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: 62547F19DB7202C3525809C33D2D7D5A
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463
Frame ID: 18702B8E8CF558D2EEA45D1061BDDAEC
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147
Frame ID: B53A8E64347331504F3AC71713C27704
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: D843CD4942F48CCEB9063EED955C6C77
Requests: 5 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: 2F4C812E34279BEF5FE3FC6DB5432B3D
Requests: 4 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f
Frame ID: C5E1B303605F2146DE59639D87B39560
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Frame ID: D9A9082FC4977744AD480D4E9A569074
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Frame ID: B5751CE3C5E963499F583C20B570369A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: ECD6ED0D1E1DA3127D6E55C93E3A4026
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: A12201BC23BF3B05A1574902D6BBCB0B
Requests: 2 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Frame ID: FE5507C1B8FD38655F555D7225D03E69
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
Frame ID: 52A8CD63518F09D5260CCD583656BD1E
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=548033b2-aa44-4d80-8e92-adbc87e96a0f&expiration=1666558143&gdpr=0&gdpr_consent=
Frame ID: 1F17E5CCB649D03BA6C00A3291CE75FB
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Frame ID: D800A276316A8097DDA81F54ABB30261
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
Frame ID: FCC4858488121F399E46D51E257DE83F
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=548033b2-aa44-4d80-8e92-adbc87e96a0f&expiration=1666558144&gdpr=0&gdpr_consent=
Frame ID: 6465E3BAACA0B06EB76299E91ADB330A
Requests: 1 HTTP requests in this frame

Frame: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3FFECBD5BBF1B4A54F85EDA585D7CF6C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C0B8553BC7EF29D6635019453E58CB9A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 08FE47EB45F4F45B0CB3FED443E89468
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 705F7357347DC73574BD2B9A69D33B32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0002A00789339F93332D52E276CEECC5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Frame ID: FB80FFA84CE85A77DDD0F9579690D75F
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHJvlie34S2MNJ6KLg8Xe1r1qx_SYr5MaZvUMP-4FI8kCxiJmKJuUwF2WmJaFDz1KwS47bQ5P_qZMuvk6uSEt0-JjxZ1coo6bxIxykVNAAOu-aEsqRUkRiCXbQZaT0aYamabF9E7svcQ1IKiJeqv8hBCLKlQXbHnl68fFxEzvaFTsavxL49M6paKE4XnZgsf6Ru-gTquXCQiT9z4skFy8C3_NCRPSJ1XMBFKeYBl1lC9UqNXu7W6dnie7mPgdNNfGEuiKcj_3gOxgyvddKsS0Wis-Asbn6GOXWasD1DxMlg0J5bxUBadcPCPECY25c-w&sai=AMfl-YSsRuGZ2XzAeokrprd0BZ6NJsN4xYQxCc-aWD0DInx1dRojnsf3PEI7NNpHnucG8D868-Xnc7eem1dYqYaJHbZWTt4wrPGcL9tS4vBD7IthKCv1hgKzmSEN4dOctg&sig=Cg0ArKJSzG4mKn_QXdFNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 18746E33D5977144EFDFD031E0F8AAC7
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseS4CjzctGjts81r0yG3iCHERN2c9BLSvl2rzh3NfQcPMHXWvxZWk096YHhi7m5BWbIrCYD3F_POTsKPVJwC8I5ViPDsiA14S7BzFj2XUCaZkjZqjXXOMCfsiMNXyifQsHUZaaeLEXy3X78F8fTCZbl-9ph8O5eNkIjTr3BQPzWCLH01kOB9I06sc5_txqOqlkiFw3FKlL2ECAJYFtOF9aqEzFr6BMGrtItuVFND6ZXTO_o0jPvK-i_cge-ZahJ4FHu2_3rCDts7L0t4x7NkvI1bZiLhbUOhdyQm9U2bypPQJ9Uc-D2ANVPiE_qeG-vg&sai=AMfl-YRCvXheCWfBpHaOg3H31YJEbYd0UeHU0dEloA1o_Po5DD41dSG5jrmGa2NDXx24Uxik4k8baF6WeyI25o_jCMT4Ol7rhStPDZrUf8zh2jr6AYgwC24IrTKYvY-ROw&sig=Cg0ArKJSzJXE_zK1VQWSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 30A0DD7AF0A56498A465E496CDFAB4A0
Requests: 23 HTTP requests in this frame

Frame: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2723B9E602BF7DC04EF251620020196
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWAI9C8CVDB9uDEqzkeBmG6exgGALJjDjR24NeVYtujrkOVLjpNCEyCIcwQNKW__xuvKT7nmkwon8Z1cVfmaQvtlDjolmFwXhX7PESQcQOhb4UqYwasKwvT1bGXc1I9mPZZVWP63cbzio3gZuLwShJ5LSdrNWEtPBj6cl3CGfTR7LK6SaRyrH3ClVXlEttBnoFh2QNK0Gw9Rv0_LzMwlr6Gp95ISWZJLHqLB9vcP5sGqVwWIuWWpROMplhmzDfkxYsSaFnszOslfASxlOVmHhMQ6qUg7Ro7LRb0IXhYpphjAx9oLheISRfehyGuOPhcQ&sai=AMfl-YRJGLw4yGIeHWy2w5Sbxjhnm3C_UyhVX6mH2e3tB6qhkoyWwCcHlz-wRo1iusG2q2VUlKBR_X90CrzR_hrC1_dyM8q7mf67TSDw2d_GNaE_q23xvryZ5rOD-wi8Ew&sig=Cg0ArKJSzHc9Kl9WB-soEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 69FEADB2EA08623D60AB22DCDA2CC4D6
Requests: 21 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 83E6240C3BFC8F05C248E7500B49BABD
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670542&pubOrder=3080239808&cb=595334820&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c2-3b81-11ed-ae41-02aa41dfc264
Frame ID: 6723D595847441B934E794A374E65BBD
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB
Frame ID: 425D25D99523BD878D2E40EC69016B66
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent=
Frame ID: 4C16049BE3EB42273DADB738802D6413
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1&gdpr=0&gdpr_consent=
Frame ID: 408BF8A31EC86A41DA1937EBC090E059
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObF9agDEKuFyPQDGMn0udIBMAE&v=APEucNX8sLnjt02CMSP_3B_UE2vEnxjwGaL0faXdgIac8kKAJ35xTEhoyKrt7bTd6NtnIQyEZRo_OitRhM4pK9TmGyyZ5TLZ6A
Frame ID: FA7564B59DF931EE31549EB9687A34F7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0FBF32631081DAF88D4C6380E5D15B5
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670923&pubOrder=3080239808&cb=666025173&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c3-3b81-11ed-ae41-02aa41dfc264
Frame ID: CEBF4DBA89DA297377A4D7E060CBDFBA
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670929&pubOrder=3080239808&cb=1200331253&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c6-3b81-11ed-ae41-02aa41dfc264
Frame ID: 31038EEE54914FBC154FA3E979EF2469
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Frame ID: F435E4A71BE7A0FC8A70E7F303DCE629
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7BD1D50B8976DB2649F8AB9ACAB6E09
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1B8E2ECC5BFE5C344DFA885B5E32C0DF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2D7E7190F42D31530B0F5A2E88F0BF57
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D34D1E091E649C8C0FD4359DF3D19A21
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2398A42133F794C5499F15D75E28302C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9838B5D80CB8CA26FB9C9DA5949362B0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Frame ID: 351E2785A8A09D6603532629629B5735
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.heraldsun.com.au/b5d1cdf6-f710-4b13-8ab1-81f83acf17b5
Frame ID: CFE8B9137480F152EE39001865AA9D97
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.heraldsun.com.au/8eef315c-285d-4900-b0e9-bc4c50ecff6d
Frame ID: 9CFBB64901C2917D7631E14679E7CC20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21D06CF9C1728BFF12188B3FD6D377EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CFC4E911A8E406E1E2EDB5B13C029BF
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fimages%2F1ead3191-5e2f-4843-92e4-c18604924ca4.png&w=237&h=182&q=85&f=webp&rt=contain
Frame ID: 0509978C727A0E5865E723FC9B394172
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/03ab25e9-28ba-4847-a09a-b1bd5398bfef.svg
Frame ID: BC42AB2C01D6BC687E926D1BCB18F6B3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&166... HTTP 302
    https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

522
Requests

84 %
HTTPS

0 %
IPv6

107
Domains

184
Subdomains

128
IPs

12
Countries

5097 kB
Transfer

13165 kB
Size

169
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16639661341916603397 HTTP 302
    https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663966137540&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663966137540&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Request Chain 107
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663966139139 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663966139139
Request Chain 130
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EYH703-1T-FCM1
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg2ccvrYDnmfWzXT2M1gLU&google_cver=1
Request Chain 133
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Request Chain 134
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=548033b2-aa44-4d80-8e92-adbc87e96a0f
Request Chain 135
  • https://ce.lijit.com/merge?pid=42&3pid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 139
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dd5aed95-24f1-4ccd-aa7e-c85c5031fbf0
Request Chain 140
  • https://id5-sync.com/s/464/9.gif?puid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7832201268429598831&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOXlybwCsvg6Zdo6zg6mNafrsLvFvrSgPyJNMrBg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/5/3.gif?puid=9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=548033b2-aa44-4d80-8e92-adbc87e96a0f&ttl=%%TTL%% HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/10/3/5.gif?puid=2853615921117379872&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=7500e4fb-0b77-4186-a716-216ef3e0717e&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/112/1/7.gif?puid=8E80881BE1CCD453&gdpr=0&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAjpNjXUszOJC8wrFrAKz6E&google_cver=1
Request Chain 141
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1 HTTP 302
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=183f644c-3d77-4e85-aaaf-6b029e8bb15a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=DHRX-llCCbOp-Wg&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c985f782-8280-47d2-bac8-cf55a10d334d
Request Chain 142
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=45f750ba-c62e-4cb4-a687-e5e7a2fbf75a HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&tbid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&query=taboola_hm%3D45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&isDirect=0
Request Chain 143
  • https://u.openx.net/w/1.0/sd?id=543998486&val=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=
Request Chain 144
  • https://eb2.3lift.com/xuid?mid=7772&xuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 147
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=AYNljZ3ySNBcfTszWIvEhWfR_nE
Request Chain 150
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=277d007f-f190-4da4-ad5f-49abb96cdc09
Request Chain 184
  • https://cm.everesttech.net/cm/dd?d_uuid=22318271791660588513733439796371681451 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4bvgAAAGu2cgN1
Request Chain 194
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au HTTP 301
  • https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
Request Chain 197
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7832201268429598831
Request Chain 199
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://d3273622690172371738-t3804033771104967681.id.amgdgt.com/r/telco/tuid/3804033771104967681/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D3804033771104967681 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3804033771104967681
Request Chain 200
  • https://token.rubiconproject.com/token?pid=6404&puid=22318271791660588513733439796371681451&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EYH7QT-1K-7IT4?gdpr=0
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjIzMTgyNzE3OTE2NjA1ODg1MTM3MzM0Mzk3OTYzNzE2ODE0NTE= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFzgQ633wv-ff949CeAWggU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 208
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463
Request Chain 209
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147
Request Chain 212
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f&google_gid=CAESEE-iCRY-BejG2tN4VVtU9Ss&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f
Request Chain 217
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=548033b2-aa44-4d80-8e92-adbc87e96a0f
Request Chain 222
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
Request Chain 224
  • https://dt.scanscout.com/ssframework/uid?UIAA=22318271791660588513733439796371681451&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ce38edefc6ba2689863bbae31ee7f199
Request Chain 226
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=22318271791660588513733439796371681451&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=22318271791660588513733439796371681451&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 227
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=22318271791660588513733439796371681451 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22318271791660588513733439796371681451
Request Chain 231
  • https://tags.bluekai.com/site/43981?id=22318271791660588513733439796371681451&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 233
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXk0YnZnQUFBR3UyY2dOMQ==
Request Chain 234
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1663966143335&url=https%3A%2F%2Fwww.heraldsun.com.au%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1663966143335&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1663966143335%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1663966143335&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8ef6af1a-570e-435d-9eac-dc7f4c79b7e5 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8ef6af1a-570e-435d-9eac-dc7f4c79b7e5&_expected_cookie=3596eecbfb89397bf55fd2d5bb7f9f84
Request Chain 235
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy4bvgAAAGu2cgN1&expires=90
Request Chain 238
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy4bvgAAAGu2cgN1
Request Chain 247
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Yy4bvgAAAGu2cgN1
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy4bvgAAAGu2cgN1
Request Chain 251
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Request Chain 252
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-LXjq0sRE2uKsMCmPEMvWDoUzlQv781s-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
Request Chain 255
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Request Chain 256
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-LXjq0sRE2uKsMCmPEMvWDoUzlQv781s-~A&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
Request Chain 258
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1
Request Chain 261
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy4bvgAAAGu2cgN1&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy4bvgAAAGu2cgN1&img=1&__user_check__=1&sync_id=293473c2-3b81-11ed-91a9-11ae77110307
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy4bvgAAAGu2cgN1&t=2592000&o=0
Request Chain 263
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Request Chain 292
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7832201268429598831
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
Request Chain 297
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4bv5rZ8KR3-QQTMKfd.QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
Request Chain 300
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D7C3DB37D1434DCCB82A8F9064C3B7B7
Request Chain 301
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
Request Chain 302
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AYNljZ3ySNBcfTszWIvEhWfR_nE
Request Chain 303
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=57144d72-364d-6eb6-81ef3970
Request Chain 322
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent=
Request Chain 323
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1&gdpr=0&gdpr_consent=
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=voFN0or5ReqMO_J0RuL06w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 325
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEJFODE0REQyLThBRjktNDVFQS04QzNCLUYyNzQ0NkUyRjRFQhAAGg0Iwbe4mQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b12b49c6cd9c2e3c65baecf44132ffd20942c70572afc664477effedc232bcfa791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiMTJiNDljNmNkOWMyZTNjNjViYWVjZjQ0MTMyZmZkMjA5NDJjNzA1NzJhZmM2NjQ0NzdlZmZlZGMyMzJiY2ZhNzkxNDI2YjU0MTdkY2UyMRAAGgwIwre4mQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiMTJiNDljNmNkOWMyZTNjNjViYWVjZjQ0MTMyZmZkMjA5NDJjNzA1NzJhZmM2NjQ0NzdlZmZlZGMyMzJiY2ZhNzkxNDI2YjU0MTdkY2UyMRAAGgwIwre4mQYSBAgCEABCAEoA&google_gid=CAESEKP4DMYoIZ8mqrTuX93CQPs&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=21df1387-ee6d-41eb-aae3-d52fddbd9138
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9477632e-1bbf-4600-a4ff-e5ca42238bf3
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkU4MTRERDItOEFGOS00NUVBLThDM0ItRjI3NDQ2RTJGNEVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2GdkvL133OTv-lTQz8fXc&google_cver=1
Request Chain 329
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:53BE16FACAE44F778F8CBED772FECD44
Request Chain 331
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=548033b2-aa44-4d80-8e92-adbc87e96a0f
Request Chain 332
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c985f782-8280-47d2-bac8-cf55a10d334d HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c985f782-8280-47d2-bac8-cf55a10d334d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0ffc8af4-a1b6-4cb2-850b-45e114fd39f0&user_group=1&ssp=pubmatic&bsw_param=c985f782-8280-47d2-bac8-cf55a10d334d HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c985f782-8280-47d2-bac8-cf55a10d334d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 333
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yTh_nF5E2uXhl1s2H4.snqT4Ys6fXJs-~A&gdpr=0&gdpr_consent=
Request Chain 334
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA
Request Chain 336
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KWu1t8SgTBWaX4Ua5wxv8Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KWu1t8SgTBWaX4Ua5wxv8Q
Request Chain 337
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Request Chain 338
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYH7QT-1K-7IT4
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIyAtCovcS-w-ouWgvSiyw&google_cver=1
Request Chain 340
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lL7lX29TSNWC0HXD6A9QIg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lL7lX29TSNWC0HXD6A9QIg
Request Chain 341
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/roeBD7ZAU7qPS49IFRA2q8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2841397702564094204
Request Chain 342
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRmYmQ3NWVjYzJkYWIxZmFkYTAyM2Q0ODE4OWQ0NmNkODFjMTI4Mg
Request Chain 343
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUg3UVQtMUstN0lUNA==
Request Chain 344
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4bv5rZ8KR3-QQTMKfd.QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
Request Chain 346
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
Request Chain 348
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_632e1bc1e4cfe&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1bc1e4cfe
Request Chain 350
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7832201268429598831
Request Chain 365
  • https://ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248270;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248270;dc_pre=CIDzs_jkq_oCFWL7cwEddZwMGg;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1
Request Chain 368
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4bv5rZ8KR3-QQTMKfd.QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJsGxKSbPjcnX14AZ_VrAAQ&google_cver=1
Request Chain 370
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzMjIwMTI2ODQyOTU5ODgzMQ%3D%3D
Request Chain 392
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPZ2h0YGh9ZXfOmfsP81fDs&google_cver=1&google_push=AZmPxg9d6g519Ip_wmJEUCIED76whkkiqtR1pasxZkkx0cv1XLzxOmB31UE6RNiKg6ES7F_acpNe1HKGctgWsbIQfuaPobZj1YgIl7rjmw_r0hfcHA9pVWh2cXUuEVlwxUe_S4c8OeGglS16l_jQezspWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgwNDAzMzc3MTEwNDk2NzY4MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPZ2h0YGh9ZXfOmfsP81fDs&google_cver=1
Request Chain 393
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEP8CsiKbRYWuok60av9GsUE&google_cver=1&google_push=AZmPxg-pMSRvSTYLXWbwZl6E56bbVu9sLSCcSK3xrllpf1v2NZKFcL3Gt5Rav7K7WQC27dmKJE0utGJTCjdSU6JZz9LIZNl7a1_MnH7E1oabvSFCU8zhDGQVCQSQeLoaTED-_Z0JZQwHdZ-3PoYaQaFJfQ8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-pMSRvSTYLXWbwZl6E56bbVu9sLSCcSK3xrllpf1v2NZKFcL3Gt5Rav7K7WQC27dmKJE0utGJTCjdSU6JZz9LIZNl7a1_MnH7E1oabvSFCU8zhDGQVCQSQeLoaTED-_Z0JZQwHdZ-3PoYaQaFJfQ8
Request Chain 394
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFhqf74VGZuabZ3tVQGm7-E&google_cver=1&google_push=AZmPxg8AcFRHNPRoSAu2iz1-OuHUlGnvhBMe3eMbdzXk0aM8JNAysK6EJYmnfwhSwD3WLOnzRFpO_u1XQMXgrKw20dGHDOy-V4Kzyytjd4tTiugJbIbDpKv3RKnUbs1bR2FMgOHJM_sccx3hb54ieoPKT7k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1MzYxNTkyMTExNzM3OTg3Mg&google_push=AZmPxg8AcFRHNPRoSAu2iz1-OuHUlGnvhBMe3eMbdzXk0aM8JNAysK6EJYmnfwhSwD3WLOnzRFpO_u1XQMXgrKw20dGHDOy-V4Kzyytjd4tTiugJbIbDpKv3RKnUbs1bR2FMgOHJM_sccx3hb54ieoPKT7k
Request Chain 395
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMRgEJPVPHvyxPaVm8OpSL8&google_cver=1&google_push=AZmPxg8NMI8qqk_ghkWdHZDKrP59c4khWFAmVBUskyfLLAFnsoPe-qKPb09nQdla8pegOy9_1TZHkn_nsUmY40k6NtInO2wyV69d2B7g2F74ZM5_E3rPubikGz1sPK-qoPazp-kW-EV6kcW2uP-l5I-B3A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8NMI8qqk_ghkWdHZDKrP59c4khWFAmVBUskyfLLAFnsoPe-qKPb09nQdla8pegOy9_1TZHkn_nsUmY40k6NtInO2wyV69d2B7g2F74ZM5_E3rPubikGz1sPK-qoPazp-kW-EV6kcW2uP-l5I-B3A&google_hm=ZzZlOTFiYjA0MTQxODcxOTkzMjY=
Request Chain 396
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKJSTJXk4zuJynDRZqFZDEI&google_cver=1&google_push=AZmPxg9xOsRba2jp2IoKuZlU_zvCVpEuH2i2hBJjPsGiGdDf23qGmamzNxRHQDH7sCbmf8XYf7kcl2GbFSyEfTAjW21f4T4kNgK6Al-ISELJO-lmrFi6gzJLKAMmhciV5aV6O-tljM5rD6iGUqalUVnSzQcq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9xOsRba2jp2IoKuZlU_zvCVpEuH2i2hBJjPsGiGdDf23qGmamzNxRHQDH7sCbmf8XYf7kcl2GbFSyEfTAjW21f4T4kNgK6Al-ISELJO-lmrFi6gzJLKAMmhciV5aV6O-tljM5rD6iGUqalUVnSzQcq&google_hm=QlMuNjU3My1mM2VjLTRjMTQtYTdiZg==
Request Chain 397
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDXdCuOUvX_NMMOwE80E8jo&google_cver=1&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj3uLRWRPcWZ5OCiuOyLMU3xMsGGpscdC7ucHuYVjGivdCKFwpH82I8z1drNn-4Llety3C1nUArkFd HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEDXdCuOUvX_NMMOwE80E8jo%26google_cver%3D1%26google_push%3DAZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj3uLRWRPcWZ5OCiuOyLMU3xMsGGpscdC7ucHuYVjGivdCKFwpH82I8z1drNn-4Llety3C1nUArkFd HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8755626116547415080&exchange=193&google_gid=CAESEDXdCuOUvX_NMMOwE80E8jo&google_cver=1&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj3uLRWRPcWZ5OCiuOyLMU3xMsGGpscdC7ucHuYVjGivdCKFwpH82I8z1drNn-4Llety3C1nUArkFd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3NTU2MjYxMTY1NDc0MTUwODA&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj3uLRWRPcWZ5OCiuOyLMU3xMsGGpscdC7ucHuYVjGivdCKFwpH82I8z1drNn-4Llety3C1nUArkFd
Request Chain 398
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENz4x_zFE9fgq7HBFLfxHCw&google_cver=1&google_push=AZmPxg8adSe4g7sBWTB0cgCFAcAmdPu7ekuyf_xJa_7bXsdctim3UYmYaVwwbCkzpkKGh9-19lTBo8_kb0Fx-km143TeGLN4Az8WmtpzvUEPqpAqXf7qk0h3vVbyU_A9C7eCCnm1vUGgMrp35BgsWdVNgSo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wccgEhC87EB_NIrIP1BYv3w-wmhhQkgQ&google_push=AZmPxg8adSe4g7sBWTB0cgCFAcAmdPu7ekuyf_xJa_7bXsdctim3UYmYaVwwbCkzpkKGh9-19lTBo8_kb0Fx-km143TeGLN4Az8WmtpzvUEPqpAqXf7qk0h3vVbyU_A9C7eCCnm1vUGgMrp35BgsWdVNgSo HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

522 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&16639661341916603397
  • https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
523 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
dcf16724556097a6131d2d60fabb3f79882fa79b43aa4ccdab4de10df994ead7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 20:48:56 GMT
expires
Fri, 23 Sep 2022 20:48:56 GMT
host-header
a9130478a60e5f9135f765b23f26593b
is-https
true
pragma
no-cache
server
nginx
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 534702 0 pmb=mTOE,2
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3ddb97064d096efd3ceffe895b18519778-1663966135&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=db97064d096efd3ceffe895b18519778
x-bpath
OLD
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-opw
4
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
sin1 0 2 9980
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Fri, 23 Sep 2022 20:48:55 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
expires
Fri, 23 Sep 2022 20:48:55 GMT
location
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
"632118dc-37"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 20:48:57 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
3G5Z8W8S6XCGAJAW
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=140610
accept-ranges
bytes
content-length
11472
x-amz-id-2
5hJLgpae4q57NtXmkIIBukgNtMLxXf2G2hlg/JvBhZjVllnPyAQT/yjTRNG8rwUxM3FqVmPgy/w=
expires
Sun, 25 Sep 2022 11:52:27 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
P04N1NX5GKEVZA1Q
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=140268
accept-ranges
bytes
content-length
12052
x-amz-id-2
MpfDKbl89FVXq14od7oW9VAON77yGsVY/T/Ndb0/LmDRGb+e4xtwyGiXIDX9o+m4V6atUpHnSdQ=
expires
Sun, 25 Sep 2022 11:46:45 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
XE608XH2JQPY9M4C
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=482775
accept-ranges
bytes
content-length
12440
x-amz-id-2
xtS5X8zqfRWWlpi1B3sMWw57xMMm9nFysXQEZ0JUxoJkfCtrYy1ppxityt7bve71Sq+vT1Cfeko=
expires
Thu, 29 Sep 2022 10:55:12 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
MPYPY7NWC30CS6VC
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=482786
accept-ranges
bytes
content-length
11372
x-amz-id-2
8U71bRTkHcVwzCz/noTXjaXrGxwJee2Qu5SBeD0oNoXXJJPYKfC0gOSAJQIA0UR6S1EOmFULk9Y=
expires
Thu, 29 Sep 2022 10:55:23 GMT
lux.js
cdn.speedcurve.com/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
749017b53b677c8309df48f408a6446f0d29e8256fe34d6a8521ce804b1e370e

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
via
1.1 vegur, 1.1 varnish
age
2886
x-cache
HIT
x-cache-hits
291
content-encoding
gzip
content-length
6552
x-served-by
cache-mel11271-MEL
last-modified
Fri, 23 Sep 2022 20:00:50 GMT
server
Apache
x-timer
S1663966137.875288,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Sep 2022 20:00:50 GMT
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a11b7881e180e2305a8bcdcc13f2de8464c396daba5546f4e6c8ea089cf7d9cc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
958
x-rq
sin1 0 2 9980
last-modified
Tue, 06 Sep 2022 00:27:24 GMT
server
nginx
etag
W/"631693ec-879"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:57 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c25bfbbf57399794e2238727d4d7c9d681c86879e54d9950ab92bf0b34c9f7bd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2968
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
W/"632118dc-1dbd"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:57 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
1537
x-rq
sin1 0 2 9980
last-modified
Tue, 30 Aug 2022 04:34:26 GMT
server
nginx
etag
W/"630d9352-2b9b"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 20:48:57 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
6236
x-rq
sin1 0 2 9980
last-modified
Thu, 08 Sep 2022 05:51:43 GMT
server
nginx
etag
W/"631982ef-7b68"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 20:48:57 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
894
x-rq
sin1 0 2 9980
last-modified
Wed, 27 Jul 2022 07:59:27 GMT
server
nginx
etag
W/"62e0f05f-b62"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 20:48:57 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/ 		239 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb8dc4597b756ea76241d2b49eb043b4ff563168cd1c52c60e6fb24a2a62e384

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
HDxmdxPc7W86cDsLxRTHKcyrYQdW2xp_
content-encoding
gzip
etag
"455973be4df98bcad7bf8d84e47c50d2"
age
96
x-cache
HIT
content-length
35944
x-amz-id-2
xZ1MimYXJEKvMUGHHsjo+XyVmlHz2FOPLgt30iuo9LB4JzEFz6trChkrFFDzTf4IL9pdJgjINds=
x-served-by
cache-mel11237-MEL
last-modified
Thu, 22 Sep 2022 14:41:59 GMT
server
AmazonS3
x-timer
S1663966137.873961,VS0,VE0
date
Fri, 23 Sep 2022 20:48:56 GMT
vary
Accept-Encoding
x-amz-request-id
QTZNG4QCNW5SJCWF
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
84
x-cache-hits
3
7184b897
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/7184b897
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e219149e0c53679e1897b7a15f29456a32e0adead298056e076e4b7a8662418
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
etag
"636cd1d6eb83e9d45e8d0480563a121bf9c5d2e19e3edcf5fc446443a9671bbf"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
8788
pragma
no-cache
x-bpath
OLD
blaizehappened
true
date
Fri, 23 Sep 2022 20:48:58 GMT
vary
User-Agent, Accept-Encoding
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f7184b897&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=7184b897&session=db97064d096efd3ceffe895b18519778
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3055
x-rq
sin1 0 2 9980
last-modified
Wed, 21 Sep 2022 06:09:32 GMT
server
nginx
etag
W/"632aaa9c-1f69"
vary
User-Agent
content-type
image/svg+xml
expires
Fri, 21 Oct 2022 11:25:15 GMT
cache-control
max-age=2385379
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
EGF4XR6SKHJHD0R8
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=424656
accept-ranges
bytes
content-length
16112
x-amz-id-2
4gdmEHjlpRyBVZgL8NngiSEwyShVI81dAgydSrdklWlU73lSw92rJ8yAp+IONBTWwGVKlJHNp2c=
expires
Wed, 28 Sep 2022 18:46:33 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
EGF7VMTDRX8PPX9V
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=140122
accept-ranges
bytes
content-length
15948
x-amz-id-2
C1U4ulN+BlDjcxrIK8OR75OSnxUdFk5Y+dZv+pr8e5x8Ob38hucY0AjACSM999S1oVxCk/eN9b4=
expires
Sun, 25 Sep 2022 11:44:19 GMT
0497c3b4ecab895aeb05a89783d7d1a7
content.api.news/v3/images/bin/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0497c3b4ecab895aeb05a89783d7d1a7?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a8736b961cbb09603dd4aaf7727e0a6d4049d0f783535159f7d2e497676609dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
0497c3b4ecab895aeb05a89783d7d1a7
date
Fri, 23 Sep 2022 20:48:56 GMT
last-modified
Fri, 23 Sep 2022 08:25:56 GMT
server
Akamai Image Manager
etag
4ed92bad56a500eb4ced2b1d89825106-0497c3b4ecab895aeb05a89783d7d1a7-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5139444
access-control-allow-headers
x-newsapi-api-key
content-length
61082
expires
Tue, 22 Nov 2022 08:26:20 GMT
b6ba204ecd390b58c0656dd914fc96ef
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b6ba204ecd390b58c0656dd914fc96ef?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
acda2a0988e4a29493581bc476c14e1e0b5ac1cb4e64923dfc4108316f570f05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
b6ba204ecd390b58c0656dd914fc96ef
date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 23 Sep 2022 12:01:22 GMT
server
Akamai Image Manager
etag
b2017df7edb49ed09c1d446e6203d91e-b6ba204ecd390b58c0656dd914fc96ef-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5152369
access-control-allow-headers
x-newsapi-api-key
content-length
3307
expires
Tue, 22 Nov 2022 12:01:46 GMT
7b165da1935295abaad8c78766b08276
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/7b165da1935295abaad8c78766b08276?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
66252e62a81292fc91811e17a73cc573a5898ae06d3cc004bfcc54e0563020bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
7b165da1935295abaad8c78766b08276
date
Fri, 23 Sep 2022 20:48:57 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
da1439f2564099b824477a8e4e10c325-7b165da1935295abaad8c78766b08276-150
x-serial
885
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5154109
last-modified
Fri, 23 Sep 2022 12:30:35 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
3294
expires
Tue, 22 Nov 2022 12:30:46 GMT
ed3dcfcb245894f7cb32555555d3ec6b
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ed3dcfcb245894f7cb32555555d3ec6b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
10efe3fa9e9c8738e827562151951785f33dd1772351e66f2dbbc583366e2a21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
ed3dcfcb245894f7cb32555555d3ec6b
date
Fri, 23 Sep 2022 20:48:57 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
04c3f77748315546b1df695507aa8faa-ed3dcfcb245894f7cb32555555d3ec6b-150
x-serial
1047
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5146820
last-modified
Fri, 23 Sep 2022 10:30:18 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
6126
expires
Tue, 22 Nov 2022 10:29:17 GMT
77d86096fab99193393bf4841daba078
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/77d86096fab99193393bf4841daba078?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2e78e124f7ea3759d84f81b44f00269e8959b7bd0ca3956727a4739ed9cbfe07

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
77d86096fab99193393bf4841daba078
date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 23 Sep 2022 09:00:27 GMT
server
Akamai Image Manager
etag
ca86feb74f31a2d393346c6a581c7714-77d86096fab99193393bf4841daba078-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5141438
access-control-allow-headers
x-newsapi-api-key
content-length
4733
expires
Tue, 22 Nov 2022 08:59:35 GMT
13d92cd64ef088bad780d92387d30b4b
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/13d92cd64ef088bad780d92387d30b4b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
562a54a9de4f36915707253f5778af0db10d90143d07dfb649f92f4c42261aa4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
13d92cd64ef088bad780d92387d30b4b
date
Fri, 23 Sep 2022 20:48:57 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
835894b6ece5ab995db5db70a7f40f84-13d92cd64ef088bad780d92387d30b4b-150
x-serial
1970
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5132299
last-modified
Fri, 23 Sep 2022 06:27:05 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5032
expires
Tue, 22 Nov 2022 06:27:16 GMT
493c569c4b52c192d9638e234b5eb99a
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/493c569c4b52c192d9638e234b5eb99a?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4e23ce46900a09dac8e3dba44d6e6baea9a0d2f250af87fc1d94852458ad3414

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
493c569c4b52c192d9638e234b5eb99a
date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 23 Sep 2022 07:59:12 GMT
server
Akamai Image Manager
etag
475f695dfa52a95c374faf2855e0cc44-493c569c4b52c192d9638e234b5eb99a-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5137786
access-control-allow-headers
x-newsapi-api-key
content-length
4536
expires
Tue, 22 Nov 2022 07:58:43 GMT
67b15ccbc55d667492656403b8af0126
content.api.news/v3/images/bin/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/67b15ccbc55d667492656403b8af0126?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6ac8e4c34cedb89bb130f7b765ed13f7c8c0d305cb45c90eabee473364f1c701

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
67b15ccbc55d667492656403b8af0126
date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 23 Sep 2022 12:01:22 GMT
server
Akamai Image Manager
etag
cc98498f70c46eb156e476c34d3c8bf6-67b15ccbc55d667492656403b8af0126-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5152288
access-control-allow-headers
x-newsapi-api-key
content-length
36878
expires
Tue, 22 Nov 2022 12:00:25 GMT
0082d432a28318efbf03c2dfff484348
content.api.news/v3/images/bin/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0082d432a28318efbf03c2dfff484348?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
729d370f25c9d95fe9082403d40e2bbf75899742afc0381bd3b8f6ae6d58cd06

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
0082d432a28318efbf03c2dfff484348
date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Fri, 23 Sep 2022 10:00:34 GMT
server
Akamai Image Manager
etag
ec93d3bd2a6475f6ea84b068926a2b09-0082d432a28318efbf03c2dfff484348-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5145143
access-control-allow-headers
x-newsapi-api-key
content-length
36973
expires
Tue, 22 Nov 2022 10:01:20 GMT
b90840a58ac501977f4416af6547293e
content.api.news/v3/images/bin/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b90840a58ac501977f4416af6547293e?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
02875082e1d53c14a0c3f6f34b670f1af7b48a518c38526003c34a2e1e8054f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
b90840a58ac501977f4416af6547293e
date
Fri, 23 Sep 2022 20:48:57 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
a75721de9e8e1ef3a57936d60c60f528-b90840a58ac501977f4416af6547293e-650
x-serial
1339
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5118027
last-modified
Fri, 23 Sep 2022 02:31:38 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
54983
expires
Tue, 22 Nov 2022 02:29:24 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
EGF9GAFSDDQ7NSHQ
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=333936
accept-ranges
bytes
content-length
540
x-amz-id-2
nPcezMQGhRFqAR7ZcVdVi82WxsbeWIq3IzyrUiOciy/OKTk0yIbeSKanPU+ldiLp+PX899+wUM4=
expires
Tue, 27 Sep 2022 17:34:33 GMT
Bob-Placement-350x197-1.png
origin.go.heraldsun.com.au/wp-content/uploads/2022/07/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://origin.go.heraldsun.com.au/wp-content/uploads/2022/07/Bob-Placement-350x197-1.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.122 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f113e0743984ad398a7f12b9eb887f51bbf3d399d0a17b9e9d81e4643ff982f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
x-rq
syd3 118 20 443
last-modified
Wed, 21 Sep 2022 09:13:41 GMT
server
nginx
etag
"e7392230d65f7825"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17250
expires
Thu, 21 Sep 2023 09:13:41 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.168.14 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:48:58 GMT
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
452HX65VK91A35WT
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
yZgio76TBhhm39aNArjPzn4vAJsWsFXWwAE2icRF+ZMpz9NbFSffR+ZVx9/QzxiFnjX4XmVyQIzihdXs9ddp/w==
games.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/games.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.168.14 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:48:58 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
452GGJKX8PDGZBG5
ETag
"2fa79b1c302fa407df95b287a47e01bc"
Content-Type
image/svg+xml
x-amz-version-id
mY_fhaFXa9wAEjGJ51huxNeB77eQfnyv
Accept-Ranges
bytes
Content-Length
4533
x-amz-id-2
VsYjsVHNjnuPbjuuPoA6LdkaMiLz5Ddll4poMUg7Xz5hbYHIStCHxTQM44NdmHDz6T8ydYwTNXk/g79Nxg9jIw==
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.168.14 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:48:58 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
452S8ZX8PMCXC0Q6
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
GS3Njq1q+nDB5PtOU8vvDHb/wZkyAiAq/2iR1tbj40PFZFoJKFNv70BmL0e6piYA/wZapX3P4nMjEx6dyhFTDQ==
braingains.svg
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/braingains.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.168.14 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:48:58 GMT
Last-Modified
Wed, 15 Dec 2021 03:04:45 GMT
Server
AmazonS3
x-amz-request-id
452KFN9B3XG9MTS9
ETag
"a5e3e51d1e5816755ebf71f5ea933857"
Content-Type
image/svg+xml
x-amz-version-id
BSPbSueNKMvcQ7CCwOmuub6mQNodfiBJ
Accept-Ranges
bytes
Content-Length
17305
x-amz-id-2
IE68XxuKN2tkICw/kuaLXh53oypIW4bfoSCKq1iUofcbwOIX1P8sD0+KwJGuiLNpP5iBBARXXGesBwKwX2sdow==
get_image.aspx
edition.pagesuite.com/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edition.pagesuite.com/get_image.aspx?pbid=38d72c05-d55e-479e-a6ea-985d57be1901&h=400
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-73.sin5.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6cd18fb060f883e248e3c8957a85d8ca35e87f853497b190d9607abc5a18bb1b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:40:27 GMT
via
1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
last-modified
Fri, 23 Sep 2022 17:44:23 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
age
510
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
private
x-amz-cf-pop
SIN5-C1
x-amz-cf-id
1_zdPpD8KCXsBUOmKHzqLWKxdwrwIhf3gGkNG9iyeLP2I67MG8cguw==
heraldsun-white.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2891
x-rq
sin1 0 2 9980
last-modified
Mon, 19 Sep 2022 01:07:34 GMT
server
nginx
etag
W/"6327c0d6-1e5e"
vary
User-Agent
content-type
image/svg+xml
expires
Fri, 21 Oct 2022 11:24:53 GMT
cache-control
max-age=2385357
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
S9KWAS23R9BDE0VX
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=388502
accept-ranges
bytes
content-length
535
x-amz-id-2
qJAh9tAoVfE2cfv58vr08wg5Qrib9sWolqLnBoRtKt2NblsYmHodJ3bSjEsPxJcwkG3k+8D2YVGVZSTkh879ig==
expires
Wed, 28 Sep 2022 08:43:59 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
HBSM65NXW692RVP6
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=531944
accept-ranges
bytes
content-length
586
x-amz-id-2
u7f7Gi68iGJY0DiRegO0fNtiPTUOatAsJ44BUTin/3jhqu4YfC+TUH48SPBNhy8NBinMhmKQtr4=
expires
Fri, 30 Sep 2022 00:34:41 GMT
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css?ver=v0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:48:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"5092a440102d6488"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:48:57 GMT
/
www.heraldsun.com.au/_static/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmbGFmYWFmVEWAK/IIi4=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
100749
x-rq
sin1 0 2 9980
last-modified
Thu, 22 Sep 2022 17:47:42 GMT
server
nginx
vary
User-Agent
content-type
application/javascript
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 23 Sep 2022 20:48:58 GMT
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:56 GMT
cache-control
max-age=51436
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"bebf5f8dc74222b04669a0854d13b696:1634099175.124073"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
load.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
7clDTlv1b9nqXkJZmi.ciVRIswky16L3
content-encoding
gzip
etag
"1a868d280f9424f5d82876d6cf0c46b9"
age
5
x-cache
HIT, HIT
content-length
1123
x-amz-id-2
B9UbpwVacyTQc6u6HtFGzJ190OrO6vP4BgSrWFPeVxlcDHkpLZc4fNM9mtI2JKgEiZihs1YV2UM=
x-served-by
cache-lax10664-LGB, cache-mel11256-MEL
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1663966137.234331,VS0,VE1
date
Fri, 23 Sep 2022 20:48:57 GMT
vary
Accept-Encoding,,
x-amz-request-id
V0PKX05T3RDJWYFV
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20220922-16-RELEASE.js
cdn.taboola.com/libtrc/ 		687 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
82098b75569948cc99fb49df0a4ec6f6e73a9e4e9b6937db3d8ba4516e281b14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
vxfwVx6TpyMPFLnFtWbQr0NTQV9l9vZw
content-encoding
br
etag
"b6247ec22fba797cf6f51ae4c86a6509"
age
23474
x-cache
HIT
content-length
145469
x-amz-id-2
bSDC5i5y4M9CgzULBRUJ5gXgvJx+926zW+8Df6uxcRcjM2qh7Zlx603bLURyRMN9JOHvIwDjU8s=
x-served-by
cache-mel11237-MEL
last-modified
Thu, 22 Sep 2022 14:17:37 GMT
server
AmazonS3-br
x-timer
S1663966137.060310,VS0,VE0
date
Fri, 23 Sep 2022 20:48:57 GMT
vary
Accept-Encoding
x-amz-request-id
PCY1T23CYH4NX8SA
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
65
x-cache-hits
4280
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-75.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 12:36:25 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
31376
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
SIN52-C3
x-amz-cf-id
Bw7YTAE9_4hBEtD2tvNYTItnz3PDYZ6c64vwyCF1PUse1GIDjBMjsQ==
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.133.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
312103
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
CVNP2GC84NFH12VR
x-amz-id-2
v9Y3aqCW8WG1n+KSYEl+p36V/NKs4bJLoj8HBjoFuPQgRyk0Gq7Tpc8CyQxJmTDH2CRwG/EKffI=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39ms%2B4pPfoEGneHoXVlTM9p8LpaESpnFEgZbLEwXl3ZUkAdR%2FrqHpoLAG01DL%2BIn1qWzDggUEoO3InIbyzMFxyCF0f1zuelMrPVIhgMcC5mZz0VUjJHSI%2Bmc9jchk3KUAGwSyvlo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
74f624e7abfb5ac8-MEL
pmk-202003261.4.js
widget.perfectmarket.com/newscorpau-aud-heraldsun/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/newscorpau-aud-heraldsun/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-heraldsun/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
vvUnpxiCp2d1vGKAsSzC893juA9_vk_J
content-encoding
gzip
etag
"b7fcedf037c57085d364b689ca46f32e"
age
29747468
x-cache
HIT, HIT
content-length
30954
x-amz-id-2
sIbiP2Xvrv+Zl/vs9bXSIzy7zvq8BbD7jA6SJx/dbd8NYlVJxZG268YmnI0LK8tODiaE4Ti1HgU=
x-served-by
cache-sna10736-LGB, cache-mel11256-MEL
last-modified
Tue, 07 Apr 2020 10:39:09 GMT
server
AmazonS3
x-timer
S1663966137.397495,VS0,VE0
date
Fri, 23 Sep 2022 20:48:57 GMT
vary
Accept-Encoding,,
x-amz-request-id
0FHGR5M7DAZX1XRR
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 26949
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.46.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.46.160.34.bc.googleusercontent.com
Software
/
Resource Hash
604785b3b644788c1974b7af27011d8d0b31620f6383aed37b19349e95818ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-asia-east1
etag
"5486e2f7d791c7e3ac63c284acfcaf1125d0bc2cb254493b6ff68a32d1260884"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-spot-89bf
content-type
text/javascript; charset=utf-8
via
1.1 google
cache-control
private, must-revalidate, max-age=21600
date
Fri, 23 Sep 2022 20:48:57 GMT
x-buildnumber
632800667
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
trc.taboola.com/newscorpau-aud-heraldsun/trc/3/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/trc/3/json?tim=20%3A48%3A57.447&lti=deflated&data=%7B%22id%22%3A278%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1663857709003%2C%22vi%22%3A1663966137444%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A12516%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1290.671875%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9acbaea363ad457056ecae988693eab9b49fd0819a1cf57277103dd0d89427ef

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
112
date
Fri, 23 Sep 2022 20:48:57 GMT
content-encoding
gzip
server
nginx
x-timer
S1663966137.493751,VS0,VE112
x-served-by
cache-mel11237-MEL
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
74
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
"632118dc-37"
vary
User-Agent
content-type
text/css
expires
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		277 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding
gzip
vary
User-Agent, Accept-Encoding
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server
AkamaiNetStorage
etag
"b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=1670
date
Fri, 23 Sep 2022 20:48:57 GMT
is-https
true
x-opw
4
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 23 Sep 2022 21:16:47 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8189b423ab0098619e47b27fad28ed6e28457aadfe234403feb1ae9d21478909
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
25706
x-rq
sin1 0 2 9980
last-modified
Wed, 21 Sep 2022 06:44:57 GMT
server
nginx
etag
W/"632ab2e9-14ad1"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
2149
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 04:25:05 GMT
server
nginx
etag
W/"63200621-1973"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
amp-story-player-v0.css
cdn.ampproject.org/ 		1 KB
505 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.css
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
433
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:48:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"5092a440102d6488"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:48:57 GMT
amp-story-player-v0.js
cdn.ampproject.org/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/amp-story-player-v0.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a3c9728730ffd33b100a65dc3ddcaf6632aa1667694acc96c29851c2acd32bb1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16103
x-xss-protection
0
server
sffe
date
Fri, 23 Sep 2022 20:48:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"0b0dda3fb8e87947"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 23 Sep 2022 20:48:57 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663966137540&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20a...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663966137540&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663966137540&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.227.254.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-75.sin52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
via
1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
x-amz-cf-id
mMQzClPasHqb2YuDw6aDobtu3kxkuADUeRgQ7eVk4DPGv8LAMUluFA==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1663966137540&ns_c=UTF-8&c7=https%3A%2F%2Fwww.heraldsun.com.au%2F&c8=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&c9=
date
Fri, 23 Sep 2022 20:48:57 GMT
via
1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
content-length
0
x-amz-cf-id
MukxqBg7G7BVhA1MylHoEYoNMDBw_hOZ2Mly83PKNHOswQtFZt2whQ==
x-cache
Miss from cloudfront
userx.20220922-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220922-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-heraldsun/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3b9d32c29984765d47e9ecfa9f9a0318adda7920b4d8fde67b965a1161b03b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
Rop466o8w3GHuGp.qUtcSOWXpJVjStIH
content-encoding
gzip
etag
"db9444e762c7677565a6ea28981b5bc1"
age
4
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
0W6G6aYZ6dR6C1tEjVDjZIGhmXYvhlIYmnAvhiF48h4shAx15BVzWqQbtO65e2h4A31cdlMAQ5Y=
x-served-by
cache-mel11237-MEL
last-modified
Thu, 22 Sep 2022 14:24:10 GMT
server
AmazonS3
x-timer
S1663966138.709658,VS0,VE1
date
Fri, 23 Sep 2022 20:48:57 GMT
vary
Accept-Encoding
x-amz-request-id
0276HYZP7F8ED2G2
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
20
x-cache-hits
1
social
sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg-trc-events.taboola.com/newscorpau-aud-heraldsun/log/3/social?route=HK:SG:V&tvi2=-2&lti=deflated&ri=d8b0d9f1fc7eaf7551f6f56f66cef03c&sd=v2_0187430f440626e7c69534603c810d5a_e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139_1663966137_1663966137_CIi3jgYQgPNHGOSY8eC2MCABKAEwEDiu_QZA9YUQSP3L1wNQ8poCWABgAGjepu6WpPzt-8sBcAE&ui=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&pi=/&wi=873729681997272865&pt=home&vi=1663966137444&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=20%3A48%3A57.669&id=4507&llvl=2&cv=20220922-16-RELEASE&
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/ 		433 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
via
1.1 varnish
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
age
15151
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
3ttqq881QQXUSxQy4Ixj9WBENXbbKDlICk7ZijB4/1F94cx67WAbwO8vaP5M4qVY7YB2q0FKAD8=
x-served-by
cache-mel11237-MEL
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1663966138.714504,VS0,VE0
date
Fri, 23 Sep 2022 20:48:57 GMT
x-amz-request-id
10PM2F0SSEQTDN1M
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
20
x-cache-hits
38
taboola2-181489-1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.taste.com.au/J8MjvM9K/taste/2022/09/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.taste.com.au/J8MjvM9K/taste/2022/09/taboola2-181489-1.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e095be329fb58f2614765ad7417ae4ac8745d6155ffd5c0514b9661ccc9bd9b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 23 Sep 2022 20:48:57 GMT
via
1.1 varnish, 1.1 varnish
age
74843
edge-cache-tag
307329425222847361286401534886017414282,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
cache-tag
307329425222847361286401534886017414282,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
584
req-referer
https://www.dailytelegraph.com.au/
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//img.taste.com.au/J8MjvM9K/taste/2022/09/taboola2-181489-1.jpg
content-length
8240
x-request-id
67e430f6dbc3df8af29ee3bae5d0e726
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 22 Sep 2022 22:55:44 GMT
server
nginx
x-timer
S1663966138.724897,VS0,VE0
etag
"c19c0d5bca05b164c70ef81cd10d3545"
x-served-by
cache-iad-kcgs7200137-IAD, cache-iad-kiad7000118-IAD, cache-lga21955-LGA, cache-iad-kcgs7200061-IAD, cache-mel11237-MEL
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
authorize
login.newscorpaustralia.com/ Frame 6CBD 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=sFrsQxIOCp83C0Q6QYiq7iihiL7YOL83&nonce=lEo-VVmDzg~VYQ4g9qrV8Si5HSt9cvDA&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-196-155.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
f75cd8fe41cba177b5096d142684c936c9a9f13143d4fe6b427a96599cf399f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
74f624edcc63e68e-HKG
content-encoding
gzip
content-length
802
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Fri, 23 Sep 2022 20:48:58 GMT
expires
Fri, 23 Sep 2022 20:48:58 GMT
ot-baggage-auth0-request-id
74f624edcc63e68e
ot-tracer-sampled
true
ot-tracer-spanid
350342930f140ba7
ot-tracer-traceid
6ac8eb24161ae361
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-350342930f140ba7-00000000000000006ac8eb24161ae361-01
tracestate
auth0-request-id=74f624edcc63e68e,auth0=true
vary
Accept-Encoding
x-akamai-transformed
9 575 0 pmb=mTOE,3
x-auth0-requestid
2d2c7b503fd060d90fe5
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
999
x-ratelimit-reset
1663966139
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.241 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-241.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
588198372bc5ed676e38c97981daaeb27d928f0fa5d736311488174e563e2917

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 03:38:16 GMT
server
AkamaiNetStorage
etag
"029bddc4a95b3b4e54b77b69c9120f84:1662349096.721361"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1553
expires
Fri, 23 Sep 2022 20:53:58 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.241 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-241.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd7f63a616415c15cf0031af82bba45bc785fc646e49a6dbae25430130e3586f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 03:38:16 GMT
server
AkamaiNetStorage
etag
"8c910a5e55c81668289f2a26017fbf13:1662349096.921522"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
20676
expires
Fri, 23 Sep 2022 20:53:58 GMT
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		191 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
78693f617638dd93eb7434a37d1b06bfbc4765dd09b850f5948aaded63db14de
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
45641
x-rq
sin1 0 2 9980
last-modified
Wed, 14 Sep 2022 00:46:05 GMT
server
nginx
etag
W/"6321244d-2fa6a"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:59 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=24
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
66849d32bc3bc530db5d7111e5c6cba07d63a6c49b288b4e03ad7a1f480337c9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:57 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
3368
x-rq
sin1 0 2 9980
last-modified
Tue, 13 Sep 2022 23:57:16 GMT
server
nginx
etag
W/"632118dc-211b"
vary
User-Agent
content-type
application/javascript
expires
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
max-age=1
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=219056d2a7bcbf299bd8a0ce0618a7f1,287c3bacd700844c90dcc16409cd1203,b9bc7ce9c8df104a810d5ade785465f6,1855f1401433f17306a756a3e7f5405a,6056d3299a2a56e4850d9b1d9923a3e3,f725bb5e3276af55e9cdce3500eaea2a,38477ae20a7e27402323c982440065f1,9c16694627ac74c0aadd2e3312a30142,4912a4028613dcf4d8bce2aaa16c1bed,26b7af62da789504a2a2595f9ef4ecd7,a2fbd3dc2ac7cec2d98f5458fa640430,a0ed80821665eb3cbe1dd0a3552ee4fa,396ea73b3be62f3d08e7eb32bb146b24,7f5c1b00ee596927e560a92ad22bdd52,a0ae64789213d1a5c09b5efdd8e2e2f2,8c70e22f9c1012abbb1c2af0f5e7c34f,76d78a5e7d45ce4108daf97e592d2da9,d7fd66f36c3a69be2d72a578865c91cf,daa32477c68371a1666a540fac1a92d6,39117b6d00a231f4954ee161f33ab9bd,ad7aaec48b18377bf1d489f64d7eae7d,30b82c886ece10a5ce581e3d9dead699,17800691c5be763d3edaf52da67cb11a,e7711fe6f1262a6a671502e6e269340b,081dc8b83761292d609d243cd566a942,a2f0eb79519fc06c030e0bf3b58d814e,c5ea5aaf0c714ceba849e81e00a87c2d,42dd41a54beeea124d9ef36f8a96cae8,766a195be2cd86bd33df690ef7e8ef8c,a668dbabed50f51503f31abf4d8547c1,1f27645595500d7c336c1fc1a942f584,51b65be8b380f9491a00d979c110f39d,4db88bed5aac7f15e4bc07c7775505ac,491e5fe5864ae96b29709e8aa6bb159d,ce5369216b2ee49566625922b574425d,a018ac2b580c483ecc9a11d1c72267bf,6ef0d0793e15d982fbeb2eb299ac5809,58d16bff20c551f7d0ca579201e8b25d,6b5e1cb25c58c46dda0941216a509cac
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
5535d469a212454eb0dfb654ca63b980e8c2edf1a6c2e4ac63cda7b49635a543
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.1
etag
W/"5b4-pVO8zh6QQnjpjjxa5FfBzy95Pk8"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Fri, 23 Sep 2022 20:48:59 GMT
x-talk-trace-id
25d41770-3b81-11ed-9b3f-abbba80f3490
vary
Accept-Encoding
content-length
829
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2201c6165d3822aeb64b2e40552ddf4a5a0a8940ee2b22b250bdd8ea69eac683
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-type-options
nosniff
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
vary
User-Agent
content-length
1700
x-rq
sin1 0 2 9980
server
nginx
date
Fri, 23 Sep 2022 20:48:57 GMT
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=1
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires
Fri, 23 Sep 2022 20:48:58 GMT
72d1777902d903ba91305ee2356e5bff
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/72d1777902d903ba91305ee2356e5bff?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8c4f842ac23c50dee3e342c2296a5f07b27003a48e4652ca300bedad8aaebb59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
72d1777902d903ba91305ee2356e5bff
date
Fri, 23 Sep 2022 20:48:58 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
145671f1139a45104adbc8b56003b7c3-72d1777902d903ba91305ee2356e5bff-150
x-serial
1069
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5120485
last-modified
Fri, 23 Sep 2022 03:11:14 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
6715
expires
Tue, 22 Nov 2022 03:10:23 GMT
a05182439f94bfb5d558671bc21da339
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a05182439f94bfb5d558671bc21da339?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
62cf532d62b2f0ae4e6d0e6382e9a1c76e954b4ee081dd8c6edc0adc3cf774e0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
a05182439f94bfb5d558671bc21da339
date
Fri, 23 Sep 2022 20:48:58 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
b070e5f753bca328e6e7af60002ded81-a05182439f94bfb5d558671bc21da339-150
x-serial
841
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4873438
last-modified
Wed, 21 Sep 2022 09:57:25 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4492
expires
Sat, 19 Nov 2022 06:32:56 GMT
b4039bfb16e5755719ca92517a2de051
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/b4039bfb16e5755719ca92517a2de051?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
936a3918860f620030b68133187817497bcdcbb6e04d96323c8b3a0a13c2482a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
b4039bfb16e5755719ca92517a2de051
date
Fri, 23 Sep 2022 20:48:58 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
6df866b6c692cc700674db8ebe5db5ba-b4039bfb16e5755719ca92517a2de051-150
x-serial
1714
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5025576
last-modified
Thu, 22 Sep 2022 00:48:46 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
7145
expires
Mon, 21 Nov 2022 00:48:34 GMT
e6118a1fc573f1edcd1c41bad78af034
content.api.news/v3/images/bin/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/e6118a1fc573f1edcd1c41bad78af034
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
41c8716329fc80f2ba12ccc0e7a221958dbe4dcdc593a143fecdafc0bc46a4d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
e6118a1fc573f1edcd1c41bad78af034
date
Fri, 23 Sep 2022 20:48:58 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
b582f66f2ebac4901fd21974b5e387e4-e6118a1fc573f1edcd1c41bad78af034-0
x-serial
139
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182167
last-modified
Fri, 23 Sep 2022 20:18:15 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
55941
expires
Tue, 22 Nov 2022 20:18:25 GMT
de8f3a7ed959c6452827457dba120f42
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/de8f3a7ed959c6452827457dba120f42?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8a17f5eca37fb4688bd25836a90561b03607275abc4a55a30980ec93bbab6414

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
de8f3a7ed959c6452827457dba120f42
date
Fri, 23 Sep 2022 20:48:58 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
6fd3d7424dcc02db4a7a76a4e61e0e4c-de8f3a7ed959c6452827457dba120f42-150
x-serial
918
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181024
last-modified
Fri, 23 Sep 2022 20:00:28 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5901
expires
Tue, 22 Nov 2022 19:59:22 GMT
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
age
29444
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Fri, 23 Sep 2022 12:38:15 GMT
x-amz-cf-pop
SIN5-C1
x-amz-cf-id
Zh24QeLm3gXQnE94-srfoMv2cVyyA0iZ0QV26qiSOVB5BqFNhSoqMw==
skeleton.js
static.adsafeprotected.com/ 		17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
age
7325280
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
iwp-IzXTC4lBac8MaDXE6oaxjecuCLfevbRKN0cqbkbqW-pz_nTSpw==
c7e941495d002fcaae1d693a87de10b3
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c7e941495d002fcaae1d693a87de10b3?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
80071d167df92e3b7a334b9a133d289001a0ca778aa74e0f75651bbccc4ca31e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag
c7e941495d002fcaae1d693a87de10b3
date
Fri, 23 Sep 2022 20:48:58 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
38d331ba5480f01b644fc850f73d2cbf-c7e941495d002fcaae1d693a87de10b3-150
x-serial
968
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183962
last-modified
Fri, 23 Sep 2022 20:48:36 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
4232
expires
Tue, 22 Nov 2022 20:48:20 GMT
mynews-promo.png
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/ 		366 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/c3po/mynews-promo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
is-https
true
x-opw
4
content-length
373561
x-rq
sin1 0 2 9980
last-modified
Sun, 24 Jul 2022 22:41:19 GMT
server
nginx
etag
W/"62ddca8f-5b713"
vary
User-Agent
content-type
image/png
expires
Sun, 25 Sep 2022 02:12:56 GMT
cache-control
max-age=105838
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
accept-ranges
bytes
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16639661385710.2389437819303264
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
839
expires
Fri, 23 Sep 2022 20:48:58 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
cache-control
max-age=64430
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
d70b9ac997a78a70c8ed6433c54edcbf0eb48887def5da4c0e879cbd577279fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12532
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.19.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-19-109.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:53:07 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
age
6952
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 23632109ecb3eb8245f17822f97fa88e.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
SIN5-C1
x-amz-cf-id
1A9j7kglWx8E5DOGSwo_lwy8C8oMwF5iia03jHiYUbCr0pZgjeFbXg==
expires
Fri, 23 Sep 2022 20:53:07 GMT
metrics.js
tags.news.com.au/prod/metrics/ 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"9eb05ec342e2e8bb70ca106d47373e89:1663130616.359726"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=41924
content-type
application/x-javascript
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=39738
content-type
application/x-javascript
content-length
9840
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
/j3BpdCSWvd8heFrG/tEj2Apli6LmDBeUTLeKX87BmNnHoHBUEPPJtzhKUefty3Fycuh0Fm5OezsfAiGBcBMoQ==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 23 Sep 2022 20:48:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-25.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:04:23 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 21 Mar 2022 03:18:38 GMT
Server
AmazonS3
Age
2698
ETag
W/"cd21e4d44772e851dcd7105fef09c01e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 8c73194b247676a80d86714cba2447a4.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN52-C3
X-Amz-Cf-Id
F6YzEygO-axSvbCdYNqP33uv156N2cWf2FWWO2ni42IOdOJayAig4g==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2022-09-23T20%3A48%3A58.592Z&country=au&newsconnectId=&fpid=db97064d096efd3ceffe895b18519778
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.16.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b1e8456cf832f41c6b239b94e9019d861850b145b576b68181184a09232f6c67

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e0048d90172ebbb946617c24a981dbc8a4d585329c16ecd3eeac25d6a0acd58
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
G_uOFaRAX6MbltPrZ4eQxYjXSVaorpvs
content-encoding
gzip
etag
"d3a4ba724c6dc4f78dd9808b516fecba"
age
318776
via
1.1 varnish
x-cache
HIT
vary
Accept-Encoding
content-length
520
x-amz-id-2
T3GZEFkLDo9N8/3VTBJpi188JWOEJYpe5g6gfVvQPE58ZvWEOCBaByhiwn48eOXBGoly88KOHUw=
x-served-by
cache-mel11269-MEL
last-modified
Tue, 20 Sep 2022 04:16:03 GMT
server
AmazonS3
x-timer
S1663966139.814060,VS0,VE0
date
Fri, 23 Sep 2022 20:48:58 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
73HQHDHHEYFP1R1P
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
255005
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
age
2949
etag
W/"68154020ef14b5881614607902c7c21b"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
74f624efb89f5ac0-MEL
x-amz-request-id
AGVQ42H585Y6XTD5
x-amz-id-2
r9hllPMLzNEYnU3swJXcEwKssC39JhI8AZXWHVVaG+7VxlSjWm0FNcWZNPXHsNiMlMq1IA2cRX0=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.36.231 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-231.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
br
last-modified
Tue, 19 Apr 2022 03:11:13 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
strict-transport-security
max-age=86400 ; includeSubDomains
accept-ranges
bytes
content-length
20617
expires
Fri, 23 Sep 2022 21:48:59 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ab9b143c1a9f51f38c62db005fb4b49572e4d796f0e74e6b3b56ee41036f954

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"09c229fdb7af1d8ac7248f68a4e2145d:1657170208.878739"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=20915
content-type
application/x-javascript
content-length
2231
tad.js
tags.news.com.au/prod/tad/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"08fe99de660944ffd677aa09c2ad8154:1663643873.920173"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=75762
content-type
application/x-javascript
content-length
33375
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
77cd9a483177d7149d1eea99c6cb604ed30c86567dc6a8e32a11e571bcf1bf7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27802
x-xss-protection
0
server
sffe
etag
"1343 / 200 of 1000 / last-modified: 1663931308"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Sep 2022 20:48:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-2-118.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:27:04 GMT
via
1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront), 1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:37 GMT
server
AmazonS3
age
1316
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
SIN2-P2, SIN52-C2
content-encoding
gzip
x-amz-cf-id
QktfvS7v760EDOphVut_xyTIlpdQ5cGM70jJKMlhTZSRpN6632sb2g==
prebid.js
tags.news.com.au/prod/prebid/ 		362 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"38085f66de7dcd7c22d408e9044e03b1:1655686301.436641"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=75746
content-type
application/x-javascript
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		126 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-49.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0422c1be425a330e066dc9ac7ba5d76e323e757b3ddc2a95c5319e2ca5090968

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:18:52 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 04:16:45 GMT
server
AmazonS3
age
1808
etag
W/"c331a61ccc8287ce655141bd19a0411f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
HE1xTUGQPvbYegvSQqoru0pjiqV0i.E5
via
1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-pop
SIN5-C1
content-type
application/javascript
x-amz-cf-id
2pND4k_mKuMNZ5DzufgDs9eyfQki65f5q44eWFNhffmIOn-rZnj-xg==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"f195a817810e0c6b1880a6e2edc2d073:1660712926.791363"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=69405
content-type
application/x-javascript
content-length
7136
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4900ea49e481698bb56421bd6e83d4750862081321b3cb552bc873624412db68

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 20:39:50 GMT
server
cloudflare
age
549
cf-polished
origSize=5864
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AWJttOYg%2Fkw7pC%2FmjZvzfLvixyffJqsXxiZ1BWjL3ZCfPqpwwd4NWO%2FxH7zneNE%2FENRFh8w6Gn2upGXnonNzIM%2FOHS95vzhQMBO%2BF4bDxZ52Ch85zeELdVW%2BK7NSXQo61NaC7af"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f624f2eb3a17d0-MEL
cf-bgj
minify
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.201911200449
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.241 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-241.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 02:18:16 GMT
server
AkamaiNetStorage
etag
"479ba55551c0a2369f399625b1c2c4ea:1632190696.475182"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
899
expires
Sat, 08 Oct 2022 20:48:58 GMT
bulk
trc.taboola.com/newscorpau-aud-heraldsun/log/3/ 		0
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/newscorpau-aud-heraldsun/log/3/bulk?tvi2=-2&route=HK%3ASG%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
99
pragma
no-cache
date
Fri, 23 Sep 2022 20:48:58 GMT
via
1.1 varnish
server
nginx
x-timer
S1663966139.722749,VS0,VE99
x-served-by
cache-mel11237-MEL
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.187 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-187.pacnet.net
Software
AmazonS3 /
Resource Hash
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
gzip
last-modified
Mon, 05 Sep 2022 08:55:48 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
etag
W/"095a7b562e641bfc203fc3ef9697c6bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
21384
x-amz-cf-id
Mg-PJrPZYvUFlAGyPVC9EWlvXHDkYYQUS1sjVFkZHnJNCU2RdwDlbg==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202209050338&cb=1663966138786
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.241 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-241.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:58 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 23 Sep 2022 20:58:58 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb2f4643b0abb221129fb74d66a7e9cf47b5aff8e235954e123c632b9cb570e4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
fNCrfBGqL_m2cxRkFMbg.1zjRvLFj047
content-encoding
gzip
etag
W/"2e5c067cc12747e1f65b746920a28ebb"
last-modified
Fri, 23 Sep 2022 11:19:19 GMT
server
AmazonS3
age
3313
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ccd5ce8e69d2dc421327946b6ecb3cbc.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Fri, 23 Sep 2022 19:54:21 GMT
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
NlX0LrMulrMq8BnuzBt5vm-r8k7UmqZsVRPZpBRXbXqYsEwtmJ7GTQ==
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11348
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
fPWXzgX4fa0p5Qftf89BXbnhAcw3OLa3UkWHAWtZ8jjxrKIT5q6/DtyjTnt7TmOBqhTbObhKjBE=
x-served-by
cache-mel11237-MEL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1663966139.892636,VS0,VE0
date
Fri, 23 Sep 2022 20:48:58 GMT
x-amz-request-id
9VJ0B972ZW7702WT
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
20
x-cache-hits
155
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-196-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers
2970e271
login.newscorpaustralia.com/akam/13/ Frame 6CBD 		0
0
1McDhLIVMB
login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/ Frame 6CBD 		0
0
indies-loader.js
ts2020-indies-client.web.app/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ts2020-indies-client.web.app/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 08 Sep 2022 01:41:49 GMT
x-timer
S1663966140.513127,VS0,VE0
etag
"dda6d8f74d0e858612ec503761d52ecaea214cb075d9052ffc7fb232c4add592-br"
x-served-by
cache-mel11236-MEL
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Fri, 23 Sep 2022 20:48:59 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2355
x-cache-hits
314015
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		257 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.84.196.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-196-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 05:33:14 GMT
x-amz-cf-pop
SIN5-C1
etag
"04df6ed36e659404b1589354c5fb8697"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=39
strict-transport-security
max-age=600
accept-ranges
bytes
content-length
66268
x-amz-cf-id
hQ4SSN4u1HuPyrnzxD_PPi7w3wIO6zd15torGpCXqaplLjiLRSBpqg==
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=a44ed66ffff785807d1d384e187b416b&timewithTz=2022-09-23T20:48:58.592Z&country=au&newsconnectId=&fpid=db97064d096efd3ceffe895b18519778
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.16.11 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-16-11.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663966139139
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663966139139
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663966139139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ed34e3530f07faa0bf28c25a533cf0673392267357cfd93ff69f45b986d7f560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0fad7b986.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
SlQtCOAlRRo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1561
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v038-005bc6f1b.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.heraldsun.com.au
X-TID
12gVcNdPQgE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663966139139
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:45:10 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1DlhRaIlNV1Key3jteX1gLNQIw0-n8T01ILuprQYpy1ti9JjXFNu6FjPlEkRAcZ6m5dlL39USP-a5TcQ6NqsYZhkNENEv-cCXetsmxITSmQyoj8SHRRL_R4o4eCkODdItVQ9rTsFRVh5geNNU&sig=Cg0ArKJSzJWD78bKNBKrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220921.02251&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=3TP6hKqGfWDP7R3J&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12582&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=6299&t=DgLgznDeN-QpBTCqjXD8qunGD3dYU9&V=136&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=0&_acct=anon&sn=1&sv=BFB7JiBxw5vwBVVwJMfbfUUuDrG1&sd=1&im=062b0732&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-92-212.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-10.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 02:55:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
64409
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f8e64d8534487ab105627956713b04b2.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN5-C1
X-Amz-Cf-Id
v8fW9byGIp1BXA36s4AsbaDkDxi1tgfuoX2XYAzmMz4rsq4_t7ze0g==
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:48:59 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Fri, 23 Sep 2022 20:48:59 GMT
v2trhC9sANglKo2l8EHC92Vs2cdTZkmsOrUZkoX1GbfvIw5tV6V5sTvB-KjG-spn17gcQjNQz
bedsberry.com/ 		187 B
214 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2trhC9sANglKo2l8EHC92Vs2cdTZkmsOrUZkoX1GbfvIw5tV6V5sTvB-KjG-spn17gcQjNQz
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.46.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.46.160.34.bc.googleusercontent.com
Software
/
Resource Hash
aefd9d5f80f99a114ed72642e172bc10fc70495af40cccdf76e923ffffaaab30
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
x-datacenter
gce-asia-east1
date
Fri, 23 Sep 2022 20:48:59 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-asia-east1-spot-89bf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 23 Sep 2022 20:48:58 GMT
pixel_7184b897
www.heraldsun.com.au/akam/13/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_7184b897
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/7184b897
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.111 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

is-https
true
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-bpath
OLD
vary
User-Agent
blaizehappened
true
date
Fri, 23 Sep 2022 20:49:00 GMT
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-webkit-csp
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_7184b897&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=pixel_7184b897&session=db97064d096efd3ceffe895b18519778
x-arrrg4
https://www.heraldsun.com.au/
x-opw
4
content-length
0
x-content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
384959879014125
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
e86ca1e15b3efaabf787ab5923261b8e93422effd04079f57f93e6fec5bb2568
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86013
x-xss-protection
0
pragma
public
x-fb-debug
iX0P1jvGZiWp81Khj9edFwJnDv5PpXRFfp3GQ0e8n5ubNo/alLs6QPnTGnP1gNM0lu5r0VdARdCFiY/RkBTOqw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 23 Sep 2022 20:48:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220923
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20881
x-jsd-version
1.0.1472
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-yyz4566-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-5kcFU4ELpJ/3TUqY2DoFFkrnMcY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6q0oiNFzLsZYWJpBDNbrcRq0yYy1acmWuOkM65L1AIDbg4sbZs2eycxRdHbF19KEwvn2DM0UmUiQts7OIzFBDAbleJyKkds0g%2BcdjGjWAAFGkXLJyeRXVlRHt42lLxy6dXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74f624f4ba095a91-MEL
door.js
au-script.dotmetrics.net/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-6.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
0ab2d22328ccfb136ee81ad17d662c23d61d0bdae81ff1f773569ca0e116ecea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"13062...214.2022092320"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
cache-control
private
content-type
application/javascript
x-amz-cf-id
ief03IgMfTlMo8ZmbePJqJnYOAWp_N2Mo_SrNEpcVP8N1USiZmokTA==
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a547c4128d0639e5707d680eeee4cf5ff5cdfed9893dbed7c8ee69fb02ebdff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 20:39:56 GMT
server
cloudflare
age
543
cf-polished
origSize=44104
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJLAwes%2FInibhzfgj7XrT%2FRTw1S8jXbr2CmiFG1x1f07A%2Bgt4UkK%2FW2IADFnH8mHbgIw7HeMIMZRtQHuVai4zCpaLpAvXd2pBbI9bgVW0NpVWWKF7o9b7baCbHWRSFLIWaKI7MFX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74f624f39baf17d0-MEL
cf-bgj
minify
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 10:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Sep 2023 10:51:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		144 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:48:59 GMT
c.js
collector.brandmetrics.com/ 		0
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au&rnd=2788929
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
content-length
0
content-type
text/javascript;charset=utf-8
campaigns
resourcesssl.newscdn.com.au/indies/ 		896 B
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Requested by
Host: ts2020-indies-client.web.app
URL: https://ts2020-indies-client.web.app/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"380-buHeOXtmZuLHUq6FLZ+ztTi2ZXY"
x-powered-by
Express
date
Fri, 23 Sep 2022 20:49:00 GMT
x-cache-hits
0
content-length
503
x-served-by
cache-qpg1268-QPG
server
Google Frontend
x-timer
S1663964996.645265,VS0,VE312
x-i
true
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
8ccee8c9584fbba310efa16bbe304082
cache-control
private, max-age=615
function-execution-id
gvx1q6e8jlbl
accept-ranges
bytes
x-orig-accept-language
en-AU,en;q=0.9
x-country-code
SG
expires
Fri, 23 Sep 2022 20:59:15 GMT
campaigns
resourcesssl.newscdn.com.au/indies/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/campaigns?query={getCampaignsBySiteAndPageType(userType:%22anonymous%22,pageType:%22homepage%22,site:%22heraldsun.com.au%22,section:%22/home%22,device:%22desktop%22){indieId,indieName,selectedIndie,jiraTicketNumber,isOnHold,isAllowed,hideBreachMessage,startDate,endDate,locations{id,site,device,cusVars,include,exclude,pageType,pageInjectType},source{css,html,js}}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.189 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-189.deploy.static.akamaitechnologies.com
Software
Google Frontend / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cache-control
private, max-age=1749
content-type
text/html
date
Fri, 23 Sep 2022 20:48:59 GMT
expires
Fri, 23 Sep 2022 21:18:08 GMT
function-execution-id
fr6jh5h443r9
server
Google Frontend
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache-hits
0
x-cloud-trace-context
2dfbf1ebdadb49e63a4c7b26f0da06f1
x-country-code
SG
x-i
true
x-powered-by
Express
x-served-by
cache-qpg1247-QPG
x-timer
S1663966140.662170,VS0,VE242
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.8.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-8-238.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 20:49:00 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.8.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-8-238.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 20:49:00 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame 450C 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-113.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
1676
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 23 Sep 2022 20:21:56 GMT
ETag
W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified
Mon, 21 Mar 2022 03:18:39 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jmg2RvT--UV79ferXd1OA5qhpM78o4xPJWISKTZPBshHdnbvTe7cFw==
X-Amz-Cf-Pop
SIN52-C3
X-Cache
Hit from cloudfront
lookuplist
au.audience.newscgp.com/ 		108 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=db97064d096efd3ceffe895b18519778&&bust=16639661395660.6504576730996727&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-29.sin52.r.cloudfront.net
Software
nginx /
Resource Hash
12628e8318237b4ff9be0901cc322a1e9708f32892c1cea237abb886cdd9e5c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 a6f10891bf05ce2d27b04a152b14cf00.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN52-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
u-dJk8AkmwlFvZonuTugoyzUJMThMnsh9IzOOqa-UIvzBWDUFDM4jw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-2-118.sin52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:18:50 GMT
via
1.1 66a1d049e76b3705fd453637d74c10dc.cloudfront.net (CloudFront)
server
Server
age
12608
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
WN9ASg_zs5Lh1ZJh1-XxqU93QkCeau5Amns9fMGjare5NCp3gbwL5A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-2-118.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
42826
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
date
Fri, 23 Sep 2022 08:55:15 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a372f2a2c858a55a472ec9d3d1c6b816.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
6Ev4uiguDsdCPhXMHhgVUuoU7NDks9lgy15V5x4HK6uakFfJSDHRhQ==
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame EB40
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EYH703-1T-FCM1
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EYH703-1T-FCM1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1663966140.470758,VS0,VE94
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-mel11237-MEL

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=L8EYH703-1T-FCM1
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame EB40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg2ccvrYDnmfWzXT2M1gLU&google_cver=1
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg2ccvrYDnmfWzXT2M1gLU&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
97
date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1663966140.957454,VS0,VE97
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11237-MEL

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:48:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg2ccvrYDnmfWzXT2M1gLU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EB40 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139:$UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame EB40
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
date
Fri, 23 Sep 2022 20:48:59 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
168208
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame EB40
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=548033b2-aa44-4d80-8e92-adbc87e96a0f
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=548033b2-aa44-4d80-8e92-adbc87e96a0f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1663966141.516634,VS0,VE94
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11237-MEL

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=548033b2-aa44-4d80-8e92-adbc87e96a0f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame EB40
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame EB40 		49 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-AU
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-6db8fcb759-qdcqq
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame EB40 		43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:00 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame EB40 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.58.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-58-250.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame EB40
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dd5aed95-24f1-4ccd-aa7e-c85c5031fbf0
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dd5aed95-24f1-4ccd-aa7e-c85c5031fbf0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
168492

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:00 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=dd5aed95-24f1-4ccd-aa7e-c85c5031fbf0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1015744
content-length
0
expires
Fri, 23 Sep 2022 00:00:00 GMT
input
cookie-matching.mediarithmics.com/ Frame EB40
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/6/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/6/2.gif?puid=7832201268429598831&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOXlybwCsvg6Zdo6zg6mNafrsLvFvrSgPyJNMrBg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F5%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/5/3.gif?puid=9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=548033b2-aa44-4d80-8e92-adbc87e96a0f&ttl=%%TTL%%
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F10%2F3%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/10/3/5.gif?puid=2853615921117379872&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gd...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=7500e4fb-0b77-4186-a716-216ef3e0717e&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F112%2F1%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/464/112/1/7.gif?puid=8E80881BE1CCD453&gdpr=0&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_I...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opi...
0
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame EB40
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1
  • https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dbidswitch%26bidswitch%5Fssp%5Fid%3Dtaboola%26uid%2Dset%3D1%26auid%3D
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=bidswitch&bidswitch_ssp_id=taboola&uid-set=1&auid=183f644c-3d77-4e85-aaaf-6b029e8bb15a
  • https://x.bidswitch.net/sync?dsp_id=96&user_id=DHRX-llCCbOp-Wg&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c985f782-8280-47d2-bac8-cf55a10d334d
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c985f782-8280-47d2-bac8-cf55a10d334d
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
171877

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c985f782-8280-47d2-bac8-cf55a10d334d
Date
Fri, 23 Sep 2022 20:49:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame EB40
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=45f750ba-c62e-4cb4-a687-e5e7a2fbf75a
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&tbid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&query=taboola_hm%3D45f750ba-c62e-...
0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&tbid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&query=taboola_hm%3D45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&isDirect=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1663966143.820125,VS0,VE142
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11237-MEL

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&tbid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&query=taboola_hm%3D45f750ba-c62e-4cb4-a687-e5e7a2fbf75a&isDirect=0
date
Fri, 23 Sep 2022 20:49:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
172413
sd
u.openx.net/w/1.0/ Frame EB40
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame EB40
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 23 Sep 2022 20:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
visitor.omnitagjs.com/visitor/ Frame EB40 		49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=54ac1f569912e3c4967bf7b5df910a44&name=TABOOLA&visitor=[BUYER_USERID]&external=true
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.196.20 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-196-20.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:01 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
49
expires
0
/
s.uuidksinc.net/match/1135/ Frame EB40 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/1135/?remote_uid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:01 GMT
server
nginx/1.19.0
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame EB40
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=AYNljZ3ySNBcfTszWIvEhWfR_nE
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=AYNljZ3ySNBcfTszWIvEhWfR_nE
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
173045

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=AYNljZ3ySNBcfTszWIvEhWfR_nE
Date
Fri, 23 Sep 2022 20:49:02 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ Frame EB40 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=453&user_id=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:49:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
t.adx.opera.com/ Frame EB40 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:01 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame EB40
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=277d007f-f190-4da4-ad5f-49abb96cdc09
0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=277d007f-f190-4da4-ad5f-49abb96cdc09
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
173729

Redirect headers

date
Fri, 23 Sep 2022 20:49:01 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=277d007f-f190-4da4-ad5f-49abb96cdc09
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220922-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
NrP0zRqJgdqCAFOGjLJOgaX1BFZQx8TJ
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
2793
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
jVRaPBrlJINKGRlE+TEZITMhVnn0x1YdhtVr0GY67doy48gXtgSPDYZtb5ckgwFuMWO1hbQiHXg=
x-served-by
cache-mel11237-MEL
last-modified
Thu, 15 Sep 2022 14:11:45 GMT
server
AmazonS3
x-timer
S1663966140.707060,VS0,VE0
date
Fri, 23 Sep 2022 20:48:59 GMT
vary
Accept-Encoding
x-amz-request-id
1587YHA6ZSH67WTZ
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
20
x-cache-hits
2325
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding
gzip
etag
W/"81a9e2a298d0019660cb2966f0c24748"
age
1264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
date
Fri, 23 Sep 2022 20:27:56 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ccd5ce8e69d2dc421327946b6ecb3cbc.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
nN0F5vUkchFvr_9fIeMhWU8bsbHLNPDw4MxI3JJ7ZaXQx4-D3-Brhw==
/
pips.taboola.com/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:48:59 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-mel11223-MEL
access-control-allow-methods
GET
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
swg.js
news.google.com/swg/js/v1/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
sffe /
Resource Hash
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:21:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46294
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 20:41:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 21:11:17 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 20:49:00 GMT
cache-control
no-store
server
nginx
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1663966140043&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663966140041.631870787&it=1663966139345&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 23 Sep 2022 20:49:01 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.187 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-187.pacnet.net
Software
AmazonS3 /
Resource Hash
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
W_yTpbzpqY89CZHjDkmLnffsRbstOxY.
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 05:38:14 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P4
etag
"189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=92
date
Fri, 23 Sep 2022 20:49:00 GMT
accept-ranges
bytes
content-length
1284
x-amz-cf-id
17OsOtIjsmEXrPJkCcxBX8o6mHpHJQqkCcdA_43J0MjKs99GynPC8Q==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 9FDD 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-80.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1275
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 23 Sep 2022 20:27:45 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Mon, 02 May 2022 13:40:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ccd5ce8e69d2dc421327946b6ecb3cbc.cloudfront.net (CloudFront)
x-amz-cf-id
YCtBz14kLvazbIslpklIJPTlJdu_ppfYtjcwa_njrGGQPF8DtzOfuw==
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache
Hit from cloudfront
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
438d50b298a91528388dbfd044a8eb83a456eb3a3e03ad01e96ce94522724e1f

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 23 Sep 2022 20:49:00 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		0
0
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1663966140175&pvs=1&pvid=5f570d3b-c29c-451a-a95f-b9cab7d5cc7c&c=true&tzOffset=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-6.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
dotmetrics-hit-status
01 OK
server
Kestrel
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
image/gif
x-amz-cf-id
YESl4kjd9EDP87N_v5I7ItUP1NqrSEBHL9CNJpggp4Pl8OIhY-CwEA==
script.js
au-script.dotmetrics.net/Scripts/ 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=214
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-6.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
content-encoding
br
last-modified
Mon, 05 Sep 2022 12:02:11 GMT
server
Kestrel
x-amz-cf-pop
SIN5-C1
etag
"1d8c11f544f5886"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
kLg8l4PdvQTAffqB41gAy-ogOVEv2shCLHArQbRcI6KvWS930QYlAA==
v2
mfad.inskinad.com/api/ 		84 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mfad.inskinad.com/api/v2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.77.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-77-212.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
d2fb5c67ed0f02b3e07f33d1999174e050c221ce9c875f28e148346eb1fa4c04

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:01 GMT
content-encoding
gzip
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"15116-TLBzr/PwBuVd9atbrOZuZxkA68Y"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by
bifrost-production-shard001-us-east-1e-i-02ed993eaf7bfeda6
trinity.json
syd-1-apex.go.sonobi.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		493 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1aa3b50696fb5ad8391efe27876e8cc8276745e0b941540cc5c23c570b71f176
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:01 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2457ff67-6f70-4501-a189-b284c510198a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
493
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=1a7b042f-2d00-4007-8b6e-8842d949738c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.06803511060369116
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b1fc74d0b3f64fce95f6d59237047d0d572e750596b79f9eaed50d9499f837bd

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
407
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		406 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v6.13.0&x_source.tid=24968da6-deb8-4c75-aab9-9381a0246fc2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.45614647608041725
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7da80d698eeed667d9dc3e69ae1fc6ebe00fcd1f518aa299c81e65c1edf50dfe

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
406
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=54cfac31-7e3e-4fcc-ba6f-bb1e1a2b6de2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.8901434570088862
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c9f999dc36e2bb41362246be0cbf0e65ac9eea0ab75b8aa29ed7d104fe88afce

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
384
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		382 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v6.13.0&x_source.tid=ad1d91fb-802e-42a1-9548-9996b9108061&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.2919983705039535
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4cc8ea47cdd4d9a1f9b0df1a290845cd64a8d37f48bd2743210d931e82d56f24

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
382
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.13.0&cb=76115625163
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 23 Sep 2022 20:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.playground.xyz/host-config/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:49:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
4d768574-3d27-48a8-94bd-c7860c7d73f8
cygnus
htlb.casalemedia.com/ 		36 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277566&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2230eff490d46c47%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%3Fpagetype%3Dhomepage%26sec1%3Dhome%26sec2%3D%26sec3%3D%26env%3D%26adl%3Dfalse%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.13.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2231aecb7318a04c2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A1800%2C%22h%22%3A1000%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%221800x1000%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277566%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%7D%2C%7B%22id%22%3A%2234d3d43f672e10d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22279849%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%7D%2C%7B%22id%22%3A%2236513d7c2e35443%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22320697%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%7D%2C%7B%22id%22%3A%22379fd540b637391%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22320695%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d356980855c9ed9e4f4ff72aa19216384c3468aa13602211b8e93ce01ddbde00

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYq9okM0qLn9eq%2FrFwAV3wO7SNoL3kTni1zzvjHMBnmEJGTHtetXlYCcRIaD3fj56H%2BgA3OIonfW0o%2BVqZ8WT7CfjDBERXOk%2ByggI2czMaEpeKg72xY3GHm9rFnu7NN1FPyG%2Bu0Y"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74f624fab96d5a67-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
pub
pixel.adsafeprotected.com/services/ 		633 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=acbde71f-9f09-9eb8-2d54-dc575bce8d8b&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7228664e710ed4d04cc2c10582d86174e7f28ae53983638bd4c244271a4d51d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
x-server-name
app03.sg.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=RqQhwgwc5DFxw&cb=0&ws=1600x1200&v=22.9.81452&t=4000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x50%22%2C%221000x100%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.17.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-17-5.sin5.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 893b2f924f02b6d97b78b13c14301c76.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SIN5-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
y4E2xuKT_9xJCc51muqjZAUTizZIUa27JR4YrJFlAtHy4DF8tc0y5g==
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 9FDD 		44 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=f0g6h1vavlivdekwpg159mmvwiov41663966140&c16=sdkv,bj.6.0.0&uoo=&fp_id=7lmv6i3imzcgxvnth7h1cvxxvo8tv1663966140&fp_cr_tm=1663966140121&fp_acc_tm=1663966140121&fp_emm_tm=1663966140121&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.71.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-71-162.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:00 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
f0g6h1vavlivdekwpg159mmvwiov41663966140.nuid.imrworldwide.com/ Frame 9FDD 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f0g6h1vavlivdekwpg159mmvwiov41663966140.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-85.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 22:17:16 GMT
via
1.1 f89fcc37b128414167e80016d2f77972.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
81105
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
peY_ZgAiIWTF4TGMmtpJu5s716WmdveOvR7HE-ymizgQ34GPZ0g1DQ==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.8.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-8-238.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 23 Sep 2022 20:49:00 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
2
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.8.238 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-8-238.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 23 Sep 2022 20:49:00 GMT
Server
nginx
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=Microdata&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1663966140546&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun%22%2C%22meta%3Adescription%22%3A%22News%20and%20Breaking%20News%20-%20Headlines%20Online%20including%20Latest%20News%20from%20Australia%20and%20the%20World.%20Read%20more%20News%20Headlines%20and%20Breaking%20News%20Stories%20at%20Herald%20Sun%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22publisher%22%3A%7B%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Herald%20Sun%22%2C%22%40id%22%3A%22heraldsun.com.au%22%7D%2C%22isAccessibleForFree%22%3A%22True%22%2C%22isPartOf%22%3A%7B%22%40type%22%3A%5B%22CreativeWork%22%2C%22Product%22%5D%2C%22name%22%3A%22Herald%20Sun%22%2C%22productID%22%3A%22heraldsun.com.au%3Adigital%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.2.1663966140041.631870787&it=1663966139345&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 23 Sep 2022 20:49:01 GMT
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
validate
assets.vidora.com/v1/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-4.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
via
1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
IZQSliztJbBXXtTakZKwAFfVKwwt1eT1FFV4N7P5FV6UcbGhsnlHuQ==
expires
Fri, 23 Sep 2022 20:48:59 GMT
dest5.html
newscorpau.demdex.net/ Frame 3773 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.194.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-194-179.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v038-04fc45a31.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
cLdZQ1nHTJk=
content-encoding
gzip
date
Fri, 23 Sep 2022 20:49:01 GMT
last-modified
Mon, 19 Sep 2022 09:56:07 GMT
transfer-encoding
chunked
vary
accept-encoding
id
metrics.heraldsun.com.au/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=22297125268877538493731050814935474609&ts=1663966140710
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-101.data.adobedc.net
Software
jag /
Resource Hash
1a21812b5c15bddb8c2a4fdb93b9ffddbb07e7326a0c8de9784bbdbe093cce5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 23 Sep 2022 20:49:01 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Yy4bvgAAAGu2cgN1
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=22318271791660588513733439796371681451
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4bvgAAAGu2cgN1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4bvgAAAGu2cgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-071e4edc0.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zTMrq3IUSJI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy4bvgAAAGu2cgN1
Date
Fri, 23 Sep 2022 20:49:02 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjVmNTcwZDNiLWMyOWMtNDUxYS1hOTVmLWI5Y2FiN2Q1Y2M3YyIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1663966140785
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-6.sin5.r.cloudfront.net
Software
Kestrel /
Resource Hash
706fb49bb9b8b62245becfb45e2514a73652a62e219925a7dcc2d596e05cdf48

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
content-encoding
br
server
Kestrel
x-amz-cf-pop
SIN5-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via
1.1 f28347a3148f4f8fa1d930375689073c.cloudfront.net (CloudFront)
cache-control
no-cache
content-type
application/javascript
x-amz-cf-id
cJCph_9za4gwbGGmC1Ha91yAO8wCSz5YMTjJag9oqEX4bxUwQCzOgA==
v2tgipzojqjnJTisMlNgRFXRR22Mbjttc6H1pVPhyWNMFu6WJP4QZ47UOQsLKKT002mNwXUIYdw
bedsberry.com/ 		2 B
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2tgipzojqjnJTisMlNgRFXRR22Mbjttc6H1pVPhyWNMFu6WJP4QZ47UOQsLKKT002mNwXUIYdw
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.46.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.46.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
via
1.1 google
x-buildnumber
632800667
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-asia-east1
date
Fri, 23 Sep 2022 20:49:01 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-asia-east1-spot-89bf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 23 Sep 2022 20:49:00 GMT
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=5276800832986160133&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D7373065979648472086$$&ns=0&rnd=47185426638902284&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.202.127 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-202-127.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9afe7858dac5c682eea79b12e408852803d393491c5fdaf57260d822c504fe59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
2468
expires
Sun, 05-Jun-2005 22:00:00 GMT
701.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
37b69563450fbcd23d52fff0609cd0435464f1ed8ca45f40ff098a0bafe8ef56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:49:00 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
8.gif
id5-sync.com/i/701/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/701/8.gif?id5id=ID5*Cqt4LQgBi0yHPbypDx78xxd1DdFxLr0jqFck8UVRYlEkQXeLhJomcpsdac_xOSBl&o=api&gdpr_consent=undefined&gdpr=false
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:01 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
interact
edge.adobedc.net/ee/v1/ 		725 B
832 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=dacde473-c4a9-4845-8894-3bef27938f36
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-103.data.adobedc.net
Software
jag /
Resource Hash
afe3379fd219f3c158a7bdefbf2065de08fe78835ec7d2d813cdae454eccc54d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
deflate
x-content-type-options
nosniff
x-rate-limit-remaining
599
x-adobe-edge
OR2;9
vary
Origin
x-xss-protection
1; mode=block
x-request-id
dacde473-c4a9-4845-8894-3bef27938f36
server
jag
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.9.37:fc1cc715
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=22297125268877538493731050814935474609&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=newsnkidcookie%01db97064d096efd3ceffe895b18519778%011&ts=1663966141750
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
92fa0b1c0c602c7ddc7e2132ba4fee2ef158dd279d98ce6fcaf1db19ccbccdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v038-06024b8fc.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Nc5u9aweSE4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1560
Expires
Thu, 01 Jan 1970 00:00:00 UTC
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 21:25:38 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:24:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 21:14:58 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame CF95
Redirect Chain
  • https://news.google.com/swg/_/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
  • https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
ESF /
Resource Hash
97e95b169e96a01488b70117543491505f44a1c442fcd1fd175abdcf9181ba26
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-rDhs0zx9U3E4jo3F8JJABw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-rDhs0zx9U3E4jo3F8JJABw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Fri, 23 Sep 2022 20:49:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-HSlU261ATXGsZ8a0FMv_YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Fri, 23 Sep 2022 20:49:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
entitlements
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		2 B
524 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
ESF /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://www.heraldsun.com.au
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
s07284220151284
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s07284220151284?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=23%2F8%2F2022%2020%3A49%3A2%205%200&cid.&newsnkidcookie.&id=db97064d096efd3ceffe895b18519778&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=db97064d096efd3ceffe895b18519778&mid=22297125268877538493731050814935474609&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getPreviousValue=3.0&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D63&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=6%3A49%20AM%7CSaturday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=63&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cvic%7Cmelbourne%7C-37.82%7C144.97%7Cgmt%2B10%7Cunknown&v79=au&v80=db97064d096efd3ceffe895b18519778-00000000000000000000000000000000-1663966138764-438345&v110=2022-09-23%2020%3A48%3A55&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-101.data.adobedc.net
Software
jag /
Resource Hash
b70054ce492ddee689523c7ac1abf26fc6795f5c4b6450f1aa5893a83f0ebab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-aam-tid
lbhUPIOuTZc=
date
Fri, 23 Sep 2022 20:49:02 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
vary
*
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-usw2-2-v038-097992afe.edge-usw2.demdex.com 7 ms
pragma
no-cache
last-modified
Sat, 24 Sep 2022 20:49:02 GMT
server
jag
etag
3573340082904989696-4619745324269168649
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 22 Sep 2022 20:49:02 GMT
ibs:dpid=358&dpuuid=7832201268429598831
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7832201268429598831
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7832201268429598831
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-06b0ff9be.edge-usw2.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gKqXMhHUTeE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:02 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1f9c3d4-4939-41a9-9abe-159a72cca4fa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7832201268429598831
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=7lmv6i3imzcgxvnth7h1cvxxvo8tv1663966140&fp_cr_tm=1663966140121&fp_acc_tm=1663966140121&fp_emm_tm=1663966140121&ve_id=&sessionId=f0g6h1vavlivdekwpg159mmvwiov41663966140&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,sk1tlowcherxi3m8zwihmamchgssn1663966140&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16639661401168662&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1663966138834&c3=st,c&c64=starttm,1663966141&adid=1663966138834&c58=isLive,false&c59=sesid,&c61=createtm,1663966142&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1663966142&rnd=297014
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.71.162 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-71-162.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:02 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
ibs:dpid=470&dpuuid=3804033771104967681
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://d3273622690172371738-t3804033771104967681.id.amgdgt.com/r/telco/tuid/3804033771104967681/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D380403377110...
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=3804033771104967681
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3804033771104967681
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0f86ff699.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4uwbzzfIR5Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3804033771104967681
Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:03 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Content-Length
0
Strict-Transport-Security
max-age=15768000
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=481&dpuuid=L8EYH7QT-1K-7IT4
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=22318271791660588513733439796371681451&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EYH7QT-1K-7IT4?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EYH7QT-1K-7IT4?gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0bfe8d411.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8zlGvc9dShE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8EYH7QT-1K-7IT4?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=771&dpuuid=CAESEFzgQ633wv-ff949CeAWggU&google_cver=1
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjIzMTgyNzE3OTE2NjA1ODg1MTM3MzM0Mzk3OTYzNzE2ODE0NTE=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFzgQ633wv-ff949CeAWggU&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFzgQ633wv-ff949CeAWggU&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0cda817ef.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ITE9uxBjRpA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFzgQ633wv-ff949CeAWggU&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame FCC3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:44:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
16451
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN5-C1
X-Amz-Cf-Id
FNHFzEpF-zUm-iHGP3A5vGtkodSmjDi6RLlD7O3lVJHKIrOfMiSiMQ==
uwt.js
static.ads-twitter.com/ Frame 8137 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.112.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
gzip
last-modified
Tue, 30 Aug 2022 14:35:09 GMT
etag
"d4de8398858246712016031c834bb061+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15317
x-served-by
cache-iad-kiad7000082-IAD, cache-nrt-rjtf7700067-NRT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame BE36 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-192.pacnet.net
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:03 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=11336
accept-ranges
bytes
content-length
3063
js
www.googletagmanager.com/gtag/ Frame 97B8 		115 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d8d62fb666e52c32a974dc669968c255ecb778339af05b88bd277faf4d5104c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46580
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 20:49:02 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 8E18 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 17:44:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
16451
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SIN5-C1
X-Amz-Cf-Id
BasfJs-jikXsNs_lw94UNX5w26PyF-HD4Xu-Jx0tpTtvOjk5wkNxGQ==
pixie.js
acdn.adnxs.com/dmp/up/ Frame 6254 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:49:02 GMT
Content-Encoding
gzip
Age
53471
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21934-LGA, cache-mel11224-MEL
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1663966143.727845,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 5573
activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463
8228261.fls.doubleclick.net/ Frame 1870
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=944996330094...
402 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
6cef2bfb5da27a3ac4e8a945b4c99d9f3d8f015f86c3b064602a28c6b0bc45c3
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
328
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:03 GMT
expires
Fri, 23 Sep 2022 20:49:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147
8228261.fls.doubleclick.net/ Frame B53A
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=212685950461...
403 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f148.1e100.net
Software
cafe /
Resource Hash
6200b73d57d5402ff5a5c550f51e62480ad41185e32be940ac7b947deaece44a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
332
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:03 GMT
expires
Fri, 23 Sep 2022 20:49:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame D843 		115 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
cec2431de66d7fe173d48edd2afe8231bffac9763dc7701784b8a270403f2815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46544
x-xss-protection
0
last-modified
Fri, 23 Sep 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Sep 2022 20:49:02 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 2F4C 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
283ab662ebcf00415d4ba2b25452e97a3bdaa40934a4c64da16368f38d5e0063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17404
x-xss-protection
0
server
cafe
etag
12810633067890993197
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:49:02 GMT
pixel
cm.g.doubleclick.net/ Frame C5E1
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc8...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f&google_gid=CAESEE-iCRY-BejG2tN4VVtU9Ss&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ4MDMzYjItYWE0NC00ZDgwLThlOTItYWRiYzg3ZTk2YTBm&google_push&gdpr=0&gdpr_consent=&ttd_tdid=548033b2-aa44-4d80-8e92-adbc87e96a0f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
activity
au-gmtdmp.mookie1.com/t/v2/ Frame D9A9 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296557&src.rand=[timestamp]
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
px
secure.adnxs.com/ Frame B575 		43 B
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=879166&seg=9702347&t=2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:03 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d7c4a77-d114-419d-88ce-72bd45fe7f05
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:03 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4cd334bd-1137-4034-ba40-91201d7eb186
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:03 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
74edef1a-eea5-454c-a582-f86e4a6fb246
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=903&dpuuid=548033b2-aa44-4d80-8e92-adbc87e96a0f
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=548033b2-aa44-4d80-8e92-adbc87e96a0f
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=548033b2-aa44-4d80-8e92-adbc87e96a0f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-052e3e4ab.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hFjfz3aQQQs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=548033b2-aa44-4d80-8e92-adbc87e96a0f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 3773 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame CF95 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-siaj3HpS9jQ4pgoLiuwO6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
date
Fri, 23 Sep 2022 20:49:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-siaj3HpS9jQ4pgoLiuwO6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ Frame CF95 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:35:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 21:25:38 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTj... Frame CF95 		170 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
9aa4717548dfbefc2bab0e5b0240edcee4172bb02283c05cdcb49d35897110f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 19:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61208
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 19:42:45 GMT
ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0b640615f.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BgZKj3LjTZo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8hEAI7nZoJaBLXRt%2FcVChBTHZZAATDRj27Y40qjVkYHV7yG8ESJFkt%2FBKAf%2B2ZPNu0UfWs6jlmBwYVxSYQ05PR13imJ7kRmRDeCZARIHHzJodDf9q73zX9iPvQ%2FScYuxaEH8K%2Fd"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
cache-control
no-cache
cf-ray
74f6250bbb3dfe95-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixie
ib.adnxs.com/ Frame 6254 		42 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1663966142774&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1663966142774&et=1663966142774&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:49:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
ibs:dpid=30432&dpuuid=CI-ce38edefc6ba2689863bbae31ee7f199
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=22318271791660588513733439796371681451&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ce38edefc6ba2689863bbae31ee7f199
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ce38edefc6ba2689863bbae31ee7f199
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-04fc45a31.edge-usw2.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hRiXIAV8RlM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-ce38edefc6ba2689863bbae31ee7f199
Date
Fri, 23 Sep 2022 20:49:03 GMT
useSecure
true
Server
openresty/1.19.9.1
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF95 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462212&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
Origin
https://news.google.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 13:24:20 GMT
x-content-type-options
nosniff
age
113083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 13:24:20 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=22318271791660588513733439796371681451&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=22318271791660588513733439796371681451&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-03c4de17f.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,303
X-TID
hZJeZEIfTHs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 23 Sep 2022 20:49:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 3773
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=22318271791660588513733439796371681451
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22318271791660588513733439796371681451
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22318271791660588513733439796371681451
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
52.12.199.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-12-199-59.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1663966144
x-served-by
beacon-n005-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22318271791660588513733439796371681451
date
Fri, 23 Sep 2022 20:49:03 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a003-ash-prod.krxd.net
adsct
t.co/i/ Frame 8137 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=b3917d2b-e382-4bae-bdf6-7fc0a5a7e4b3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=50ef30fe-aedb-48bc-9302-dfad1ef12af5&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.27
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
146
date
Fri, 23 Sep 2022 20:49:03 GMT
server
tsa_l
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
x-transaction-id
297e690670b60072
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
dc7d230ed8ff235e00c8ef9fcde0a7a775ba28aae5f565c49bad98fbf1de75b9
content-length
43
adsct
analytics.twitter.com/i/ Frame 8137 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b3917d2b-e382-4bae-bdf6-7fc0a5a7e4b3&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=50ef30fe-aedb-48bc-9302-dfad1ef12af5&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.27
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
157
date
Fri, 23 Sep 2022 20:49:02 GMT
server
tsa_l
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
x-transaction-id
aa40474a4d58964d
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
3388c6acb5d9fec9ae4ee1f819705f4ffed6f16fe7bd13bb7e9a4cfecc1cca6e
content-length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame 2F4C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1663966143130&cv=9&fst=1663966143130&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
dccecef2c75416b0fd25700cda95db908100cb256e8f0257819d65e8b18e3dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
987
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=22318271791660588513733439796371681451&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0825ad0be.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
n6vaYc6vT8Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Fri, 23 Sep 2022 20:49:04 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
conversion_async.js
www.googleadservices.com/pagead/ Frame 97B8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:49:03 GMT
pixel
cm.g.doubleclick.net/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXk0YnZnQUFBR3UyY2dOMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXk0YnZnQUFBR3UyY2dOMQ==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966143.498347,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXk0YnZnQUFBR3UyY2dOMQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
p.adsymptotic.com/d/px/ Frame BE36
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1663966143335&url=https%3A%2F%2Fwww.heraldsun.com.au%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1663966143335&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1765380%26time%3D1663966143335%26url%3Dhttps%253A%252F%252Fwww.heraldsun.com.au%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1765380&time=1663966143335&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&cookiesTest=true&liSync=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8ef6af1a-570e-435d-9eac-dc7f4c79b7e5
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8ef6af1a-570e-435d-9eac-dc7f4c79b7e5&_expected_cookie=3596eecbfb89397bf55fd2d5...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8ef6af1a-570e-435d-9eac-dc7f4c79b7e5&_expected_cookie=3596eecbfb89397bf55fd2d5bb7f9f84
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f62517f87417cb-MEL
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=8ef6af1a-570e-435d-9eac-dc7f4c79b7e5&_expected_cookie=3596eecbfb89397bf55fd2d5bb7f9f84
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f62516cf8917cb-MEL
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy4bvgAAAGu2cgN1&expires=90
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy4bvgAAAGu2cgN1&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966143.498320,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy4bvgAAAGu2cgN1&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
conversion_async.js
www.googleadservices.com/pagead/ Frame D843 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15701
x-xss-protection
0
server
cafe
etag
15927311876428925992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Sep 2022 20:49:03 GMT
up
insight.adsrvr.org/track/ Frame ECD6 		869 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
20d524679433f7ea8cc577e25ecb0e9ef69d6266c265305da9d5d015ebd9d7e5

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 20:49:03 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
rum
dsum-sec.casalemedia.com/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy4bvgAAAGu2cgN1
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy4bvgAAAGu2cgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6250eda3f17cd-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME54UGWVU2cRy86plM7rOH3pc3PVBp9%2Fg00GB1t7BVfds8hGken8v%2B7HYBc%2FmZws7A%2FEsbDUHd4atTQ%2F5l8C%2FhbuW%2FzLQZLRtMZY%2B72yosbF0TWrKivQH%2Fnh6%2FRVaxS3ec0P40KSV6CfuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966144.520429,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy4bvgAAAGu2cgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
up
insight.adsrvr.org/track/ Frame A122 		869 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
947f9ff78805d78da6dc9a68b2a55cd9314745f7797b34eaac5fc753d6048c6d

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Fri, 23 Sep 2022 20:49:03 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
13726
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-80.sin52.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
via
1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
x-amzn-requestid
af1228f7-ad85-4e16-861e-396feecd7723
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-632e1bc0-3f8fa4c61bbf2ea13316ffc1
x-amz-apigw-id
Y7lGFF1yDoEFivg=
content-length
25
x-amz-cf-id
frHh1K5fMbavblJ0U1CihVcH-IOE9Gr365Ii-rHuoopDKDFYwojuug==
dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463
adservice.google.com/ddm/fls/z/ Frame 1870 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CLHQ-fbkq_oCFTketwAdklcPNg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9449963300943.463?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame 2F4C 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1663966143130&cv=9&fst=1663963200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3506450073&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame 2F4C 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1663966143130&cv=9&fst=1663963200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&random=3506450073&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147
adservice.google.com/ddm/fls/z/ Frame B53A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKfs-fbkq_oCFXWM5godEH0NZQ;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2126859504612.8147?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame CF95 		133 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZgAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI45919gsfY2CTOng4wqKN9Dbmkk0A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
7ef92b289510806c5cb30ffb6afc031d276874b28e33f8afa1eba7dbfcc68ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45812
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:15:36 GMT
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame ECD6 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 19:04:13 GMT
Via
1.1 f448aba82e4fd70230de47f9a261511c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
16037
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
SIN5-C1
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
sRKXIv7tXuycZu1B5-sSNvgte6o1eZxAwo6GRIG5JhrwA5d5YVrj-w==
setuid
ib.adnxs.com/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Yy4bvgAAAGu2cgN1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=Yy4bvgAAAGu2cgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:03 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
80e158cf-c35d-4639-b116-0f9d0a4f868d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966144.620984,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=Yy4bvgAAAGu2cgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame A122 		487 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.15.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-15-213.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 19:04:13 GMT
Via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
16037
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
SIN5-C1
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
mYOaDfoBdBzSoS1783QBXXNIMQphwC5sTCAEjp5ZP8bBqS09JugobA==
sd
us-u.openx.net/w/1.0/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy4bvgAAAGu2cgN1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy4bvgAAAGu2cgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966144.721628,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy4bvgAAAGu2cgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-107.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
tap.php
pixel.rubiconproject.com/ Frame FE55
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
d335433bbbe0efeac67146df47932f6f
content-length
42

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
289
content-type
text/html
date
Fri, 23 Sep 2022 20:49:03 GMT
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
sync
ups.analytics.yahoo.com/ups/55953/ Frame 52A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-LXjq0sRE2uKsMCmPEMvWDoUzlQv781s-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
date
Fri, 23 Sep 2022 20:49:04 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
267
content-type
text/html
date
Fri, 23 Sep 2022 20:49:04 GMT
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
rum
dsum-sec.casalemedia.com/ Frame 1F17 		43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=548033b2-aa44-4d80-8e92-adbc87e96a0f&expiration=1666558143&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f6250eda3b17cd-MEL
content-length
43
content-type
image/gif
date
Fri, 23 Sep 2022 20:49:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GThWNzmB6tohmqDsB7CuwJkIMRan7KVL%2BY7JGVE2VyRMgg0vI29HcDlSXH%2F42MTMHkdeZrZ9wPLKR%2F6yRekAYNoGLJv5VGm4jKzuAuKjXdFAmeegvygcWqCAc%2Fp7zWdzPoBdGwARRSgVsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.109.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-109-107.eu-central-1.compute.amazonaws.com
Software
LogModule 0.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.4
Content-Length
0
Content-Type
text/plain
tap.php
pixel.rubiconproject.com/ Frame D800
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
d335433bbbe0efeac67146df47932f6f
content-length
42

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
289
content-type
text/html
date
Fri, 23 Sep 2022 20:49:04 GMT
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
sync
ups.analytics.yahoo.com/ups/55953/ Frame FCC4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-LXjq0sRE2uKsMCmPEMvWDoUzlQv781s-~A&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
0
date
Fri, 23 Sep 2022 20:49:04 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
267
content-type
text/html
date
Fri, 23 Sep 2022 20:49:04 GMT
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=548033b2-aa44-4d80-8e92-adbc87e96a0f&_origin=0&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
rum
dsum-sec.casalemedia.com/ Frame 6465 		43 B
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=548033b2-aa44-4d80-8e92-adbc87e96a0f&expiration=1666558144&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f6250eea5f17cd-MEL
content-length
43
content-type
image/gif
date
Fri, 23 Sep 2022 20:49:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV26bAdyPc217q3UPuxzOc5KH8fon3lBElZnmY967HvPBfAgWjZfhgXcg0b7WcMk4mbEEFE9zZN6E88xNQPnMSVhavYGX2K0rlC891sj76SG%2FGF6tp7TWjdbSuT5EwjmtjuafIxdOMiNMw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Pug
image2.pubmatic.com/AdServer/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1
1 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966144.822576,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 97B8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1663966143792&cv=9&fst=1663966143792&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=120144954.1663966143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
becd2a944229c83e2505fe40e431b449fe4e3d1c50563d938c766ec20055a39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1017
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame D843 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1663966143830&cv=9&fst=1663966143830&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&auid=120144954.1663966143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
22f34411e82a152d53006684e3529ee0a666d3f6880f0ed03ba34f3ff435d345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy4bvgAAAGu2cgN1&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy4bvgAAAGu2cgN1&img=1&__user_check__=1&sync_id=293473c2-3b81-11ed-91a9-11ae77110307
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy4bvgAAAGu2cgN1&img=1&__user_check__=1&sync_id=293473c2-3b81-11ed-91a9-11ae77110307
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:49:04 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
3
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 23 Sep 2022 20:49:04 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=Yy4bvgAAAGu2cgN1&img=1&__user_check__=1&sync_id=293473c2-3b81-11ed-91a9-11ae77110307
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
77
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 3773
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy4bvgAAAGu2cgN1&t=2592000&o=0
43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy4bvgAAAGu2cgN1&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 13:49:04 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
fu8eNf+7knpOU2v8Z9MNYcteFkHmocAR8X+pmtwYB4S0yhw/mw22+8qSJc0i3zYh7UaUpbnWZWpN1+IeQeGWlQ==
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 23 Sep 2022 13:49:04 PDT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663966144.023715,VS0,VE0
x-served-by
cache-mel11254-MEL
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy4bvgAAAGu2cgN1&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ibs:dpid=147592
dpm.demdex.net/ Frame 3773
Redirect Chain
  • https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=147592?dpuuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-07564033f.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0BtssCgfTX8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-vcl-time-ms
97
date
Fri, 23 Sep 2022 20:49:04 GMT
via
1.1 varnish
server
nginx
x-timer
S1663966144.126011,VS0,VE97
x-cache
MISS
location
https://dpm.demdex.net/ibs:dpid=147592?dpuuid=e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mel11237-MEL
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame CF95 		1 KB
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZgAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI45919gsfY2CTOng4wqKN9Dbmkk0A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
736c2d3c83596bc17524d1a9bce892412356d62d1cf2093c3346c6a89172ed94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
686
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:15:36 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame CF95 		584 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-5116578837626475489&bl=boq_subscribewithgoogleclientserver_20220921.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=74945&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f139.1e100.net
Software
ESF /
Resource Hash
7529d4d5708aca99d641fb1a0347f2ba3aefd89e30c93974c85fb734421b9945
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
0
sync.1rx.io/usersync/adobe/ Frame 3773 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.45 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
/
www.google.com/pagead/1p-user-list/707564276/ Frame 97B8 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1663966143792&cv=9&fst=1663963200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1758363208&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 97B8 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1663966143792&cv=9&fst=1663963200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=1758363208&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820018408/ Frame D843 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1663966143830&cv=9&fst=1663963200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4183430490&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame D843 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1663966143830&cv=9&fst=1663963200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&async=1&fmt=3&is_vtc=1&random=4183430490&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame CF95 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZgAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI45919gsfY2CTOng4wqKN9Dbmkk0A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
fee943a9dad82106a8ac253ed19352785e2db488595759bfb36e8951bc300dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 20:15:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7230
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 00:50:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 20:15:36 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 20:49:04 GMT
log
play.google.com/ Frame CF95 		131 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:49:05 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Sep 2022 20:49:04 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame CF95 		131 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:49:05 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Sep 2022 20:49:04 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame CF95 		131 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:49:05 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 23 Sep 2022 20:49:04 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.heraldsun.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		86 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1324990103670617&correlator=179300393630974&hxva=1&scor=2121587451425826&eid=31068929%2C31068883&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ifi=1&adks=1616217045%2C2956706420%2C1415436295%2C1982096792%2C3785065344%2C3544675803&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D27a296c2-3b81-11ed-ae41-02aa41dfc264%26hb_format_inskin%3Dbanner%26hb_size_inskin%3D980x300%26hb_pb_inskin%3D15.50%26hb_adid_inskin%3D3849dde1ba5ef59%26hb_bidder_inskin%3Dinskin%26hb_format%3Dbanner%26hb_size%3D980x300%26hb_pb%3D15.50%26hb_adid%3D3849dde1ba5ef59%26hb_bidder%3Dinskin%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D27a296c3-3b81-11ed-ae41-02aa41dfc264%26vw%3D40%2C50%2C60%26vw05%3D40%26grm%3D40%26pub%3D40%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D27a296c4-3b81-11ed-ae41-02aa41dfc264%7Cpos%3D1%26refreshed%3Dfalse%26id%3D27a296c5-3b81-11ed-ae41-02aa41dfc264%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3D27a296c6-3b81-11ed-ae41-02aa41dfc264%7Cpos%3D1%26id%3D27a296c7-3b81-11ed-ae41-02aa41dfc264&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3Ddb97064d096efd3ceffe895b18519778%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26snol%3Dd%252Ce%252Cf%252Cg%252Ch%252Cb%252Cc%26abtest%3Da%26pvid%3Ddb97064d096efd3ceffe895b18519778-00000000000000000000000000000000-1663966138764-438345%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663966144437&lmt=1663966144&dlt=1663966136465&idt=3835&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C462%2C10598%2C11862%2C4355%2C12582&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=20&vis=1&psz=1600x134%7C300x276%7C300x250%7C1600x720%7C1248x0%7C1600x12600&msz=728x93%7C300x276%7C300x250%7C1600x0%7C1248x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=267600425.1663966144&ga_sid=1663966144&ga_hid=67649849&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
efe97a85d051561e4abcf5817e2a6b839806148c4d506b18f66263c8eb1a396e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22399
x-xss-protection
0
google-lineitem-id
6108782785,6108782785,-1,-2,6108782785,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138405670542,138405670923,-1,-2,138405670929,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3FFE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:04 GMT
expires
Sat, 23 Sep 2023 20:49:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
701.json
id5-sync.com/g/v2/ 		450 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
99851996ea84714c58e62d631c85d85c2c15f7959aa3d9c0c1932ddd418cd2e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:49:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
event
prebid-a.rubiconproject.com/ 		61 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.212.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-212-5.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 23 Sep 2022 20:49:05 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.212.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-212-5.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 23 Sep 2022 20:49:05 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame C0B8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44112
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 23 Sep 2022 20:49:04 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 25022
X-Served-By
cache-lga21981-LGA, cache-mel11224-MEL
X-Timer
S1663966145.571811,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08FE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=147764
content-encoding
gzip
content-length
5549
content-type
text/html
date
Fri, 23 Sep 2022 20:49:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 25 Sep 2022 13:51:48 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 705F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.207.36.240 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-240.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:49:05 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0002 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 23 Sep 2022 20:49:05 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame FB80 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e16c99941918429bedaa779a8ef8cbca2a6258399365116ae543d10bd334e5

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f62514decc5aa4-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 20:49:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Fiwi%2BSlnMblZkjhW0FdpaJjkyjlAaFBDVycK4iVAPDYjizbcRwJkW%2BTwLtBiRzrOdZhUJCiCB%2BDCgGeYmgHcNDuWNbm4stiQYWZZOHXqRH5eVjHAskmVtqYE8u45nY7dhwAIjRBZFo44w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=7832201268429598831
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=7832201268429598831
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
34.102.253.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
3cb59b12-0fcc-4cf9-b932-551f284a28e3

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:04 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d882f39a-b07a-4151-b8b6-4cf2c5413505
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.playground.xyz/usersync?partner=appnexus&uid=7832201268429598831
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
log
play.google.com/ Frame CF95 		131 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f113.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:04 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://news.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Fri, 23 Sep 2022 20:49:04 GMT
async_usersync
ib.adnxs.com/ Frame C0B8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:04 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1c26c8a9-df8e-4e2b-9233-61fe7f9a661b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 08FE 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68673735&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a486035c3d5b6ce3880c726c3d400dce42087d796044e2642fe0559cc74d709a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatchredir
ssum-sec.casalemedia.com/ Frame FB80
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f625180d68df9d-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMBOciGOQMDV1kKj4b9DIQB8DSyiU1uKoCL65JLLM%2FdFUGXrbxHisJ6RCDNwVvtJIuo8tIYSgKQpEUELaLNlYrBKU8xjchCNb1UYJgmt66W4GxVxJfyPvo8XImlGil4kWnZONzh80JYUpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame FB80
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:06 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
R474BA3RXH2KNFM204NG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:05 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
32EG046SXDWC6YETCAEV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FB80
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4bv5rZ8KR3-QQTMKfd.QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251a8b035ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quLDpvHP3Mu3rYcPP4Bt2d7dsNq90m2uwxNHQ5UirCsl9JAyJ8B3m3iPY19rCZR0JMqDrAnUdDl6vRfnyOpixluMdX9JbOk6Ugwyqxki5Sf16%2F2ssJEtEjUW2uzpbpU5GWiGbZMrajnhKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FB80 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.174.146 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-174-146.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame FB80
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D7C3DB37D1434DCCB82A8F9064C3B7B7
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D7C3DB37D1434DCCB82A8F9064C3B7B7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251abb325ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otHI2NXj%2F0XXhRPJ76WxBjEpAE0ZfET3a6mZTPBjytnbDtRUVz2lqC%2BR2rpxsT69NfEdAjSwuiHKCzxo4MXXaRZJpMeyE7IJss3RsN7hvXYa6yezclOnExJ0kzjJsQezBCnEthOLT6CLUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 20:49:05 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=D7C3DB37D1434DCCB82A8F9064C3B7B7
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 22 Sep 2022 20:49:05 GMT
Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FB80
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Server
18.136.174.146 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-174-146.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
date
Fri, 23 Sep 2022 20:49:05 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame FB80
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AYNljZ3ySNBcfTszWIvEhWfR_nE
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AYNljZ3ySNBcfTszWIvEhWfR_nE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f62517f8375ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q92pszITFoK6Co7y%2BLdi6PAQpPzE9Qz7NtiuICuPDMbtkYvOh2GhGjgOwkp96FYPd9d29dSiN%2FgMKmYMcRljVpps0RAYTSypvwKESm1kxFaHQUDoGPkV6VEQS1T4%2FQQUAZ5xKicdRXYIUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=AYNljZ3ySNBcfTszWIvEhWfR_nE
Date
Fri, 23 Sep 2022 20:49:05 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame FB80
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=57144d72-364d-6eb6-81ef3970
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=57144d72-364d-6eb6-81ef3970
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f62518f9155ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGNNLLM7yvfj0XZX%2BDilEwlFqSPLS8LKhEPCPztoPRE6KXlXqV1lcyEqBWYBOkpGwavQBXq%2B1du3damiXgY56hQvSM9N1xUuKBf6V1sFKFAFjnGnToLLwY%2FC5M412AlugeBhfYe1MYYikA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 20:49:05 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=57144d72-364d-6eb6-81ef3970
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
i.gif
mfad.inskinad.com/udb/9874/sync/ Frame FB80 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mfad.inskinad.com/udb/9874/sync/i.gif?partnerId=1&userId=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184665&cb=https%3A%2F%2Fmfad.inskinad.com%2Fudb%2F9874%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.77.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-77-212.compute-1.amazonaws.com
Software
nginx / adzerk bifrost/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
nginx
x-powered-by
adzerk bifrost/
etag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
undefined
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length
43
x-served-by
bifrost-production-shard001-us-east-1a-i-01d08c78e31183c2d
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Sep 2022 20:49:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1874 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHJvlie34S2MNJ6KLg8Xe1r1qx_SYr5MaZvUMP-4FI8kCxiJmKJuUwF2WmJaFDz1KwS47bQ5P_qZMuvk6uSEt0-JjxZ1coo6bxIxykVNAAOu-aEsqRUkRiCXbQZaT0aYamabF9E7svcQ1IKiJeqv8hBCLKlQXbHnl68fFxEzvaFTsavxL49M6paKE4XnZgsf6Ru-gTquXCQiT9z4skFy8C3_NCRPSJ1XMBFKeYBl1lC9UqNXu7W6dnie7mPgdNNfGEuiKcj_3gOxgyvddKsS0Wis-Asbn6GOXWasD1DxMlg0J5bxUBadcPCPECY25c-w&sai=AMfl-YSsRuGZ2XzAeokrprd0BZ6NJsN4xYQxCc-aWD0DInx1dRojnsf3PEI7NNpHnucG8D868-Xnc7eem1dYqYaJHbZWTt4wrPGcL9tS4vBD7IthKCv1hgKzmSEN4dOctg&sig=Cg0ArKJSzG4mKn_QXdFNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
invoke.do
invoke.bonzai.co/mizu/ Frame 1874 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2662031558474205443&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=266426552884854279&rnd=1480725188
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.80.16 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-80-16.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
5fdcd8eab8e8911c76cef0629371366ae32f32984a1e77a33bdc46b537d7bbba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
Jetty(8.1.7.v20120910)
content-length
9628
content-type
text/html;charset=ISO-8859-1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1874 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 30A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseS4CjzctGjts81r0yG3iCHERN2c9BLSvl2rzh3NfQcPMHXWvxZWk096YHhi7m5BWbIrCYD3F_POTsKPVJwC8I5ViPDsiA14S7BzFj2XUCaZkjZqjXXOMCfsiMNXyifQsHUZaaeLEXy3X78F8fTCZbl-9ph8O5eNkIjTr3BQPzWCLH01kOB9I06sc5_txqOqlkiFw3FKlL2ECAJYFtOF9aqEzFr6BMGrtItuVFND6ZXTO_o0jPvK-i_cge-ZahJ4FHu2_3rCDts7L0t4x7NkvI1bZiLhbUOhdyQm9U2bypPQJ9Uc-D2ANVPiE_qeG-vg&sai=AMfl-YRCvXheCWfBpHaOg3H31YJEbYd0UeHU0dEloA1o_Po5DD41dSG5jrmGa2NDXx24Uxik4k8baF6WeyI25o_jCMT4Ol7rhStPDZrUf8zh2jr6AYgwC24IrTKYvY-ROw&sig=Cg0ArKJSzJXE_zK1VQWSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dcmads.js
www.googletagservices.com/dcm/ Frame 30A0 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 23 Sep 2022 21:37:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30A0 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:05 GMT
container.html
13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C272 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:04 GMT
expires
Sat, 23 Sep 2023 20:49:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 69FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWAI9C8CVDB9uDEqzkeBmG6exgGALJjDjR24NeVYtujrkOVLjpNCEyCIcwQNKW__xuvKT7nmkwon8Z1cVfmaQvtlDjolmFwXhX7PESQcQOhb4UqYwasKwvT1bGXc1I9mPZZVWP63cbzio3gZuLwShJ5LSdrNWEtPBj6cl3CGfTR7LK6SaRyrH3ClVXlEttBnoFh2QNK0Gw9Rv0_LzMwlr6Gp95ISWZJLHqLB9vcP5sGqVwWIuWWpROMplhmzDfkxYsSaFnszOslfASxlOVmHhMQ6qUg7Ro7LRb0IXhYpphjAx9oLheISRfehyGuOPhcQ&sai=AMfl-YRJGLw4yGIeHWy2w5Sbxjhnm3C_UyhVX6mH2e3tB6qhkoyWwCcHlz-wRo1iusG2q2VUlKBR_X90CrzR_hrC1_dyM8q7mf67TSDw2d_GNaE_q23xvryZ5rOD-wi8Ew&sig=Cg0ArKJSzHc9Kl9WB-soEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dcmads.js
www.googletagservices.com/dcm/ Frame 69FE 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10831
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 13:41:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 23 Sep 2022 21:37:17 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69FE 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:05 GMT
usync.js
eus.rubiconproject.com/ Frame 0002 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 23 Sep 2022 20:49:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65396
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Sat, 24 Sep 2022 14:59:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 83E6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca4a69307e834abdc7a26a17ff60bd9b844144c8c422b3b7aef561170e18415

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74f625185d96df9d-MEL
content-encoding
br
content-type
text/html
date
Fri, 23 Sep 2022 20:49:05 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWtXCBXlaaLf98wkQU2y3QeKGBUDlk6hiU1mZm2K9WjD5fgP3jOkPZWsY4gO5%2BA4OivQmAJSC2OWo2F5cAgy2FL9qovQlnsYR8%2BJWodqXv%2FgO2YKw%2Bd5WxUrohPqWaozTBS6Tsd5Sw1opw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 1874 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
906a98a075dba5087cd725e8625154294c91ad571cd2df2a8592d26cc602c607

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 6723 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670542&pubOrder=3080239808&cb=595334820&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c2-3b81-11ed-ae41-02aa41dfc264
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0268a8ef11474a3820e29c1603888580fb78a0b34427f41701593cbbff83a6e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 30A0 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 14:37:18 GMT
match
c1.adform.net/serving/cookie/ Frame 425D 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 23 Sep 2022 20:49:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4C16
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 23 Sep 2022 20:49:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 23 Sep 2022 20:49:05 GMT
Expires
Fri, 23 Sep 2022 20:49:04 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master hkg-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 408B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1&gdpr=0&gdpr_consent=
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 23 Sep 2022 20:49:05 GMT
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 23 Sep 2022 20:49:05 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mel11254-MEL
x-timer
S1663966145.391838,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 08FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=voFN0or5ReqMO_J0RuL06w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
23.207.36.196 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-36-196.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=147763
accept-ranges
bytes
content-type
text/html
content-length
5549
expires
Sun, 25 Sep 2022 13:51:48 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
458249.gif
idsync.rlcdn.com/ Frame 08FE
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEJFODE0REQyLThBRjktNDVFQS04QzNCLUYyNzQ0NkUyRjRFQhAAGg0Iwbe4mQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b12b49c6cd9c2e3c65baecf44132ffd20942c70572afc664477effedc232bcfa791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiMTJiNDljNmNkOWMyZTNjNjViYWVjZjQ0MTMyZmZkMjA5NDJjNzA1NzJhZmM2NjQ0NzdlZmZlZGMyMzJiY2ZhNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiMTJiNDljNmNkOWMyZTNjNjViYWVjZjQ0MTMyZmZkMjA5NDJjNzA1NzJhZmM2NjQ0NzdlZmZlZGMyMzJiY2ZhNzkxNDI2YjU0MTdkY2UyMRAAGgwIwre4mQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=21df1387-ee6d-41eb-aae3-d52fddbd9138
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=21df1387-ee6d-41eb-aae3-d52fddbd9138
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=21df1387-ee6d-41eb-aae3-d52fddbd9138
date
Fri, 23 Sep 2022 20:49:07 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9477632e-1bbf-4600-a4ff-e5ca42238bf3
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9477632e-1bbf-4600-a4ff-e5ca42238bf3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 23 Sep 2022 20:49:05 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9477632e-1bbf-4600-a4ff-e5ca42238bf3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 23 Sep 2022 20:49:04 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkU4MTRERDItOEFGOS00NUVBLThDM0ItRjI3NDQ2RTJGNEVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2GdkvL133OTv-lTQz8fXc&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2GdkvL133OTv-lTQz8fXc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2GdkvL133OTv-lTQz8fXc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:53BE16FACAE44F778F8CBED772FECD44
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:53BE16FACAE44F778F8CBED772FECD44
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 23 Sep 2022 20:49:05 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:53BE16FACAE44F778F8CBED772FECD44
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 22 Sep 2022 20:49:05 GMT
BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 08FE 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.174.146 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-174-146.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=548033b2-aa44-4d80-8e92-adbc87e96a0f
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=548033b2-aa44-4d80-8e92-adbc87e96a0f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=548033b2-aa44-4d80-8e92-adbc87e96a0f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c985f782-8280-47d2-bac8-cf55a10d334d
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c985f782-8280-47d2-bac8-cf55a10d334d
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0ffc8af4-a1b6-4cb2-850b-45e114fd39f0&user_group=1&ssp=pubmatic&bsw_param=c985f782-8280-47d2-bac8-cf55a10d334d
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c985f782-8280-47d2-bac8-cf55a10d334d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c985f782-8280-47d2-bac8-cf55a10d334d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c985f782-8280-47d2-bac8-cf55a10d334d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 23 Sep 2022 20:49:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yTh_nF5E2uXhl1s2H4.snqT4Ys6fXJs-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yTh_nF5E2uXhl1s2H4.snqT4Ys6fXJs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yTh_nF5E2uXhl1s2H4.snqT4Ys6fXJs-~A&gdpr=0&gdpr_consent=
date
Fri, 23 Sep 2022 20:49:05 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 08FE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Server
103.231.98.194 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
impl_v91.js
www.googletagservices.com/dcm/ Frame 69FE 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v91.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:37:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Sep 2023 14:37:18 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0002
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KWu1t8SgTBWaX4Ua5wxv8Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KWu1t8SgTBWaX4Ua5wxv8Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KWu1t8SgTBWaX4Ua5wxv8Q
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
54.239.38.253 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:08 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
2QXAPRQV2816CPQKHW7C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KWu1t8SgTBWaX4Ua5wxv8Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0002
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=548033b2-aa44-4d80-8e92-adbc87e96a0f&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
setuid
px.ads.linkedin.com/ Frame 0002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYH7QT-1K-7IT4
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYH7QT-1K-7IT4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: EE375943970E4F65B416B3CA0FD2A3D4 Ref B: MEL01EDGE1510 Ref C: 2022-09-23T20:49:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpXk8JsGtTMr/Cz8gXlQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8EYH7QT-1K-7IT4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0002
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIyAtCovcS-w-ouWgvSiyw&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIyAtCovcS-w-ouWgvSiyw&google_cver=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAIyAtCovcS-w-ouWgvSiyw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 0002
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lL7lX29TSNWC0HXD6A9QIg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lL7lX29TSNWC0HXD6A9QIg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lL7lX29TSNWC0HXD6A9QIg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:06 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
9Z2NHE7WRQJTDSXRV0VE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lL7lX29TSNWC0HXD6A9QIg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/roeBD7ZAU7qPS49IFRA2q8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2841397702564094204
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2841397702564094204
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date
Fri, 23 Sep 2022 20:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2841397702564094204
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 0002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRmYmQ3NWVjYzJkYWIxZmFkYTAyM2Q0ODE4OWQ0NmNkODFjMTI4Mg
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRmYmQ3NWVjYzJkYWIxZmFkYTAyM2Q0ODE4OWQ0NmNkODFjMTI4Mg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWRmYmQ3NWVjYzJkYWIxZmFkYTAyM2Q0ODE4OWQ0NmNkODFjMTI4Mg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0002
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUg3UVQtMUstN0lUNA==
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUg3UVQtMUstN0lUNA==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhFWUg3UVQtMUstN0lUNA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 83E6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yy4bv5rZ8KR3-QQTMKfd.QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251d0de95ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVWbLNv%2FCSNyaJnkK0fRe0O1orMfir1wwVLLvwQ5wvlMG8LwtzP2lX21XlE6nvQWjO2Ay6FvTgYaX5ke4EYUwJxNRqeXQ0LI9cki%2FA%2Fob7nTIaPiRHJJLW2OP8LbuGwKKtl22I9J8j9wlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 83E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251acf1ddf9d-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhyhLrl5Ojc%2BBloslVmx4dfLLi9P%2F%2BjM3RBgaWXg7V1ldOCQ6JqkR4rW4kW9gO%2FlJvsLd3GIfc4vAgvV4qEdt3XUZa5CQx7ywiX1IcLP3grN0VpIFD1TAMkhXxJolBPCkycZeeBTgZjaug%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDmz35VvrBiEvgyvPGx-i2Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 83E6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:06 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
HT4MXYTJXSCVF23E5TE3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:06 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
2FC3KCD3ERECHDDPKVJG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 83E6 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Yy4bv5rZ8KR3_QQTMKfd-QAAFM8AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.174.146 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-174-146.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 83E6
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=07030001_632e1bc1e4cfe&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1bc1e4cfe
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1bc1e4cfe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251e4faa5ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqjYXJjoYDRVO9V7MVeBpaBS1CfGxtbeZWxnoLou%2FQ1%2BBCjl4kbHoEH8z2bzPsRX5dH2MZMC6s8DJTszbGA3A5pOEXQ2V4CWsF3wX6wZU3qwKjnFQc0%2FPDyRodVu9L2%2BmJbdbn7IBKARzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 23 Sep 2022 20:49:06 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=07030001_632e1bc1e4cfe
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
dpm.demdex.net/ Frame 83E6 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy4bv5rZ8KR3-QQTMKfd.QAA%265327?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.146.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-146-49.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0ffbc0a8e.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sPK51kRDRik=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 83E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7832201268429598831
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7832201268429598831
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251c58333776-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeziAGJR29irVozSzYnrESkrkgiqOtmgpYjxlgkI4OhT%2BOeujrj5IekQYxWL5WDnospvlhhmXOcBl9timDi4yyF7b7CUv0yJ%2B8iii5bZ7ZFF1mSMR1un8gKuy2UvlcWoyxKvO7Fo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:05 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a54e946c-757d-4c3a-99ed-3782474ff68f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7832201268429598831
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 83E6 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.170.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-170-163.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame 83E6 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Yy4bv5rZ8KR3-QQTMKfd.QAA%265327
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251aed1d5ab8-MEL
date
Fri, 23 Sep 2022 20:49:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
255
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Sat, 24 Sep 2022 00:49:05 GMT
B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fi...
ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/ Frame 30A0 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%26sai%3DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%26sig%3DCg0ArKJSzPtqRCmr4EYcEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=235;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
49ce62fc87dcbc7089ab59208f038405d8ba9c3e12f2968f4e8aad598a3408b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14013
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FA75 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CObF9agDEKuFyPQDGMn0udIBMAE&v=APEucNX8sLnjt02CMSP_3B_UE2vEnxjwGaL0faXdgIac8kKAJ35xTEhoyKrt7bTd6NtnIQyEZRo_OitRhM4pK9TmGyyZ5TLZ6A
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C272 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BstBuv3xZO_MO97VvI9sY7DkDi7rFOsh-uiAehSdMtP4Scooqauj3jl2bnrCKUkyM7F611BXkIBbwkTG2xMeiIMT6snQ&cry=1&dbm_d=AKAmf-AbBWwCJ7KWhKTzVKbQh9CgF8ZA0y6HOd2hMxGE1aHJ1FKRTD7HHhem5BbK3-AsrHi4HOIugqgxZHlQYLFjxHXxR6Lnpzun-wr3_CKg460o5dS7XhbcclCg8RtGKZfHu7MSCrIOSyk5oE2r5dPy1Kdba5XcbVSADhs8okPu4OWRR-1L5czesdvHpnJq4ls62X3ZVf4sIGB8KRvCsomX3o-t4AkJvMs3GX3qKy08m-Dyqwc-6MH4b_NJU61aL08d-kNby7wN-hYEMXs7jP3MKwHUf5cV3-sqbCsGIJmZ4XFqzHsIm_jc_0kJC70o4Rh195qAvPLdP2bizU1LskrhwFz3y4jf7kRIuzJlFzOFvFzpx56vfohIy1ac_4Jr0xlrp7RBsJSsWX3VDhDJSpnANq5BGJyiBR9ZFZqF5_JwT35iGCOzdETx8zoUalqEHkBpBE2FtNbdv9u9f5nd4M0bw_YZtwpRl9RLksPAQ8X9IVGzIJH0Yri1_LC4KNTljxwaa1SEiyUKuKsGE9AVJ6CZxeaqIKMipl_q-dlr2BlFTbx0Ca6btFDcmPM0PWgNOqUPO1B8HFMP01keh2B_QI2zlubWFBCFkAqAmz47nUcl8VNJFg_92fMT5_7dpEj5GubIYCmlxqcZTqO2t_wPOm-3OTwwi7ok0nP-pzExZ9eJInEKkxmEaUPwNPBTPm_y-VbgXsIIKNOoNlo61UU5bw2co3KgCKSc29PbVpugY0OOb_BMgp0aO4FiELoWsJakwyfTa_BxR6qQdipkYCVTFxHa6dRezRWCKfpnbwc1pcQHvh6A0sxjobZMmLLAUgxN4FvVocutaUA-LlOhYuqXbags7oJQSxPfU6uwwNl3_pi3Kqrl1YYbQZsmuqym5QGqfYfgUngNSW5IND0_6WTEiEHvOw81Hlhu-aAxZvPsMs2d62DesSRGbBgpq5lyZDC-mNCLRxcVmNiHJibXZdaBuIHwwhhw-1KS6Pz7Ho8a484uCczqTDgDveL9iNGNw79isWH-MODHMaUtf7SnggzFxUzOmuS1mpN3bBtNBAzx-UOUdXWMWgFr6mUk1GbqCYxSKNkfUqbKaj_wYMUKWPY9VILXyxKXCHas59XCOlpIj_DwR3Mxtu0Ve5UX5t0fB2BJeF8GIlzqiECZdKt6tTGrMgNANC1_8H0fj6P0xoyGAMlnm3cevsmv05c2FLRwyQELuPA0OJK3aPbVpTPLbNUjkLs8nLpann1-18z6QsiRHPp2rrAK7A3UT4GqUGcYI3cPu1HC2sKenr2AvLXRl2ROnGXnd10vmmROxRG_buvq-qmwndOfSMPsEkPKkB5H9TqE1hVKyXsjgpozSijO3-WEScsHugxgG9t30ciqogOm0sG_RnpIOEBjwLWgIH6Ajl9UDoHehB9j5Pub1mkzuz1kPdaMApmLn2OVkMHGNJjkv9J1-mYuEDRaOh8joMEm0t00nw7z1rtw4j5kajqK3KU2GJohf5guNLnREe9yu6KdUt0pc9323wtNeOI7FfcYJzL1gV4bIzH5G89cseGUkU_jEMULXoHsqQOxMNjxrZVY4lkyGvRjoGoP7LWuTmpLKsLbYwbRIfpgJW_LxWHH5TdzuhhMz_wPJf_b3gStmIaZgP2OcIJ-3KkQt1hSf81IqEBs-XhmuZKOmTU-29-KEKvKpaIwyXnnEtcf3buJYWI-iXlhR8Y8sA15cxtC0NkNtFiMmCmYSv_3UPTlpy8d27h6NroeXC-ZcLPpsQkcmxFyngsBYP3WEiLN9ukjvNyeQ3taDTZv-AsocL192FmKf7nNLjQS1-UUyRI5jBzHkcynlkq_iOC7Qc3lM8quTPm-OVhkeJz4qrTmYD7M9epnUWWFqc63U8YiLjvQG8bsyNvPMz0sxYx0ZuPG5JAHnKKZeaKiRU7ESnT82OEyftXU5rW6mxVbKdp0D2nNw9jkxwvZjslAAQhjRr4mFzSfPI9MIGPw4iJrgZH4Wt5Kxabmg1mm6z-1rKmN9c46o66SjhKmPHR6lxV3pGSE-BBguhBp6k_wDr8GbHItq9UpshuQhQNydIJch6pusidB7N6mhd4fw24UlTQAMkgZQsvLtAsFcbonEw00nEm7DW1cAXAFUO4Bu1sMJodHXmYoR55oDj2KAcfzCaX_49_pTAuAUt05rBFuq6S-NhQWF0-4mBHF8DNlLsze5oXkUEoJscki15-vdMLB95762OP4_baVQ_wmP4A0prgviwrxRc2gJ_bGrj89LradMj_toLSbmWK8ofRBoIT8s3yRQv3eZBZeTVR9Ynv0nClOL_xYxvmjYUF6ev3wM4ZTNtY1w2WVprK8Tk8Gu6yNV2l2XEt6vVHoj4B3icMwdmSNgDVURBy9n4xFPF6_PicbJW_93f3WPoH3Q6EoniiQhqwue3nTXPJDsABw4CyJGdqECsL1uAGrsJPnyKCWIuLq44GhBawr3V5ks5C_mdEqoHDQGBN85B4qf8YxQP6fJhehk5t8aIvBBabaECuTfzm8nJj2FJbeFlX8kogMKNQj5UdrGWKsnWE12DURwqrHnnkcPIlenhWjrrL5YKSLR6wCe43oeYf0Yhpb7p1KSzaId2GfGl57L9E9pfoxEP2qSOshGpb3Hf9ocvjRKfWVatu8veCr82qrxHrb9M6ZMVV2lYUyXg1IvPu24Vcezm4sZmhAZtpYIADpIrfWsy8hQOEXJuhoGzW4EXp1y8EDHKS3WHWEodj3Wx0wIkLRfNUFt6mXtwTu-4S8tPReoCZ7__7tJoyYwg5iaDZXG_TQU1aRD8PO3MWGmTHr2nrb3HnBD6-UhXaWdq73m2Rk-HH7OvDppqZk4SYs9G3ImOyqChQR9Rr7z9Q9AarnkC76fq_I0ZyVrBwjX975gVd09E3AhkInrVcty1IlcilyxROGrnDNJCOH_FGEEqoS1y14cv9ksAaZMmedugQPXUFmF7wfahpAb1e1tksUsU67UI7qgPiBpYA-ktMKxJKa9YeBMzAOIE53O98brRFhcrSB95H45SkRjy0cG2D2hVEjT7J2lbDvHSElT8PT_l5vF_40R4tm37KvbWzWavZK2oT2sqOEI5zVOWQFx1_edE7zWuyEA5rlPR6D7-S1XNxjQbQhkJyvQqwBMaw7sp1o3qyBk0VGuT5bNjhNriRIsw0abQ3AdbNogL0HnYCyR5wzGgiFuTbznOmEnt7cYEanmV2cQR4o1fenm_lJAuMOTO_bhkyEVVa9aVv8bb2uWRFYTeUD7H6Epu9DUm-J3IpV&cid=CAASJORo0AIjAXLY3QmVFApZs8KiN09BPYID9u7XdFxmnJ9JpoC43w&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
2f3f0e38d25e2529c02a0f9fcf635f60761ef24800156882898bc8de2a1a9c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34062
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C272 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQ_uMYZnCbVTPGQ9y0NI56QeeVs4oedKZc16jp9IpB9qF8eFHHnMUfAfQGvoSzoKI-HK1V44AimI8p1fYFwMRahZ1A7Y7oA6iJVfa8H0ev9WUgylo
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame C272 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:20:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:20:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame C272 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 20:22:37 GMT
l
www.google.com/ads/measurement/ Frame C272 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKzLs_J7JY053EjBU0QCY0gwfWAr5x911I0iXPGqUyF-OTQ8EjTuNjbQXQYnCqPoN5Ofzi_xqWJDTpFGWKgjm5NcKs1Q
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C272 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:05 GMT
async_usersync
ib.adnxs.com/ Frame C0B8 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:05 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
eadbb372-6376-47f9-92c4-46ed29b55acd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0...
ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/ Frame 69FE 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%26sai%3DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%26sig%3DCg0ArKJSzDIf9Siv8MGbEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=280;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v91.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
232814ff5319e7e8c5122e3acc731005a8f93d7ba044715865ab44347e709e9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14030
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2662031558474205443_1663738463792_script.js
massets.bonzai.co/ Frame 1874 		287 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/2662031558474205443_1663738463792_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2662031558474205443&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=266426552884854279&rnd=1480725188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ca8f5045d53a7a87b40504e7d1fcd99c58d9c086bfb9d452bda2d6a3e96f424

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:46:41 GMT
content-encoding
gzip
last-modified
Wed, 21 Sep 2022 05:34:32 GMT
server
AmazonS3
age
146
etag
"c3be43d775d7a40a5e67f53415eeae0e"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
cache-control
max-age=31104000
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
105255
x-amz-cf-id
tVV1mzQcLTCKAs4Tvmsw4TJ1_YuaJ6SHrCEYw0_0Eey_l_eEdq_L8Q==
rec
collector.bonzai.co/ Frame 1874 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=473cedcad6fc571165c0bfff98db6d59&ad=2662031558474205443&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.224.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-224-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
B28567664.346248270;dc_pre=CIDzs_jkq_oCFWL7cwEddZwMGg;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/ Frame 1874
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248270;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248270;dc_pre=CIDzs_jkq_oCFWL7cwEddZwMGg;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248270;dc_pre=CIDzs_jkq_oCFWL7cwEddZwMGg;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248270;dc_pre=CIDzs_jkq_oCFWL7cwEddZwMGg;dc_trk_aid=537650226;dc_trk_cid=120131489;ord=1480725188;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame 1874 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?mode=test&adid=2662031558474205443&tk=473cedcad6fc571165c0bfff98db6d59&domain=www.heraldsun.com.au&pagename=/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.224.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-224-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FA75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObF9agDEKuFyPQDGMn0udIBMAE&v=APEucNX8sLnjt02CMSP_3B_UE2vEnxjwGaL0faXdgIac8kKAJ35xTEhoyKrt7bTd6NtnIQyEZRo_OitRhM4pK9TmGyyZ5TLZ6A
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251c9d915ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQLb1IVvio79jZbOHkOkJ6p16wQgUvEo%2FM24l%2FhfQK9STR4pFOgHEDin02truNeXusHqUlolZfjeeNnaM%2FG9O86AoHtH2nF5klE8FP9JCPbgTftvkKtL3hjJJSav0v6VcmkS4Yfni7f5OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FA75
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yy4bv5rZ8KR3-QQTMKfd.QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObF9agDEKuFyPQDGMn0udIBMAE&v=APEucNX8sLnjt02CMSP_3B_UE2vEnxjwGaL0faXdgIac8kKAJ35xTEhoyKrt7bTd6NtnIQyEZRo_OitRhM4pK9TmGyyZ5TLZ6A
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74f6251def315ac8-MEL
pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpeAfyU003qxG1uwWOlSKboALsL%2BvDd2HLGVzFJU1tGgxoa5NvCiDpj%2FjBE5Iz3lbxSCry2mWai3hVxZnUt%2BBId32XMLdCz%2BgxrRAT2twwBVeZrlv74MkjsYxjXYKCG3d28kegSklliI9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEH6IX4zPYjM7KhSwpoFxvc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FA75
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJsGxKSbPjcnX14AZ_VrAAQ&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJsGxKSbPjcnX14AZ_VrAAQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObF9agDEKuFyPQDGMn0udIBMAE&v=APEucNX8sLnjt02CMSP_3B_UE2vEnxjwGaL0faXdgIac8kKAJ35xTEhoyKrt7bTd6NtnIQyEZRo_OitRhM4pK9TmGyyZ5TLZ6A
Protocol
HTTP/1.1
Server
104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:06 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e05d106a-3727-4766-9132-c1f802095c1b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJsGxKSbPjcnX14AZ_VrAAQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA75
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzMjIwMTI2ODQyOTU5ODgzMQ%3D%3D
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzMjIwMTI2ODQyOTU5ODgzMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CObF9agDEKuFyPQDGMn0udIBMAE&v=APEucNX8sLnjt02CMSP_3B_UE2vEnxjwGaL0faXdgIac8kKAJ35xTEhoyKrt7bTd6NtnIQyEZRo_OitRhM4pK9TmGyyZ5TLZ6A
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Sep 2022 20:49:05 GMT
X-Proxy-Origin
103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0adb3d2-e387-4ac0-a42f-60e50a7f56fb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzMjIwMTI2ODQyOTU5ODgzMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C272 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
Origin
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 02:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 02:05:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame C272 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BstBuv3xZO_MO97VvI9sY7DkDi7rFOsh-uiAehSdMtP4Scooqauj3jl2bnrCKUkyM7F611BXkIBbwkTG2xMeiIMT6snQ&cry=1&dbm_d=AKAmf-AbBWwCJ7KWhKTzVKbQh9CgF8ZA0y6HOd2hMxGE1aHJ1FKRTD7HHhem5BbK3-AsrHi4HOIugqgxZHlQYLFjxHXxR6Lnpzun-wr3_CKg460o5dS7XhbcclCg8RtGKZfHu7MSCrIOSyk5oE2r5dPy1Kdba5XcbVSADhs8okPu4OWRR-1L5czesdvHpnJq4ls62X3ZVf4sIGB8KRvCsomX3o-t4AkJvMs3GX3qKy08m-Dyqwc-6MH4b_NJU61aL08d-kNby7wN-hYEMXs7jP3MKwHUf5cV3-sqbCsGIJmZ4XFqzHsIm_jc_0kJC70o4Rh195qAvPLdP2bizU1LskrhwFz3y4jf7kRIuzJlFzOFvFzpx56vfohIy1ac_4Jr0xlrp7RBsJSsWX3VDhDJSpnANq5BGJyiBR9ZFZqF5_JwT35iGCOzdETx8zoUalqEHkBpBE2FtNbdv9u9f5nd4M0bw_YZtwpRl9RLksPAQ8X9IVGzIJH0Yri1_LC4KNTljxwaa1SEiyUKuKsGE9AVJ6CZxeaqIKMipl_q-dlr2BlFTbx0Ca6btFDcmPM0PWgNOqUPO1B8HFMP01keh2B_QI2zlubWFBCFkAqAmz47nUcl8VNJFg_92fMT5_7dpEj5GubIYCmlxqcZTqO2t_wPOm-3OTwwi7ok0nP-pzExZ9eJInEKkxmEaUPwNPBTPm_y-VbgXsIIKNOoNlo61UU5bw2co3KgCKSc29PbVpugY0OOb_BMgp0aO4FiELoWsJakwyfTa_BxR6qQdipkYCVTFxHa6dRezRWCKfpnbwc1pcQHvh6A0sxjobZMmLLAUgxN4FvVocutaUA-LlOhYuqXbags7oJQSxPfU6uwwNl3_pi3Kqrl1YYbQZsmuqym5QGqfYfgUngNSW5IND0_6WTEiEHvOw81Hlhu-aAxZvPsMs2d62DesSRGbBgpq5lyZDC-mNCLRxcVmNiHJibXZdaBuIHwwhhw-1KS6Pz7Ho8a484uCczqTDgDveL9iNGNw79isWH-MODHMaUtf7SnggzFxUzOmuS1mpN3bBtNBAzx-UOUdXWMWgFr6mUk1GbqCYxSKNkfUqbKaj_wYMUKWPY9VILXyxKXCHas59XCOlpIj_DwR3Mxtu0Ve5UX5t0fB2BJeF8GIlzqiECZdKt6tTGrMgNANC1_8H0fj6P0xoyGAMlnm3cevsmv05c2FLRwyQELuPA0OJK3aPbVpTPLbNUjkLs8nLpann1-18z6QsiRHPp2rrAK7A3UT4GqUGcYI3cPu1HC2sKenr2AvLXRl2ROnGXnd10vmmROxRG_buvq-qmwndOfSMPsEkPKkB5H9TqE1hVKyXsjgpozSijO3-WEScsHugxgG9t30ciqogOm0sG_RnpIOEBjwLWgIH6Ajl9UDoHehB9j5Pub1mkzuz1kPdaMApmLn2OVkMHGNJjkv9J1-mYuEDRaOh8joMEm0t00nw7z1rtw4j5kajqK3KU2GJohf5guNLnREe9yu6KdUt0pc9323wtNeOI7FfcYJzL1gV4bIzH5G89cseGUkU_jEMULXoHsqQOxMNjxrZVY4lkyGvRjoGoP7LWuTmpLKsLbYwbRIfpgJW_LxWHH5TdzuhhMz_wPJf_b3gStmIaZgP2OcIJ-3KkQt1hSf81IqEBs-XhmuZKOmTU-29-KEKvKpaIwyXnnEtcf3buJYWI-iXlhR8Y8sA15cxtC0NkNtFiMmCmYSv_3UPTlpy8d27h6NroeXC-ZcLPpsQkcmxFyngsBYP3WEiLN9ukjvNyeQ3taDTZv-AsocL192FmKf7nNLjQS1-UUyRI5jBzHkcynlkq_iOC7Qc3lM8quTPm-OVhkeJz4qrTmYD7M9epnUWWFqc63U8YiLjvQG8bsyNvPMz0sxYx0ZuPG5JAHnKKZeaKiRU7ESnT82OEyftXU5rW6mxVbKdp0D2nNw9jkxwvZjslAAQhjRr4mFzSfPI9MIGPw4iJrgZH4Wt5Kxabmg1mm6z-1rKmN9c46o66SjhKmPHR6lxV3pGSE-BBguhBp6k_wDr8GbHItq9UpshuQhQNydIJch6pusidB7N6mhd4fw24UlTQAMkgZQsvLtAsFcbonEw00nEm7DW1cAXAFUO4Bu1sMJodHXmYoR55oDj2KAcfzCaX_49_pTAuAUt05rBFuq6S-NhQWF0-4mBHF8DNlLsze5oXkUEoJscki15-vdMLB95762OP4_baVQ_wmP4A0prgviwrxRc2gJ_bGrj89LradMj_toLSbmWK8ofRBoIT8s3yRQv3eZBZeTVR9Ynv0nClOL_xYxvmjYUF6ev3wM4ZTNtY1w2WVprK8Tk8Gu6yNV2l2XEt6vVHoj4B3icMwdmSNgDVURBy9n4xFPF6_PicbJW_93f3WPoH3Q6EoniiQhqwue3nTXPJDsABw4CyJGdqECsL1uAGrsJPnyKCWIuLq44GhBawr3V5ks5C_mdEqoHDQGBN85B4qf8YxQP6fJhehk5t8aIvBBabaECuTfzm8nJj2FJbeFlX8kogMKNQj5UdrGWKsnWE12DURwqrHnnkcPIlenhWjrrL5YKSLR6wCe43oeYf0Yhpb7p1KSzaId2GfGl57L9E9pfoxEP2qSOshGpb3Hf9ocvjRKfWVatu8veCr82qrxHrb9M6ZMVV2lYUyXg1IvPu24Vcezm4sZmhAZtpYIADpIrfWsy8hQOEXJuhoGzW4EXp1y8EDHKS3WHWEodj3Wx0wIkLRfNUFt6mXtwTu-4S8tPReoCZ7__7tJoyYwg5iaDZXG_TQU1aRD8PO3MWGmTHr2nrb3HnBD6-UhXaWdq73m2Rk-HH7OvDppqZk4SYs9G3ImOyqChQR9Rr7z9Q9AarnkC76fq_I0ZyVrBwjX975gVd09E3AhkInrVcty1IlcilyxROGrnDNJCOH_FGEEqoS1y14cv9ksAaZMmedugQPXUFmF7wfahpAb1e1tksUsU67UI7qgPiBpYA-ktMKxJKa9YeBMzAOIE53O98brRFhcrSB95H45SkRjy0cG2D2hVEjT7J2lbDvHSElT8PT_l5vF_40R4tm37KvbWzWavZK2oT2sqOEI5zVOWQFx1_edE7zWuyEA5rlPR6D7-S1XNxjQbQhkJyvQqwBMaw7sp1o3qyBk0VGuT5bNjhNriRIsw0abQ3AdbNogL0HnYCyR5wzGgiFuTbznOmEnt7cYEanmV2cQR4o1fenm_lJAuMOTO_bhkyEVVa9aVv8bb2uWRFYTeUD7H6Epu9DUm-J3IpV&cid=CAASJORo0AIjAXLY3QmVFApZs8KiN09BPYID9u7XdFxmnJ9JpoC43w&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:45:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame C272 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BstBuv3xZO_MO97VvI9sY7DkDi7rFOsh-uiAehSdMtP4Scooqauj3jl2bnrCKUkyM7F611BXkIBbwkTG2xMeiIMT6snQ&cry=1&dbm_d=AKAmf-AbBWwCJ7KWhKTzVKbQh9CgF8ZA0y6HOd2hMxGE1aHJ1FKRTD7HHhem5BbK3-AsrHi4HOIugqgxZHlQYLFjxHXxR6Lnpzun-wr3_CKg460o5dS7XhbcclCg8RtGKZfHu7MSCrIOSyk5oE2r5dPy1Kdba5XcbVSADhs8okPu4OWRR-1L5czesdvHpnJq4ls62X3ZVf4sIGB8KRvCsomX3o-t4AkJvMs3GX3qKy08m-Dyqwc-6MH4b_NJU61aL08d-kNby7wN-hYEMXs7jP3MKwHUf5cV3-sqbCsGIJmZ4XFqzHsIm_jc_0kJC70o4Rh195qAvPLdP2bizU1LskrhwFz3y4jf7kRIuzJlFzOFvFzpx56vfohIy1ac_4Jr0xlrp7RBsJSsWX3VDhDJSpnANq5BGJyiBR9ZFZqF5_JwT35iGCOzdETx8zoUalqEHkBpBE2FtNbdv9u9f5nd4M0bw_YZtwpRl9RLksPAQ8X9IVGzIJH0Yri1_LC4KNTljxwaa1SEiyUKuKsGE9AVJ6CZxeaqIKMipl_q-dlr2BlFTbx0Ca6btFDcmPM0PWgNOqUPO1B8HFMP01keh2B_QI2zlubWFBCFkAqAmz47nUcl8VNJFg_92fMT5_7dpEj5GubIYCmlxqcZTqO2t_wPOm-3OTwwi7ok0nP-pzExZ9eJInEKkxmEaUPwNPBTPm_y-VbgXsIIKNOoNlo61UU5bw2co3KgCKSc29PbVpugY0OOb_BMgp0aO4FiELoWsJakwyfTa_BxR6qQdipkYCVTFxHa6dRezRWCKfpnbwc1pcQHvh6A0sxjobZMmLLAUgxN4FvVocutaUA-LlOhYuqXbags7oJQSxPfU6uwwNl3_pi3Kqrl1YYbQZsmuqym5QGqfYfgUngNSW5IND0_6WTEiEHvOw81Hlhu-aAxZvPsMs2d62DesSRGbBgpq5lyZDC-mNCLRxcVmNiHJibXZdaBuIHwwhhw-1KS6Pz7Ho8a484uCczqTDgDveL9iNGNw79isWH-MODHMaUtf7SnggzFxUzOmuS1mpN3bBtNBAzx-UOUdXWMWgFr6mUk1GbqCYxSKNkfUqbKaj_wYMUKWPY9VILXyxKXCHas59XCOlpIj_DwR3Mxtu0Ve5UX5t0fB2BJeF8GIlzqiECZdKt6tTGrMgNANC1_8H0fj6P0xoyGAMlnm3cevsmv05c2FLRwyQELuPA0OJK3aPbVpTPLbNUjkLs8nLpann1-18z6QsiRHPp2rrAK7A3UT4GqUGcYI3cPu1HC2sKenr2AvLXRl2ROnGXnd10vmmROxRG_buvq-qmwndOfSMPsEkPKkB5H9TqE1hVKyXsjgpozSijO3-WEScsHugxgG9t30ciqogOm0sG_RnpIOEBjwLWgIH6Ajl9UDoHehB9j5Pub1mkzuz1kPdaMApmLn2OVkMHGNJjkv9J1-mYuEDRaOh8joMEm0t00nw7z1rtw4j5kajqK3KU2GJohf5guNLnREe9yu6KdUt0pc9323wtNeOI7FfcYJzL1gV4bIzH5G89cseGUkU_jEMULXoHsqQOxMNjxrZVY4lkyGvRjoGoP7LWuTmpLKsLbYwbRIfpgJW_LxWHH5TdzuhhMz_wPJf_b3gStmIaZgP2OcIJ-3KkQt1hSf81IqEBs-XhmuZKOmTU-29-KEKvKpaIwyXnnEtcf3buJYWI-iXlhR8Y8sA15cxtC0NkNtFiMmCmYSv_3UPTlpy8d27h6NroeXC-ZcLPpsQkcmxFyngsBYP3WEiLN9ukjvNyeQ3taDTZv-AsocL192FmKf7nNLjQS1-UUyRI5jBzHkcynlkq_iOC7Qc3lM8quTPm-OVhkeJz4qrTmYD7M9epnUWWFqc63U8YiLjvQG8bsyNvPMz0sxYx0ZuPG5JAHnKKZeaKiRU7ESnT82OEyftXU5rW6mxVbKdp0D2nNw9jkxwvZjslAAQhjRr4mFzSfPI9MIGPw4iJrgZH4Wt5Kxabmg1mm6z-1rKmN9c46o66SjhKmPHR6lxV3pGSE-BBguhBp6k_wDr8GbHItq9UpshuQhQNydIJch6pusidB7N6mhd4fw24UlTQAMkgZQsvLtAsFcbonEw00nEm7DW1cAXAFUO4Bu1sMJodHXmYoR55oDj2KAcfzCaX_49_pTAuAUt05rBFuq6S-NhQWF0-4mBHF8DNlLsze5oXkUEoJscki15-vdMLB95762OP4_baVQ_wmP4A0prgviwrxRc2gJ_bGrj89LradMj_toLSbmWK8ofRBoIT8s3yRQv3eZBZeTVR9Ynv0nClOL_xYxvmjYUF6ev3wM4ZTNtY1w2WVprK8Tk8Gu6yNV2l2XEt6vVHoj4B3icMwdmSNgDVURBy9n4xFPF6_PicbJW_93f3WPoH3Q6EoniiQhqwue3nTXPJDsABw4CyJGdqECsL1uAGrsJPnyKCWIuLq44GhBawr3V5ks5C_mdEqoHDQGBN85B4qf8YxQP6fJhehk5t8aIvBBabaECuTfzm8nJj2FJbeFlX8kogMKNQj5UdrGWKsnWE12DURwqrHnnkcPIlenhWjrrL5YKSLR6wCe43oeYf0Yhpb7p1KSzaId2GfGl57L9E9pfoxEP2qSOshGpb3Hf9ocvjRKfWVatu8veCr82qrxHrb9M6ZMVV2lYUyXg1IvPu24Vcezm4sZmhAZtpYIADpIrfWsy8hQOEXJuhoGzW4EXp1y8EDHKS3WHWEodj3Wx0wIkLRfNUFt6mXtwTu-4S8tPReoCZ7__7tJoyYwg5iaDZXG_TQU1aRD8PO3MWGmTHr2nrb3HnBD6-UhXaWdq73m2Rk-HH7OvDppqZk4SYs9G3ImOyqChQR9Rr7z9Q9AarnkC76fq_I0ZyVrBwjX975gVd09E3AhkInrVcty1IlcilyxROGrnDNJCOH_FGEEqoS1y14cv9ksAaZMmedugQPXUFmF7wfahpAb1e1tksUsU67UI7qgPiBpYA-ktMKxJKa9YeBMzAOIE53O98brRFhcrSB95H45SkRjy0cG2D2hVEjT7J2lbDvHSElT8PT_l5vF_40R4tm37KvbWzWavZK2oT2sqOEI5zVOWQFx1_edE7zWuyEA5rlPR6D7-S1XNxjQbQhkJyvQqwBMaw7sp1o3qyBk0VGuT5bNjhNriRIsw0abQ3AdbNogL0HnYCyR5wzGgiFuTbznOmEnt7cYEanmV2cQR4o1fenm_lJAuMOTO_bhkyEVVa9aVv8bb2uWRFYTeUD7H6Epu9DUm-J3IpV&cid=CAASJORo0AIjAXLY3QmVFApZs8KiN09BPYID9u7XdFxmnJ9JpoC43w&rfl=1%2Chttps%253A%252F%252Fwww.heraldsun.com.au%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:49:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10776
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 17:49:30 GMT
main.19.8.352.js
static.adsafeprotected.com/ Frame 6723 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670542&pubOrder=3080239808&cb=595334820&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c2-3b81-11ed-ae41-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
619049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
3aAUESrhMXPkGUTWQxuQ-XZOf9fiY7wAR8qy7NPsA3MQQ_dgV4Jhjw==
6323fb72d500941092e24190
c.bannerflow.net/a/ Frame 30A0 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6323fb72d500941092e24190?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss3Pgpz4IBboybHi5yFd4OIxEMRzbnXWPBNrKMInxazDg2JUiFqOgU0sqm-C-jmXuRxCGcHhvu19BvxX8ALXxso2-D3ECGsqmTVpWdS1s6CRMZJsI3zKFGfF-jRvUjH5_w-cTZqo9M6ib1oLrRUHls_55ZWgkdENkVpSqW2THAUkUEFv6_5S9LcCSirFMLvAPKo-b5iq2VtOEbtp2IbUVj99Ic2oZY%26sig%3DCg0ArKJSzPeSNMOdTJf8EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%2526sai%253DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%2526sig%253DCg0ArKJSzPtqRCmr4EYcEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=2761694113&domain=N1165332.2810019NEWSCORPAUSTRALI
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%26sai%3DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%26sig%3DCg0ArKJSzPtqRCmr4EYcEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=235;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
343c41ce052350958d10bef12ff5a89fa32ede28385cdc6f41e199ef87c87613

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
cf-ray
74f6251ec8fc5a5b-MEL
content-type
application/javascript
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 30A0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%26sai%3DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%26sig%3DCg0ArKJSzPtqRCmr4EYcEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=235;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:45:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 30A0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZxqLyOfIRIUw0kzd-SV65jzlUMt5Ks5RXJAgmDbhYekiQpqu69lleGaoPKUxDo4ausnGkkSFddvOdMZiH55HtkxeH8pUCTS8ZJuWFzTpA6UW1OeLFfJwKiew8IMyjl1EvnRv5Ql8-M5-tXmmstz2ReFHJalu9EheMOKebPQZsZ3qm9XlQuMm9i2wHRwOt&sig=Cg0ArKJSzJdTCBUZnm5AEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220921.12914&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%26sai%3DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%26sig%3DCg0ArKJSzPtqRCmr4EYcEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=235;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jload
pixel.adsafeprotected.com/ Frame 30A0 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930468&advId=9550667&campId=28567664&pubId=6948356&chanId=178500614&placementId=346248267
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%26sai%3DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%26sig%3DCg0ArKJSzPtqRCmr4EYcEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=235;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8dc7874c2b1de2f08584e8a6ce0a81c05a0697dab0e520b2df25370f2230c579

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30A0 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:06 GMT
6323fb72d500941092e24195
c.bannerflow.net/a/ Frame 69FE 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/6323fb72d500941092e24195?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssp2WDEaJBrgXhhQ47EdeW88-BQxEm15ifTRLKzeVZLZh9lNsxBFfvhKRnbW4I1znB5XQ-zsST5NL1dy7c0kN3yO_lAf8xE3Ds_LhVg-OHBRvegCA1fk3feFXrFrzSzfPteIE6mIt6gmgxeAA6GCU5MdACsmQdTdRii1WVYbqiPYS3Zw0uodFJ-RamtVNqKDS4jQRrWk_pEpa_Hjiu7X7Es_nnN95I%26sig%3DCg0ArKJSzC7BvD3ctiepEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%2526sai%253DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%2526sig%253DCg0ArKJSzDIf9Siv8MGbEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=3778850382&domain=N1165332.2810019NEWSCORPAUSTRALI
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%26sai%3DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%26sig%3DCg0ArKJSzDIf9Siv8MGbEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=280;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4efd299554ae31a6881902182f86ea9b301aea88a45efe0d7198f8f8100358c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
cf-ray
74f6251ec8fd5a5b-MEL
content-type
application/javascript
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/ Frame 69FE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220921/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%26sai%3DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%26sig%3DCg0ArKJSzDIf9Siv8MGbEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=280;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 07 Oct 2022 19:45:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 69FE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujrOPuKvZr_TzDbYdW69PVtiPIa64YxF_5GBTiWV3-NuVcZT8q-dmVtrlNv0Mmq8FqI-sFtCGviuuw82xGxgzLBGqkjynV4JfISEuHZNVq2mqg5SvJIAOVcvuMY24ksaKQ3jByXws5LiTpxw4wx80X7iXWawDyAxtaqD_5XZiUOU8YR8Jssn8buwIvxFvC&sig=Cg0ArKJSzHT111TwlAS1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220921.77674&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%26sai%3DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%26sig%3DCg0ArKJSzDIf9Siv8MGbEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=280;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jload
pixel.adsafeprotected.com/ Frame 69FE 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930468&advId=9550667&campId=28567664&pubId=6948356&chanId=178873422&placementId=346947313
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%26sai%3DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%26sig%3DCg0ArKJSzDIf9Siv8MGbEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=280;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8987f2cd6b207ce54118ad34053d914999ac4bc077e271f71eb6ce4e07f6022a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69FE 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44525
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663760195623328"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:06 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C272 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 09:56:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A0FB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
51535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 06:30:11 GMT
etag
48472445140208031
expires
Sat, 24 Sep 2022 06:30:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C272 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf8ab9e2a6f23f39d76070b3ada20ff121a90cc6708d5930e432bcfd56bd861c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
main.19.8.352.js
static.adsafeprotected.com/ Frame 30A0 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930468&advId=9550667&campId=28567664&pubId=6948356&chanId=178500614&placementId=346248267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
619049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
EIaX7EdANxDWqTeqU1XtqtCV04euCpKpUA88N1jcgpzTCEJfl8wguA==
main.19.8.352.js
static.adsafeprotected.com/ Frame 69FE 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930468&advId=9550667&campId=28567664&pubId=6948356&chanId=178873422&placementId=346947313
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
619049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
72jQku2w7EjLo5Go7zFhnYi_dLLu1Lmq3D7tVLTU_gqT3x1UbZsj3Q==
truncated
/ Frame 30A0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b7c550f6ec66d4c2f7c602d5e7448f8bb4143a95539a7447208cf4b903866cf

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame CEBF 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670923&pubOrder=3080239808&cb=666025173&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c3-3b81-11ed-ae41-02aa41dfc264
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
3c311ebfce1615de1bb2323f6acef439bc9cae9da36372455eb92f148cd31268

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A0FB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPZ2h0YGh9ZXfOmfsP81fDs&google_cver=1&google_push=AZmPxg9d6g519Ip_wmJEUCIED76whkkiqtR1pasxZkkx0cv1XLzxOmB31UE6RNiKg6ES7F_acpNe1HKGctgWsbIQfuaPobZj1YgIl...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgwNDAzMzc3MTEwNDk2NzY4MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPZ2h0YGh9ZXfOmfsP81fDs&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPZ2h0YGh9ZXfOmfsP81fDs&google_cver=1
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPZ2h0YGh9ZXfOmfsP81fDs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A0FB
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEP8CsiKbRYWuok60av9GsUE&google_cver=1&google_push=AZmPxg-pMSRvSTYLXWbwZl6E56bbVu9sLSCcSK3xrllpf1v2NZKFcL3Gt5Rav7K7WQC27dmKJE0ut...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-pMSRvSTYLXWbwZl6E56bbVu9sLSCcSK3xrllpf1v2NZKFcL3Gt5Rav7K7WQC27dmKJE0utGJTCjdSU6JZz9LIZNl7a1_MnH7E1oabvSFCU8zhDGQVCQSQeLoaTE...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-pMSRvSTYLXWbwZl6E56bbVu9sLSCcSK3xrllpf1v2NZKFcL3Gt5Rav7K7WQC27dmKJE0utGJTCjdSU6JZz9LIZNl7a1_MnH7E1oabvSFCU8zhDGQVCQSQeLoaTED-_Z0JZQwHdZ-3PoYaQaFJfQ8
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 23 Sep 2022 20:49:05 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 175612E9D9DA43AFA4A908915C87AA9F Ref B: MEL01EDGE1510 Ref C: 2022-09-23T20:49:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg-pMSRvSTYLXWbwZl6E56bbVu9sLSCcSK3xrllpf1v2NZKFcL3Gt5Rav7K7WQC27dmKJE0utGJTCjdSU6JZz9LIZNl7a1_MnH7E1oabvSFCU8zhDGQVCQSQeLoaTED-_Z0JZQwHdZ-3PoYaQaFJfQ8
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpXk8VTybL8RmVHN3ZYw==
pixel
cm.g.doubleclick.net/ Frame A0FB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFhqf74VGZuabZ3tVQGm7-E&google_cver=1&google_push=AZmPxg8AcFRHNPRoSAu2iz1-OuHUlGnvhBMe3eMbdzXk0aM8JNAysK6EJYmnfwhSwD3WLOnzRFpO_u1X...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1MzYxNTkyMTExNzM3OTg3Mg&google_push=AZmPxg8AcFRHNPRoSAu2iz1-OuHUlGnvhBMe3eMbdzXk0aM8JNAysK6EJYmnfwhSwD3WLOnzRFpO_u...
170 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1MzYxNTkyMTExNzM3OTg3Mg&google_push=AZmPxg8AcFRHNPRoSAu2iz1-OuHUlGnvhBMe3eMbdzXk0aM8JNAysK6EJYmnfwhSwD3WLOnzRFpO_u1XQMXgrKw20dGHDOy-V4Kzyytjd4tTiugJbIbDpKv3RKnUbs1bR2FMgOHJM_sccx3hb54ieoPKT7k
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mjg1MzYxNTkyMTExNzM3OTg3Mg&google_push=AZmPxg8AcFRHNPRoSAu2iz1-OuHUlGnvhBMe3eMbdzXk0aM8JNAysK6EJYmnfwhSwD3WLOnzRFpO_u1XQMXgrKw20dGHDOy-V4Kzyytjd4tTiugJbIbDpKv3RKnUbs1bR2FMgOHJM_sccx3hb54ieoPKT7k
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame A0FB
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEMRgEJPVPHvyxPaVm8OpSL8&google_cver=1&google_push=AZmPxg8NMI8qqk_ghkWdHZDKrP59c4khWFAmVBUskyfLLAFnsoPe-qKPb09nQdla8pegOy9_1TZHkn_nsUmY40k6NtInO2wyV69...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8NMI8qqk_ghkWdHZDKrP59c4khWFAmVBUskyfLLAFnsoPe-qKPb09nQdla8pegOy9_1TZHkn_nsUmY40k6NtInO2wyV69d2B7g2F74ZM5_E3rPubikGz1sPK-qoPa...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8NMI8qqk_ghkWdHZDKrP59c4khWFAmVBUskyfLLAFnsoPe-qKPb09nQdla8pegOy9_1TZHkn_nsUmY40k6NtInO2wyV69d2B7g2F74ZM5_E3rPubikGz1sPK-qoPazp-kW-EV6kcW2uP-l5I-B3A&google_hm=ZzZlOTFiYjA0MTQxODcxOTkzMjY=
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg8NMI8qqk_ghkWdHZDKrP59c4khWFAmVBUskyfLLAFnsoPe-qKPb09nQdla8pegOy9_1TZHkn_nsUmY40k6NtInO2wyV69d2B7g2F74ZM5_E3rPubikGz1sPK-qoPazp-kW-EV6kcW2uP-l5I-B3A&google_hm=ZzZlOTFiYjA0MTQxODcxOTkzMjY=
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame A0FB
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKJSTJXk4zuJynDRZqFZDEI&google_cver=1&google_push=AZmPxg9xOsRba2jp2IoKuZlU_zvCVpEuH2i2hBJjPsGiGdDf23qGmamzN...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9xOsRba2jp2IoKuZlU_zvCVpEuH2i2hBJjPsGiGdDf23qGmamzNxRHQDH7sCbmf8XYf7kcl2GbFSyEfTAjW21f4T4kNgK6Al-ISELJO-lmrFi6gzJLKAMmhciV5...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9xOsRba2jp2IoKuZlU_zvCVpEuH2i2hBJjPsGiGdDf23qGmamzNxRHQDH7sCbmf8XYf7kcl2GbFSyEfTAjW21f4T4kNgK6Al-ISELJO-lmrFi6gzJLKAMmhciV5aV6O-tljM5rD6iGUqalUVnSzQcq&google_hm=QlMuNjU3My1mM2VjLTRjMTQtYTdiZg==
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg9xOsRba2jp2IoKuZlU_zvCVpEuH2i2hBJjPsGiGdDf23qGmamzNxRHQDH7sCbmf8XYf7kcl2GbFSyEfTAjW21f4T4kNgK6Al-ISELJO-lmrFi6gzJLKAMmhciV5aV6O-tljM5rD6iGUqalUVnSzQcq&google_hm=QlMuNjU3My1mM2VjLTRjMTQtYTdiZg==
Date
Fri, 23 Sep 2022 20:49:07 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame A0FB
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDXdCuOUvX_NMMOwE80E8jo&google_cver=1&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEDXdCuOUvX_NMMOwE80E8jo%26google_cver%3D1%26google_push%3DAZmPxg-jOR7qLtoaJLZICe...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A8755626116547415080&exchange=193&google_gid=CAESEDXdCuOUvX_NMMOwE80E8jo&google_cver=1&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5kh...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3NTU2MjYxMTY1NDc0MTUwODA&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Q...
170 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3NTU2MjYxMTY1NDc0MTUwODA&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj3uLRWRPcWZ5OCiuOyLMU3xMsGGpscdC7ucHuYVjGivdCKFwpH82I8z1drNn-4Llety3C1nUArkFd
Protocol
H3
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTg3NTU2MjYxMTY1NDc0MTUwODA&google_push=AZmPxg-jOR7qLtoaJLZICenhdNiNPbYDKUE78MCO_6OP092gs5khfTonMVUSYydhpK-BGbI4Fd6Nz9Qj3uLRWRPcWZ5OCiuOyLMU3xMsGGpscdC7ucHuYVjGivdCKFwpH82I8z1drNn-4Llety3C1nUArkFd
Date
Fri, 23 Sep 2022 20:49:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame A0FB
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENz4x_zFE9fgq7HBFLfxHCw&google_cver=1&google_push=AZmPxg8adSe4g7sBWTB0cgCFAcAmdPu7ekuyf_xJa_7bXsdctim3UYmYaVwwbCkzpkKGh9-19lTBo8_kb0F...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg2wccgEhC87EB_NIrIP1BYv3w-wmhhQkgQ&google_push=AZmPxg8adSe4g7sBWTB0cgCFAcAmdPu7ekuyf_xJa_7bXsdctim3UYmYaVwwbCkzpkKGh9-19lTBo8_kb0...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
139.99.49.250 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A0FB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFeiP1jOBt5neWNO_NDNIy6Nb26ZznltmWbYBjAezHvnYiYtCDDxXyonJfUQwyM9FCa7xFBEFZ
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 69FE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a77472837e7ddf699575bc763d0815b5d54b4d5fe3e392e1dd5d812a45ac219

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 3103 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670929&pubOrder=3080239808&cb=1200331253&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c6-3b81-11ed-ae41-02aa41dfc264
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
a9c49a1a796368e2060aada186576d3c25b80a5b292639a8c9790fe8f16d24fc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
preload.jpg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027128/3374695/ Frame 30A0 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027128/3374695/preload.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2010b01553e93e885d5ebe27c838a7072e670673fb512a609e7a370bd23fd90f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
HIT
age
614238
content-length
13815
x-ms-lease-status
unlocked
last-modified
Fri, 16 Sep 2022 04:29:04 GMT
server
cloudflare
etag
"0x8DA979BFD3128C3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
0bcabe66-601e-004b-60f7-c91175000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
74f625204a395a5b-MEL
cf-bgj
h2pri
preload.jpg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027129/3374699/ Frame 69FE 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027129/3374699/preload.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
45eb0b2ade27df0ff0de76dba4f80ac988a3e69bd98b44ebc8a0e329423233f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
HIT
age
614184
content-length
14289
x-ms-lease-status
unlocked
last-modified
Fri, 16 Sep 2022 04:29:04 GMT
server
cloudflare
etag
"0x8DA979BFD314FD4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
82e67f10-201e-004a-5af7-c94ea9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
74f62520aa755a5b-MEL
cf-bgj
h2pri
main.19.8.352.js
static.adsafeprotected.com/ Frame CEBF 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670923&pubOrder=3080239808&cb=666025173&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c3-3b81-11ed-ae41-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
619049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
HHTQa3iNUCFPCMtwsZjD-sA7-36pbOLy-dTN79C_qq63fPW99hTOOw==
main.19.8.352.js
static.adsafeprotected.com/ Frame 3103 		194 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.352.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670929&pubOrder=3080239808&cb=1200331253&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c6-3b81-11ed-ae41-02aa41dfc264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 16:51:38 GMT
content-encoding
gzip
age
619049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 16 Sep 2022 14:19:29 GMT
server
AmazonS3
etag
W/"067a9552174cd536b5cfa4275edeb714"
vary
Accept-Encoding
x-amz-version-id
FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
3ZsF5mw3nU_wO0ba7_Ly0gVsHlm5ylL_An2txOusqLc108RVyE9s6Q==
index.html
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
c7e2f8064d93198d074ac3b6594ac920d41f0c48dfb52769b8fcbf08058d5c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
437290
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4776
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 19:20:56 GMT
expires
Mon, 18 Sep 2023 19:20:56 GMT
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C272 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDh81vfaAhpe3jZJq6LRMTGwblf9aNTEq0z9EGwBjWSBDvqApxQJ-tE5-tb1PU6HcDMyp8okXVEOay3iNcELyp_ksQqo5OKpbdvGIH8_C9gi6d72LsPpKNamngJubY9zFiHcdQnTzeMRegnf8WJt_ButnYclv3UMKbqQytxLdO_dcALoV_Kbz7HP8rdjRwquREKMbQYCL0d-sPeT4scP1YU1wa_GM5xeN13Bogt0EVba35Xe5GcqM7xG_tgoccD8t_MgVNST-T1EZ9Un-6_FfQE3R32qtj0eTwjChLY_Tf1IWAepbyGvg66-B2XC6ka0e7NxyQKZUiHIwQ5cSIXFqYDaeZ2K2vkvI_bJbZT3ar6scLCnfQcBTqAJBzAtc1AQne84uRulofAtxpR7TLNHuGjjeQB8wrDgcK3iOu-PDoTVcd0BVIcPxdVBlZnrTsSH3Rph0j5czqo4hD5gGb1bNmU5BIJtbkprqaNPHdPIZfsqjFxk1nm_dmhWfWZC7RAucMYLiMMftNm8bM0-ZrDfShdTauHCCPD9WeIfBSG74ubo-NHzttCuzQXQCQdwpjyuxwvXotlbB7gZbJ8gdYQjB7g0PErfCubrWTvDpBOI7J4icwaMYMZmTw5X1cz10iqud6kwTONYQ-Ugcfs6R2AaqPUuxwJz5bJVeD1qbOsmtwVAFXVBSk5r7eiVzsgw-54NcVwKryGNdC1qAMcXvaVBsTSGE6XktqUpZv9kI6Nvp3X7BpgwJwHg0hFoLnFX0kyMzJTKolWOViKnOEnhLZzpBrDb2BRohwr43LWe1qK8Muv2THUHzZ1EPNAeiHvyTqRPwTiK_eP5gWdf6UTkjZ-LwD_jxTo1NfoaDSVPhXzFOGRR8ZM_2jzJEIR-MrQ3aVxXbx4hapYYFOcapI_6H1IMnC6E0k4BZKJLnwFq8yDtDQFTvm3qaQdAVIMnmk-z3cxSky6CcbdqV5mUdQjvWqUXPutCrFaCuRwrBD3pxmnj9BZZzxQ-AlHvm5nN6PdsGO9RcLcLs_fAR1QicizpenOjSnAvXTGZ0Yr3mECLoX_24EjCIU5DVny8fUTYOH_RUQMQy3ttzTTjGJvGnEJTUMYZNSDkziFCcKQG59V5Kdbra1kcVtLvqvlCcY6eoHX19Il-xeois4YalVkusuoUqgydyiWKPoHevUxzeUnyk6O1oJ9gkTaNQMkmdp3wj5W1uc72ZkSTDModa_agnP-AmmptZfDKYYe3iZ_uvgzXebnppcpz-zbbhCyMTt8iriGkzmsVtJBld3DsoumLpd9X0wk7Ex1EmxDrA_x0DnhaL5JEfHO6Iu&sai=AMfl-YQwosoCNn00DfIVQgCxoJTQlngJJcghwTF0cNElKWXQ16MBxld4St3Xb7nPynSvlOOObJdTs7j1ouNiwfMR0ksdpv0_4_vhUTaCUMP-WX_V7ZVMhWeX2ZRmDeWrOKmEdcfBY9A3g4Wvg73Q_IaucYNnkCRuP7qpQGFLfI1Uz0vDfsoxR4VYWIjzNicjuCw_FwRNzu5AMyNiZEDk7BtNjTeICdG4OV3OxjViXuS92riLC2JG&sig=Cg0ArKJSzPWziRh6lQpDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=754&cbvp=1&cstd=751&cisv=r20220921.53588&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 23 Sep 2022 20:49:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
c.bannerflow.net/tr/v2/pixel/ Frame 30A0 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6323fb72d500941092e24190?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss3Pgpz4IBboybHi5yFd4OIxEMRzbnXWPBNrKMInxazDg2JUiFqOgU0sqm-C-jmXuRxCGcHhvu19BvxX8ALXxso2-D3ECGsqmTVpWdS1s6CRMZJsI3zKFGfF-jRvUjH5_w-cTZqo9M6ib1oLrRUHls_55ZWgkdENkVpSqW2THAUkUEFv6_5S9LcCSirFMLvAPKo-b5iq2VtOEbtp2IbUVj99Ic2oZY%26sig%3DCg0ArKJSzPeSNMOdTJf8EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%2526sai%253DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%2526sig%253DCg0ArKJSzPtqRCmr4EYcEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=2761694113&domain=N1165332.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f62520fab05a5b-MEL
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E7BD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
537860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 17 Sep 2022 15:24:46 GMT
expires
Sun, 17 Sep 2023 15:24:46 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2662031558474205443_1663738463792_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:07 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
9KiDR79_iEcQ6YHOXC8QsTDGSv0t9c8EKneNfq_1jmWFWTln4Y5ohA==
rec
collector.bonzai.co/ Frame 1874 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=473cedcad6fc571165c0bfff98db6d59&ad=2662031558474205443&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.224.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-224-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px.gif
dcollector.bonzai.co/ Frame 1874 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTY2MTQ2NzI2LCJmaSI6ZmFsc2UsInRrIjoiNDczY2VkY2FkNmZjNTcxMTY1YzBiZmZmOThkYjZkNTkiLCJhZCI6IjI2NjIwMzE1NTg0NzQyMDU0NDMiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY0MjY1NTI4ODQ4NTQyNzkiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJEZXRlY3RlZCBTREssIFdlYiJ9&etc=0.9335713324442316
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.113 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:08:13 GMT
via
1.1 3ce5fe2903e47f603ef50d554e75dcb0.cloudfront.net (CloudFront)
etag
"28d6814f309ea289f847c69cf91194c6"
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
9655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
Gskib1CQt2hDoXStsxnMrMatJLvfOa8-hR95Wn7jx_leL_dFapbhFA==
rec
collector.bonzai.co/ Frame 1874 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=473cedcad6fc571165c0bfff98db6d59&ad=2662031558474205443
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.224.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-224-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:06 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
c.bannerflow.net/tr/v2/pixel/ Frame 69FE 		0
33 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6323fb72d500941092e24195?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssp2WDEaJBrgXhhQ47EdeW88-BQxEm15ifTRLKzeVZLZh9lNsxBFfvhKRnbW4I1znB5XQ-zsST5NL1dy7c0kN3yO_lAf8xE3Ds_LhVg-OHBRvegCA1fk3feFXrFrzSzfPteIE6mIt6gmgxeAA6GCU5MdACsmQdTdRii1WVYbqiPYS3Zw0uodFJ-RamtVNqKDS4jQRrWk_pEpa_Hjiu7X7Es_nnN95I%26sig%3DCg0ArKJSzC7BvD3ctiepEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%2526sai%253DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%2526sig%253DCg0ArKJSzDIf9Siv8MGbEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=3778850382&domain=N1165332.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 23 Sep 2022 20:49:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74f625216b145a5b-MEL
content-length
0
request-context
appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame 1874 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2662031558474205443_1663738463792_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
Tl-A2juSniOrIV8PPf6zZWRWV92dzHzRW0l8d-lw02mmUt_gJchH9A==
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1B8E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
191571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
hfRjuKVI5b3hhCXGtKvQXtjhUIvvv52CcZ4uCCdwwB28EF3GGTUHZQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670542&pubOrder=3080239808&cb=595334820&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c2-3b81-11ed-ae41-02aa41dfc264&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b295b505-a36e-3354-1229-5044862b8174,c:p4zKEI,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-6vr9g,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:945,mot:0,app:0,maw:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:971,oid:29dc0b64-3b81-11ed-9b70-2e2a3fd879ce,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKEK,pingTime:-8,time:972,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:973,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B25~100%5D,as:%5B25~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKF7,pingTime:0,time:995,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:995,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B47~100%5D,as:%5B47~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKFq,pingTime:-2,time:1014,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:683,beZ:684,mfA:1628,cmA:1629,inA:1630,inZ:1634,prA:1634,prZ:1645,si:1654,poA:1657,poZ:1675,cmZ:1675,mfZ:1675,loA:1683,loZ:1686,ltA:1696,ltZ:1696,mdA:684,mdZ:1606%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1014,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B66~100%5D,as:%5B66~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1r*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:39,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKFS,time:1042,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1042,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B94~100%5D,as:%5B94~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
HYPE-740.thin.min.js
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		56 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/HYPE-740.thin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
1b672d771ea2e2d6cf15df45fa4978c98d571b4521e5ebedb7b060e65577c127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24574
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:56 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame E7BD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 22:01:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1874 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4MZaw3L4mvRXPlqNX0-vbr4dBBtpJnOKegAkUERq-faZ4sXrGgEFISti5sv8JyxJ7oBbFDdbwXrVZkXh20yTXSh3w_NYXkEtv77s0IoFOjQoQug2tsTSUn0GVVgX0uRdtuh1VTT7mVPYzNGI2L199Br8tv_fi26CDJ4iqb3FT4bZZ9bMdDHDVTbLUi5Hn6zPMs8V8g37Aw9clyDiBnw282O3Uid0LlcmR8sJOk3BkChj0-D2rkoOKURxAsicpvbIjoSdIVYitrXEz9GXKgUrOa36DD2LEQiax7wc5XiVj63Wt87EZZbytHy1gtrq8WlT7&sai=AMfl-YTnTeobyDpLSoQWNdF6FT8uHbK6kZw692WwX2fLu7E1hqePWe9CVQjFhqtIs5te2pbxAzk5X_KrcyrNzbRBOYn7387K81foK5c6kHPcEme-TKG5c46Im80O9FfuYg&sig=Cg0ArKJSzID8nwx8CmRCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 23 Sep 2022 20:49:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 30A0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZxqLyOfIRIUw0kzd-SV65jzlUMt5Ks5RXJAgmDbhYekiQpqu69lleGaoPKUxDo4ausnGkkSFddvOdMZiH55HtkxeH8pUCTS8ZJuWFzTpA6UW1OeLFfJwKiew8IMyjl1EvnRv5Ql8-M5-tXmmstz2ReFHJalu9EheMOKebPQZsZ3qm9XlQuMm9i2wHRwOt&sig=Cg0ArKJSzJdTCBUZnm5AEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1164&vt=11&dtpt=1163&dett=4&cstd=0&cisv=r20220921.12914&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346248267;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=2553263875;ord=05wgur;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%26sai%3DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%26sig%3DCg0ArKJSzPtqRCmr4EYcEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=235;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 30A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYr1DMvcFIRtIezT4WaGgUI4Qu3XiTKTxupJjndgUBDZaAev5MWtB-a_uQ2kIGq7FFIIrGPNAt4OUiCrcDB_ejd1Cr1QjsdbZ2kMOcLBlzPZVu_UdxfzSeTTdEq9zJe6K9tHrLeEolGqU5Js-zHcSR4cWoPUJpkwpTp_cHgcnluYQ48sUvSyMj2jzW2adT-_gUWjFZD8vmbYM8ITTkffCmnecaBQuFbNuEqa4gbLflgO7_yhYo44QV86vNKSQWxT_7KocUT9dhTbrFzOcDnm7uUz1Y0HQ_DkMiR-PxI1xemQRyWPLzEcA-veS25nV7cluJ&sai=AMfl-YQiRZnwu7e_grrccoGGn7n1dgwydJrDFEV1KpIv9428_8YUq3H2Z_JpxWZE9QC6jQm-4BAEOUvTtLEwn-IroqbmeWf8I7VSgaI0wRdZFOhmD2Pwki8oBWwVo2A1Rw&sig=Cg0ArKJSzAZRFv4ab3uyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 23 Sep 2022 20:49:07 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2D7E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
191571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
K_6Mkjt0o0Ie2Tkd0aLPg6n99OMPiUp9YliW9lcnRYfE4eMZhqUmDw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930468&advId=9550667&campId=28567664&pubId=6948356&chanId=178500614&placementId=346248267&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:5166262a-718a-1ae5-acef-cf7595196252,c:p4zKJE,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-wlf6f,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:966,mot:0,app:0,maw:0,fm:tiicng2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:976,oid:2a22ff65-3b81-11ed-8ec1-86980a66f61a,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zKK6,pingTime:0,time:1004,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1004,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicng2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:976%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zKKf,pingTime:-2,time:1013,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1028,bdZ:1203,beA:1205,beZ:1207,mfA:2171,cmA:2172,inA:2172,inZ:2173,prA:2173,prZ:2178,si:2181,poA:2181,poZ:2198,cmZ:2198,mfZ:2198,loA:2210,loZ:2211,ltA:2218,ltZ:2218,mdA:1207,mdZ:2159%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1013,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B46~100%5D,as:%5B46~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1,idMap:1s*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:976,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:37,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
box.png
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/box.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
92e22113edcd26fab6802154c99f1c3d438f121855aab0e64177b39938dc7d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14968
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
dish_3.png
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/dish_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
c57db64b6ebab1b9ee87ac06f504550adfd9b294e414fe3122fedf8e727da69f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18099
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
dish_2.png
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/dish_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
157603bb688e945a0c191c12f22e9d5ad1018a2fde53f2f6847587051afbef13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18110
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
dish_1.png
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/dish_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
61d7dbd4440b78099146b016e521889a1659d7293fdb7fa92bf6ab3430f8739d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17649
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
copy3.svg
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/copy3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
cdd76b681f2194c9e5d905a8531c6b6a5114c16ffe9595e51fbafbdc228c4744
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
copy2.svg
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/copy2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
2b593d5157de866011a1d6355f4cde11cd843b699aac2b94a4d39ceb93166a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1019
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
copy1.svg
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		2 KB
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/copy1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
1f79d4b220be478592cc03715aef8b50c900a331882a7c767a37e86980661d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
861
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
bg.png
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
88a1f7f477e84bd9b583c1a87ff2800cc61e929c1f75dde95b57677972b5d4db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7803
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
logo_2x.png
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/logo_2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
dc303bf7749f402fa46ad0f7f3caba015b6b6f9102258c9f33e10005e58df53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2934
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
cta_v1.svg
s0.2mdn.net/sadbundle/1931460637623065152/ Frame F435 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1931460637623065152/cta_v1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f148.1e100.net
Software
sffe /
Resource Hash
6cf160f3480ac2d83ccb59f5783ea8c32488f90c4d285b35bb320ac59eef3f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1931460637623065152/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 19:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437290
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 09:08:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 19:20:57 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 08FE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.195 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
googleads4.g.doubleclick.net/pcs/ Frame 69FE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsujrOPuKvZr_TzDbYdW69PVtiPIa64YxF_5GBTiWV3-NuVcZT8q-dmVtrlNv0Mmq8FqI-sFtCGviuuw82xGxgzLBGqkjynV4JfISEuHZNVq2mqg5SvJIAOVcvuMY24ksaKQ3jByXws5LiTpxw4wx80X7iXWawDyAxtaqD_5XZiUOU8YR8Jssn8buwIvxFvC&sig=Cg0ArKJSzHT111TwlAS1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1217&vt=11&dtpt=1217&dett=4&cstd=0&cisv=r20220921.77674&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1165332.2810019NEWSCORPAUSTRALI/B28567664.346947313;dc_ver=91.268;sz=728x90;u_sd=1;dc_adk=3526243113;ord=rkgoim;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%26sai%3DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%26sig%3DCg0ArKJSzDIf9Siv8MGbEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.heraldsun.com.au%2F$0;xdt=0;crlt=0AuodR7-(X;stc=1;chaa=1;sttr=280;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 69FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstp7t2NtSoatANxd_SbO2DA3TFMqfsr6VRAl3LEe1SKP3sbUZrvBA55TestJ44e6XkQna38f78xtdk48DaP6a4eNmH5cg-p9Dcq4p8w2d1oYJXFU8fhSsjkcsZ2nh6DjUs5N0yvBrb68Ie-m11C_eBKDaBk6Lz9TyFb38Qf_sbJJgpB9ifqf8QXyjHW7Q2OxvYcYoqAqUil-vT-lcIqBq5h5XQz3jC5A88ZKypvyDZlC1LJKPp_m_RdNm_6xPjVNjrPIT2CkkXb3iL8tmNaMkhvNSB02E7tqlY6I6BpEGrhI6dDpogBzTFey9WPBMFC1MKt&sai=AMfl-YRCBLGi73Qj1oiUaH7tyFWlNBCz3xJbTawEq6uUQpRIZM4EEpk0JXOH1h68WmJRuxkm3bQLK7KUO8NaBIJo6dNfPDvQgM8VVeyhwd2HqetIl1-nCTpQiNU4vs6bfQ&sig=Cg0ArKJSzN-blHs47bJwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 23 Sep 2022 20:49:07 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame D34D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
191571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
3FbOmGWlqQ8VlI_KZDGGfiSBdFJ-NZXPLhqqu_KKIToVjqD7nFoG_w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930468&advId=9550667&campId=28567664&pubId=6948356&chanId=178873422&placementId=346947313&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:e57fb39b-a38e-47ef-5759-fe542cba001a,c:p4zKLW,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-7mvk6,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.4471.728.90,am:i,cc:436.4471.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1052,mot:0,app:0,maw:0,fm:tiicngX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t41%7C1u*.930468%7C1u1,idMap:1u*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1061,oid:2a2b3d40-3b81-11ed-88a6-62358e168362,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
app02.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=e57fb39b-a38e-47ef-5759-fe542cba001a&tv=%7Bc:p4zKMk,pingTime:-2,time:1085,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1067,bdZ:1243,beA:1245,beZ:1246,mfA:2297,cmA:2297,inA:2297,inZ:2298,prA:2298,prZ:2304,si:2306,poA:2306,poZ:2314,cmZ:2314,mfZ:2314,loA:2324,loZ:2326,ltA:2330,ltZ:2330,mdA:1247,mdZ:2273%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1060%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1085,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1060,wc:0.0.1600.1200,ac:436.4471.728.90,am:i,cc:436.4471.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s.930468%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t41%7C1u*.930468%7C1u1,idMap:1u*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1061,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:23,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7BD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbszWwRsuY-WhKo6cvAThhrHoDgAAAAA4AeAEAg&bg=!VValVhLNAAYIxsuQKMY7ACkAdvg8WhMv6lFx_i2_GD63gLRkdngVgCqvL5pCfdKDCMve9Xxrw-x8TQIAAACRUgAAAAJoAQeZAvAwHAYDYvb5Nj50xWZkL3r3MIcYFP8qn59AarYXXRnAM3pRYuL88cP5FFZaTQX9ZtEngfUQVaK4VeK_QyHfMzrw-W7gew-P5IfyMtpXZWzvKe613K1aj0XQaWtKuDlVNqRi1sLBbcIzZoD79pHeRZ42QZESA2fJFh_EXOH9M9VYwJC-vgulcOfPnI4NmQQYD-ezALz1s58EPJP6_2T4FivAG7nSiqYaP-MHHL-SDJrBMTXKvX4XuA6m3rA59osYc7a1n9_8xctuGr6x11Li9G_F0KZFdZIBw1vbNAjq75VbeLwvOjV2CMOslnXfxkrf-whmy9o75bw8XfnXQVnsYZGHidrGwsLUVegxWwblWoSBHRLucR-ycJM-HkRVu6KcyERkyY6SYSS33piDhhskYjgrstkMV3_Q9tzPnoj7G4ApPwkPmLvW_LkUjKn34LU2axpr4oURml_cCYxkFrBJCMmVRv0RKIq8dk6467dV3NfGa3x_aPaG6lwJJYg3h-DgrQkoqiPuVODLd3fnqU9wDhSs4qJOly3PSBae20tuB78UEvgy4TQXY3RODlskm0HZti4i2qvUjvrSASB54ZLtwm7589BWge7-3a1LHGuvAYMnAkM82WIZzfuSK9KTB0uNxDHGq5seY_87RxOjjFXrZ3o7wey2WaZFgbZSpVuKs_8YDDC-bKxtQu4TvymbNuAGcOVHRz1oxpuctGANKbejilmH_d0fRmeUToOKtZ0DjCgDY67dciZL0TmJ9WeB5LFWBN-F5ggadmFq6w56oE1NQfqHdiQ6xgfmBz_C0UuuHoYiWJQC6yImgcPSzrkG79ARUafc-2KnT7p4Rsg9Ne5yMGjTrFL5aT_EBYs2LeOFwKSsDSsS6D8IXksVNn0F77Vk5H17uhOBwdqeDa3tcdgu4-HKgwi0Mixu-3RFXZzb7vyR6hXLDFSQwv1uogPjespa9ze-kVMKjyTvKlwBlfURuE9RJWcZi6j1Rg6Q4AAwTTZkig
Requested by
Host: 13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
URL: https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2398 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
191571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
7jJFpfMMaNh9R_gkkrjVUbe6XChT_GZBPCxsow6a4Cki9RAVfR3pWg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670923&pubOrder=3080239808&cb=666025173&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c3-3b81-11ed-ae41-02aa41dfc264&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:cd56f8fd-59dd-63b9-6526-acc6c42b3586,c:p4zKPz,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-7mvk6,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1014,mot:0,app:0,maw:0,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1%7C1u2,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1023,oid:2a4aac57-3b81-11ed-88a6-62358e168362,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zKPM,pingTime:0,time:1036,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1037,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B22~100%5D,as:%5B22~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zKPP,pingTime:-2.1,time:1359,type:a,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1359,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B392~100%5D,as:%5B392~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1s.cd56f8fd-59dd-63b9-6526-acc6c42b3586.19_10507%7C1s*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:976,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:37,readyFired:true,sis:1172%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1px.gif
dcollector.bonzai.co/ Frame 1874 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTY2MTQ3NjY0LCJmaSI6ZmFsc2UsInRrIjoiNDczY2VkY2FkNmZjNTcxMTY1YzBiZmZmOThkYjZkNTkiLCJhZCI6IjI2NjIwMzE1NTg0NzQyMDU0NDMiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY0MjY1NTI4ODQ4NTQyNzkiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGZ1bmN0aW9uIGNhbGxlZCwgZHRzTWFpbiJ9&etc=0.44935272126129067
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.113 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:08:13 GMT
via
1.1 3ce5fe2903e47f603ef50d554e75dcb0.cloudfront.net (CloudFront)
etag
"28d6814f309ea289f847c69cf91194c6"
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
9655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
xbIUA83-hMExiY4tqLLkmRQqku8LVhlpOCgKBGH3d14WP4e_52iOkQ==
rec
collector.bonzai.co/ Frame 1874 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjowLCJjdHMiOjE2NjM5NjYxNDc2NjYsIm1vZGUiOiJsaXZlIiwidGsiOiI0NzNjZWRjYWQ2ZmM1NzExNjVjMGJmZmY5OGRiNmQ1OSIsImFkIjoiMjY2MjAzMTU1ODQ3NDIwNTQ0MyJ9&etc=0.6812978634388565
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.224.149 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-224-149.ap-southeast-1.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
server
Jetty(8.1.7.v20120910)
vary
Accept-Encoding
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		37 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dbb65b1b2d03dbed737ad03ce9f46e959d28406bb0ce0f7f7c07524d692594f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/jpeg
eb61b020-a514-48dd-a21b-3b966d320d52_v1_5.png
massets.bonzai.co/ Frame 1874 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/eb61b020-a514-48dd-a21b-3b966d320d52_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1169fe5b930b6b6bf31748fd0b0483547d2820188ec5937cfa3ea7c341657f91

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:05 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"bc19201ad3c14d2971a3d3881defb6f7"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19832
x-amz-cf-id
GimbRziNGzoby8ZDNHBfl5JzNUQXam_QDoHPAAnsjqwaccdaRF3TjQ==
653d78f9-126c-4017-877c-492fe9f44c95_v1_5.png
massets.bonzai.co/ Frame 1874 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/653d78f9-126c-4017-877c-492fe9f44c95_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abd27c2f47afb62e0a30c8dae3eb539a61bfb95053e4e38d28a2dc3a02258ee8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"5864972fb97acc40236fdabb56a2b9e3"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
13819
x-amz-cf-id
d97SQo5q0SnpxStkbv397X7EBcVNv0Y_CKdrO6lx4CQ55-a3DamsLQ==
aa4e7fef-9ed5-4897-8b84-4395a47ce3a8_v1_5.png
massets.bonzai.co/ Frame 1874 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/aa4e7fef-9ed5-4897-8b84-4395a47ce3a8_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8a48e17be417a84a539591e8d6305240f073db02dccf04b5278a598d6300679

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:04 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"feedac7c6cfd8f2497bb82601a1a4ffe"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
73629
x-amz-cf-id
xWbHNo1VMkKv6XoNH2ZNKpYBBVtdqupmpf0rEc74o8t6MIxKkvXasA==
0114f3f6-c1ee-4bc1-be0f-b0696164da38_v1_5.png
massets.bonzai.co/ Frame 1874 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/0114f3f6-c1ee-4bc1-be0f-b0696164da38_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f0f89e19a036cf9ea714154fa886045476d6d52ad603032cdba66f00f31981

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:03 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
etag
"4c474771898f62f1eed66ab62cf910d1"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68932
x-amz-cf-id
h5oskW4teAGD5Cwb_WZXREFpgTTh2orBYz-h8aANdW9uiC7qc3HCmg==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zKQ2,pingTime:-2,time:1052,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:240,beZ:241,mfA:1253,cmA:1254,inA:1254,inZ:1255,prA:1255,prZ:1260,si:1263,poA:1263,poZ:1271,cmZ:1271,mfZ:1271,loA:1279,loZ:1281,ltA:1291,ltZ:1291,mdA:241,mdZ:1228%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.254,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1052,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1%7C1u2,idMap:1s*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1,newscorpau_multi_collection-3%5D,sinceFw:28,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zKQz,time:1085,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1085,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1123.578.300.250,am:i,cc:1123.578.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B71~100%5D,as:%5B71~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9838 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-86.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
content-encoding
gzip
age
191571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 af1ebb4ababebd1a1df1142680fed58a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MRS52-P1
content-type
application/javascript
x-amz-cf-id
izwpTkipu6FIekhIvXtgOFCCgcIdWft0Ly06dPYdiL6jgQtb5LlBZQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=4570579583&chanId=171638111&placementId=6108782785&pubCreative=138405670929&pubOrder=3080239808&cb=1200331253&custom=homepage&custom3=168400391&adsafe_par&impId=27a296c6-3b81-11ed-ae41-02aa41dfc264&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:fa8b0e0b-3653-0e54-bb23-9b372dbb36ea,c:p4zKQQ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5b8fc68f79-6vr9g,rg:sg,pt:1-5-15,wc:0.0.1600.1200,ac:436.4471.728.90,am:i,cc:436.4471.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:1084,mot:0,app:0,maw:0,fm:tiicnli+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1t1%7C1t2%7C1t3%7C1t4%7C1u*.10507%7C1u1%7C1u2,idMap:1u*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1096,oid:2a54e4e3-3b81-11ed-9b70-2e2a3fd879ce,v:19.8.352,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.222.109 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-222-109.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:07 GMT
x-server-name
app01.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=e57fb39b-a38e-47ef-5759-fe542cba001a&tv=%7Bc:p4zKR1,pingTime:-2.1,time:1376,type:a,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1060%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1376,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1060,wc:0.0.1600.1200,ac:436.4471.728.90,am:i,cc:436.4471.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B324~0%5D,as:%5B324~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s.930468%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t41%7C1u*.930468%7C1u1,idMap:1u.fa8b0e0b-3653-0e54-bb23-9b372dbb36ea.14_10507%7C1u*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1061,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:23,readyFired:true,sis:1246%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa8b0e0b-3653-0e54-bb23-9b372dbb36ea&tv=%7Bc:p4zKRd,pingTime:-2,time:1119,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:177,beZ:178,mfA:1262,cmA:1262,inA:1262,inZ:1263,prA:1263,prZ:1271,si:1274,poA:1274,poZ:1281,cmZ:1281,mfZ:1281,loA:1285,loZ:1286,ltA:1296,ltZ:1296,mdA:179,mdZ:1238%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1096%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1096,wc:0.0.1600.1200,ac:436.4471.728.90,am:i,cc:436.4471.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnli+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1t1%7C1t2%7C1t3%7C1t4%7C1u*.10507%7C1u1%7C1u2,idMap:1u*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:1096,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2,newscorpau_ads-168%5D,sinceFw:22,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame C272 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDh81vfaAhpe3jZJq6LRMTGwblf9aNTEq0z9EGwBjWSBDvqApxQJ-tE5-tb1PU6HcDMyp8okXVEOay3iNcELyp_ksQqo5OKpbdvGIH8_C9gi6d72LsPpKNamngJubY9zFiHcdQnTzeMRegnf8WJt_ButnYclv3UMKbqQytxLdO_dcALoV_Kbz7HP8rdjRwquREKMbQYCL0d-sPeT4scP1YU1wa_GM5xeN13Bogt0EVba35Xe5GcqM7xG_tgoccD8t_MgVNST-T1EZ9Un-6_FfQE3R32qtj0eTwjChLY_Tf1IWAepbyGvg66-B2XC6ka0e7NxyQKZUiHIwQ5cSIXFqYDaeZ2K2vkvI_bJbZT3ar6scLCnfQcBTqAJBzAtc1AQne84uRulofAtxpR7TLNHuGjjeQB8wrDgcK3iOu-PDoTVcd0BVIcPxdVBlZnrTsSH3Rph0j5czqo4hD5gGb1bNmU5BIJtbkprqaNPHdPIZfsqjFxk1nm_dmhWfWZC7RAucMYLiMMftNm8bM0-ZrDfShdTauHCCPD9WeIfBSG74ubo-NHzttCuzQXQCQdwpjyuxwvXotlbB7gZbJ8gdYQjB7g0PErfCubrWTvDpBOI7J4icwaMYMZmTw5X1cz10iqud6kwTONYQ-Ugcfs6R2AaqPUuxwJz5bJVeD1qbOsmtwVAFXVBSk5r7eiVzsgw-54NcVwKryGNdC1qAMcXvaVBsTSGE6XktqUpZv9kI6Nvp3X7BpgwJwHg0hFoLnFX0kyMzJTKolWOViKnOEnhLZzpBrDb2BRohwr43LWe1qK8Muv2THUHzZ1EPNAeiHvyTqRPwTiK_eP5gWdf6UTkjZ-LwD_jxTo1NfoaDSVPhXzFOGRR8ZM_2jzJEIR-MrQ3aVxXbx4hapYYFOcapI_6H1IMnC6E0k4BZKJLnwFq8yDtDQFTvm3qaQdAVIMnmk-z3cxSky6CcbdqV5mUdQjvWqUXPutCrFaCuRwrBD3pxmnj9BZZzxQ-AlHvm5nN6PdsGO9RcLcLs_fAR1QicizpenOjSnAvXTGZ0Yr3mECLoX_24EjCIU5DVny8fUTYOH_RUQMQy3ttzTTjGJvGnEJTUMYZNSDkziFCcKQG59V5Kdbra1kcVtLvqvlCcY6eoHX19Il-xeois4YalVkusuoUqgydyiWKPoHevUxzeUnyk6O1oJ9gkTaNQMkmdp3wj5W1uc72ZkSTDModa_agnP-AmmptZfDKYYe3iZ_uvgzXebnppcpz-zbbhCyMTt8iriGkzmsVtJBld3DsoumLpd9X0wk7Ex1EmxDrA_x0DnhaL5JEfHO6Iu&sai=AMfl-YQwosoCNn00DfIVQgCxoJTQlngJJcghwTF0cNElKWXQ16MBxld4St3Xb7nPynSvlOOObJdTs7j1ouNiwfMR0ksdpv0_4_vhUTaCUMP-WX_V7ZVMhWeX2ZRmDeWrOKmEdcfBY9A3g4Wvg73Q_IaucYNnkCRuP7qpQGFLfI1Uz0vDfsoxR4VYWIjzNicjuCw_FwRNzu5AMyNiZEDk7BtNjTeICdG4OV3OxjViXuS92riLC2JG&sig=Cg0ArKJSzPWziRh6lQpDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1851&vt=11&dtpt=1097&dett=3&cstd=751&cisv=r20220921.53588&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=db97064d096efd3ceffe895b18519778-1663966135
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa8b0e0b-3653-0e54-bb23-9b372dbb36ea&tv=%7Bc:p4zKS2,time:1170,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1170,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1096,wc:0.0.1600.1200,ac:436.4471.728.90,am:i,cc:436.4471.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B85~0%5D,as:%5B85~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tiicnli+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s1%7C1s2%7C1s3%7C1t1%7C1t2%7C1t3%7C1t4%7C1u*.10507%7C1u1%7C1u2,idMap:1u*,rmeas:1,rend:1,renddet:IMG.qs,siq:1096%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKVO,pingTime:-10,time:2030,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663966148032%7C%7C137b6de1087dd404cc152dbed2574b56%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cac5e03dfc969bb44c611b1e3baed2e24%7C%7C9cc8ab1817fc84503e286e74724001cf%7C%7C6d94cc0969e2584559ba87a90a585ae3%7C%7C7a0ba5c0ca62537740b9d00cb8d10807%7C%7C994e55487e46b66de5a502a68c7a46dc%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
eb61b020-a514-48dd-a21b-3b966d320d52_v1_5.png
massets.bonzai.co/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/eb61b020-a514-48dd-a21b-3b966d320d52_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1169fe5b930b6b6bf31748fd0b0483547d2820188ec5937cfa3ea7c341657f91

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:05 GMT
server
AmazonS3
age
1
etag
"bc19201ad3c14d2971a3d3881defb6f7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
19832
x-amz-cf-id
XHlYvCRSOLr497PJXG_dyWIvRci9IuRBLH2YpryS7FqHXaCPpBlTQw==
653d78f9-126c-4017-877c-492fe9f44c95_v1_5.png
massets.bonzai.co/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/653d78f9-126c-4017-877c-492fe9f44c95_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abd27c2f47afb62e0a30c8dae3eb539a61bfb95053e4e38d28a2dc3a02258ee8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:06 GMT
server
AmazonS3
age
1
etag
"5864972fb97acc40236fdabb56a2b9e3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
13819
x-amz-cf-id
0dY6vmoiv1XwollJlXJu-n4DUcg4naY3lucSx_LRmpVbJnipsMVxkQ==
aa4e7fef-9ed5-4897-8b84-4395a47ce3a8_v1_5.png
massets.bonzai.co/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/aa4e7fef-9ed5-4897-8b84-4395a47ce3a8_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8a48e17be417a84a539591e8d6305240f073db02dccf04b5278a598d6300679

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:04 GMT
server
AmazonS3
age
1
etag
"feedac7c6cfd8f2497bb82601a1a4ffe"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
73629
x-amz-cf-id
rFeuK4xlKH9zy_c5HIiXgMU23Mu7Kw90OCBaTnIevdT020C6yZV6JA==
0114f3f6-c1ee-4bc1-be0f-b0696164da38_v1_5.png
massets.bonzai.co/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/0114f3f6-c1ee-4bc1-be0f-b0696164da38_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-40.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f0f89e19a036cf9ea714154fa886045476d6d52ad603032cdba66f00f31981

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 23 Sep 2022 20:49:08 GMT
via
1.1 4c1bde06945511c934bfecb3b911c020.cloudfront.net (CloudFront)
last-modified
Wed, 21 Sep 2022 05:27:03 GMT
server
AmazonS3
age
1
etag
"4c474771898f62f1eed66ab62cf910d1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
68932
x-amz-cf-id
7A-s5Frna9PYtvAkEmg4uvq-5gdolbq-suMTjVSorynUnHmEk4PPUg==
1px.gif
dcollector.bonzai.co/ Frame 1874 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTY2MTQ4MDU4LCJmaSI6ZmFsc2UsInRrIjoiNDczY2VkY2FkNmZjNTcxMTY1YzBiZmZmOThkYjZkNTkiLCJhZCI6IjI2NjIwMzE1NTg0NzQyMDU0NDMiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY0MjY1NTI4ODQ4NTQyNzkiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIHJlYWR5LCAqIn0=&etc=0.06566176455468842
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.113 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:08:13 GMT
via
1.1 3ce5fe2903e47f603ef50d554e75dcb0.cloudfront.net (CloudFront)
etag
"28d6814f309ea289f847c69cf91194c6"
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
9656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
dk21bUwj8IptQpKk7wPQYhhhjoG6LCUyLvYj84d54rBhPO2ENo_u7g==
1px.gif
dcollector.bonzai.co/ Frame 1874 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTY2MTQ4MDgxLCJmaSI6ZmFsc2UsInRrIjoiNDczY2VkY2FkNmZjNTcxMTY1YzBiZmZmOThkYjZkNTkiLCJhZCI6IjI2NjIwMzE1NTg0NzQyMDU0NDMiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY0MjY1NTI4ODQ4NTQyNzkiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIHJlYWR5LCBkdHNNYWluIn0=&etc=0.9187890689702345
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.113 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:08:13 GMT
via
1.1 3ce5fe2903e47f603ef50d554e75dcb0.cloudfront.net (CloudFront)
etag
"28d6814f309ea289f847c69cf91194c6"
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
9656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
5Fcq8YSGhRNeVswZgk9exvGQGm0TqaSlodmzx8cDOK1ugpynuO2XWg==
1px.gif
dcollector.bonzai.co/ Frame 1874 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTY2MTQ4MDkzLCJmaSI6ZmFsc2UsInRrIjoiNDczY2VkY2FkNmZjNTcxMTY1YzBiZmZmOThkYjZkNTkiLCJhZCI6IjI2NjIwMzE1NTg0NzQyMDU0NDMiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY0MjY1NTI4ODQ4NTQyNzkiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGxvYWQsICoifQ==&etc=0.19673893305288015
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.113 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:08:13 GMT
via
1.1 3ce5fe2903e47f603ef50d554e75dcb0.cloudfront.net (CloudFront)
etag
"28d6814f309ea289f847c69cf91194c6"
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
9656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
PNWK1RBXtUTJ5CUm3U4fcO-EGlFaQ7TU9lRh6xctTgcGbw4G_6lWlA==
1px.gif
dcollector.bonzai.co/ Frame 1874 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6MCwiY3RzIjoxNjYzOTY2MTQ4MDk0LCJmaSI6ZmFsc2UsInRrIjoiNDczY2VkY2FkNmZjNTcxMTY1YzBiZmZmOThkYjZkNTkiLCJhZCI6IjI2NjIwMzE1NTg0NzQyMDU0NDMiLCJjbnQiOiJkaXYiLCJzbiI6IkRGUCAoUEcpIiwicGwiOiIyNjY0MjY1NTI4ODQ4NTQyNzkiLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGxvYWQsIGR0c01haW4ifQ==&etc=0.5252348627493519
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.113 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 18:08:13 GMT
via
1.1 3ce5fe2903e47f603ef50d554e75dcb0.cloudfront.net (CloudFront)
etag
"28d6814f309ea289f847c69cf91194c6"
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
age
9656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
SIN52-C2
accept-ranges
bytes
content-length
35
x-amz-cf-id
UEIzdotm3LT9jOGfAMJbsNXOJwWNf03HCajvT60S-hFBziqnsJuepw==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKWP,pingTime:1,time:2093,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2093,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1145~100%5D,as:%5B1145~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:893,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,sis:1170%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKWQ,pingTime:1,time:2094,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2094,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1146~100%5D,as:%5B1146~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:893,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,sis:1170%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKWQ,pingTime:1,time:2094,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2094,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1146~100%5D,as:%5B1146~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:893,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,sis:1170,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zKWR,pingTime:1,time:2095,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2095,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1147~100%5D,as:%5B1147~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:893,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,sis:1170,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=e57fb39b-a38e-47ef-5759-fe542cba001a&tv=%7Bc:p4zKXM,pingTime:-10,time:1795,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663966148032%7C%7C137b6de1087dd404cc152dbed2574b56%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cac5e03dfc969bb44c611b1e3baed2e24%7C%7C9cc8ab1817fc84503e286e74724001cf%7C%7C6d94cc0969e2584559ba87a90a585ae3%7C%7C7a0ba5c0ca62537740b9d00cb8d10807%7C%7C994e55487e46b66de5a502a68c7a46dc%7C%7C1663701684,sca:%7Bspg:b295b505-a36e-3354-1229-5044862b8174%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=fa8b0e0b-3653-0e54-bb23-9b372dbb36ea&tv=%7Bc:p4zKZt,pingTime:-10,time:1631,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663966148032%7C%7C137b6de1087dd404cc152dbed2574b56%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cac5e03dfc969bb44c611b1e3baed2e24%7C%7C9cc8ab1817fc84503e286e74724001cf%7C%7C6d94cc0969e2584559ba87a90a585ae3%7C%7C7a0ba5c0ca62537740b9d00cb8d10807%7C%7C994e55487e46b66de5a502a68c7a46dc%7C%7C1663701684,sca:%7Bspg:b295b505-a36e-3354-1229-5044862b8174%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 30A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGrQVHfGas8phfeqfNbd5RgjRvIKiBGj7QVL4RlZqDd-ao4XYEi7ok1toC4S-t6zN3Z_wRHiNq07VF1jUSNUivs66bbpsKBV0&sig=Cg0ArKJSzEb-C3g9wPQvEAE&id=lidar2&mcvt=1000&p=0,0,254,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=32&adk=2553263875&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663966145098&rpt=2195&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgFYwTA5AYuSalBMIgHiGRH-G9m2085ELqjmopuozq-7e1wzl4TKB-_3MIkElRJ61oxiZOTw-KTJgy059TEcm8EgXQnKkLEFg4XmiEQ_K4nJKXiMsF&sig=Cg0ArKJSzF0wwRIY6lmcEAE&id=lidar2&mcvt=1005&p=578,1123,828,1423&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220921&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2956706420&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663966145098&rpt=2191&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zL0f,pingTime:1,time:2005,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2005,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:518,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1s.cd56f8fd-59dd-63b9-6526-acc6c42b3586.19_10507%7C1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:976,sis:1172%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zL0g,pingTime:1,time:2006,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2006,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:518,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1s.cd56f8fd-59dd-63b9-6526-acc6c42b3586.19_10507%7C1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:976,sis:1172,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zL0g,pingTime:1,time:2006,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2006,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1039~100%5D,as:%5B1039~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:518,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1s.cd56f8fd-59dd-63b9-6526-acc6c42b3586.19_10507%7C1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:976,sis:1172,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generic1663647361901.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		482 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1663647361901.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ca2d0b308aadcf4c4b2cdfed9605be2da920cb5bb897515fe52dbf5e6c26db9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
HhLubpCf1meQtFIxNBHOr2Cy5Ooi6IZh
content-encoding
gzip
etag
"2a9535a9a8d52c0622bae0381d011e63"
age
318786
via
1.1 varnish
x-cache
HIT
vary
Accept-Encoding
content-length
87387
x-amz-id-2
CnraVirrSatmkjzo2WfbIR4nHPHM3Vm7yhwk3TEM8HQjYuGIRb5QK13Y+XLvvkRvqcjwd1zkRWQ=
x-served-by
cache-mel11269-MEL
last-modified
Tue, 20 Sep 2022 04:16:03 GMT
server
AmazonS3
x-timer
S1663966149.650358,VS0,VE0
date
Fri, 23 Sep 2022 20:49:08 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
73HVD3MEEFM6Z18B
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
178733
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
cafe /
Resource Hash
5f401a9a05aadc1f3cecb007dda67e900478bd19653aa067084ec76183c48c75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11273
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 351E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:08 GMT
server
Kestrel
server-processing-duration-in-ticks
1652938
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
document.63d552ab43.js
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027128/3374695/ Frame 30A0 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027128/3374695/document.63d552ab43.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6323fb72d500941092e24190?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss3Pgpz4IBboybHi5yFd4OIxEMRzbnXWPBNrKMInxazDg2JUiFqOgU0sqm-C-jmXuRxCGcHhvu19BvxX8ALXxso2-D3ECGsqmTVpWdS1s6CRMZJsI3zKFGfF-jRvUjH5_w-cTZqo9M6ib1oLrRUHls_55ZWgkdENkVpSqW2THAUkUEFv6_5S9LcCSirFMLvAPKo-b5iq2VtOEbtp2IbUVj99Ic2oZY%26sig%3DCg0ArKJSzPeSNMOdTJf8EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%2526sai%253DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%2526sig%253DCg0ArKJSzPtqRCmr4EYcEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=2761694113&domain=N1165332.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
80b4f5670de7971efa0bf0a2fcc5a5ec948bd5bc9f3608391be5e0202cbcb56e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Y9VSq0PNzUte9UCm7yHeQQ==
age
614239
cf-polished
origSize=21278
x-ms-lease-status
unlocked
last-modified
Fri, 16 Sep 2022 04:29:07 GMT
server
cloudflare
etag
W/"0x8DA979BFE64D394"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e928688c-d01e-0095-43f7-c90593000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
74f6252d2e5a5a5b-MEL
cf-bgj
minify
animated-creative.6b4eae78c0737926a617.js
c.bannerflow.net/scripts/ Frame 30A0 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.6b4eae78c0737926a617.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6323fb72d500941092e24190?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss3Pgpz4IBboybHi5yFd4OIxEMRzbnXWPBNrKMInxazDg2JUiFqOgU0sqm-C-jmXuRxCGcHhvu19BvxX8ALXxso2-D3ECGsqmTVpWdS1s6CRMZJsI3zKFGfF-jRvUjH5_w-cTZqo9M6ib1oLrRUHls_55ZWgkdENkVpSqW2THAUkUEFv6_5S9LcCSirFMLvAPKo-b5iq2VtOEbtp2IbUVj99Ic2oZY%26sig%3DCg0ArKJSzPeSNMOdTJf8EAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsvEjkYKCCF05DR4My57YmsX8XmI4Uoj2ErcijB-V3fiJxfRdLj_dSndt3UAO3MyFc6YJtr0l0MJ25iMcyuCBE9YtYmgW46s4s0NB106JNJi0y965_x3oOw2g7X7xJUegXLzUpsAtX_giDet6wUKhCrIUFOst1AJZe67QakLMkipQMfc6UuzbVxHEvOSO07P0Yb4Wdgn0E5-imMXhqD-zs1pAjcKrAl2n1sZr1I9eagg71eJ5Y71vZEAVeX8REO_x5eJ7gGYXoh1kJdYPasyrzudK2noSBT_TnT72lZjV2ZAYImFAHscUv94nW1K9A%2526sai%253DAMfl-YSrmokNYe3HIlupqpH14BH11lTp9r4TPwCKLCpuMgOAUnk79-6F5BHa9t4xOzp7p1MNgEeP8ziB7LisybLjuGqIK2YZIFMyU3MYhxDroJ-t5RCSTKvJYTiCj3mENQ%2526sig%253DCg0ArKJSzPtqRCmr4EYcEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=2761694113&domain=N1165332.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
08251b2c17040483e9691d8260601c039e4d5ae69971b3f21311f7823b468eb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
czwzjizkU3hiLxy6wbpuZw==
age
797443
cf-polished
origSize=147466
x-ms-lease-status
unlocked
last-modified
Wed, 14 Sep 2022 09:27:42 GMT
server
cloudflare
etag
W/"0x8DA96335FD1F55E"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4ce9b871-e01e-008e-174d-c83b90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
74f6252d2e5c5a5b-MEL
cf-bgj
minify
document.0b9da8275b.js
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027129/3374699/ Frame 69FE 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/published/3027129/3374699/document.0b9da8275b.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6323fb72d500941092e24195?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssp2WDEaJBrgXhhQ47EdeW88-BQxEm15ifTRLKzeVZLZh9lNsxBFfvhKRnbW4I1znB5XQ-zsST5NL1dy7c0kN3yO_lAf8xE3Ds_LhVg-OHBRvegCA1fk3feFXrFrzSzfPteIE6mIt6gmgxeAA6GCU5MdACsmQdTdRii1WVYbqiPYS3Zw0uodFJ-RamtVNqKDS4jQRrWk_pEpa_Hjiu7X7Es_nnN95I%26sig%3DCg0ArKJSzC7BvD3ctiepEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%2526sai%253DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%2526sig%253DCg0ArKJSzDIf9Siv8MGbEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=3778850382&domain=N1165332.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
44208ae4a04dd3cea520d684c85edac43509f6fb7b145172590bcb3041bc49d3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
C52oJ1tn2edYeiVBKIEG+Q==
age
614185
cf-polished
origSize=18941
x-ms-lease-status
unlocked
last-modified
Fri, 16 Sep 2022 04:29:06 GMT
server
cloudflare
etag
W/"0x8DA979BFE2781B5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7a7babe8-001e-0010-34f7-c9284e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
74f6252d3e605a5b-MEL
cf-bgj
minify
animated-creative.6b4eae78c0737926a617.js
c.bannerflow.net/scripts/ Frame 69FE 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.6b4eae78c0737926a617.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6323fb72d500941092e24195?did=5ced17d285b1c200019c3fe1&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssp2WDEaJBrgXhhQ47EdeW88-BQxEm15ifTRLKzeVZLZh9lNsxBFfvhKRnbW4I1znB5XQ-zsST5NL1dy7c0kN3yO_lAf8xE3Ds_LhVg-OHBRvegCA1fk3feFXrFrzSzfPteIE6mIt6gmgxeAA6GCU5MdACsmQdTdRii1WVYbqiPYS3Zw0uodFJ-RamtVNqKDS4jQRrWk_pEpa_Hjiu7X7Es_nnN95I%26sig%3DCg0ArKJSzC7BvD3ctiepEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssi-tbaakAOSMHZLtOxOSXK37nsJJ33npxPqpv6dzNK0eTU_J5YRIAh7BjT0Q41JAIHd2rUmEOTx7tyoiDW3xGoc6jRiISl11XBU4nlBe1CJFM5OhDrcv-uUmP5Y9ciWxEr6rPmAIBAJ0FDiUmbv6PeL6-XA58lpcoE07rFV9V8GvsFmsrcoZTRyp16EwcECGqftNlgIg1X6qH3a3rS_XAWQtTK-TJM8Gv3LIZGeC1Uh9MvTLNywaWmJ2mYJyhWRt6twkIPovM7I4KkCFvHSuvbnxppepCQMzBcToQDu1_F-LopEUPatsAZCmC1Og%2526sai%253DAMfl-YR6RxR-GMVA7AJ0uZv4yKqkSI3FpMhTXDPgc-rHS01cV7oinSrozICZNv1g_KMWTyvM_0pf-aWQn6c86MUvSzv0iXxfOhkGUtMungJ2jQYPuYvQtYfEK_kKFRCvbg%2526sig%253DCg0ArKJSzDIf9Siv8MGbEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&cb=3778850382&domain=N1165332.2810019NEWSCORPAUSTRALI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
08251b2c17040483e9691d8260601c039e4d5ae69971b3f21311f7823b468eb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
czwzjizkU3hiLxy6wbpuZw==
age
797443
cf-polished
origSize=147466
x-ms-lease-status
unlocked
last-modified
Wed, 14 Sep 2022 09:27:42 GMT
server
cloudflare
etag
W/"0x8DA96335FD1F55E"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4ce9b871-e01e-008e-174d-c83b90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
74f6252d3e635a5b-MEL
cf-bgj
minify
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zL5V,pingTime:1,time:2037,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2037,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:472,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.10507%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,sis:1209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zL5W,pingTime:1,time:2038,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2038,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:472,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.10507%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,sis:1209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zL5W,pingTime:1,time:2038,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2038,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:472,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.10507%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,sis:1209,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zL5W,pingTime:1,time:2038,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2038,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1024~100%5D,as:%5B1024~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:472,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.10507%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,sis:1209,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJIZXJhbGQgU3VuIHwgQnJlYWtpbmcgTmV3cyBhbmQgSGVhZGxpbmVzIGZyb20gTWVsYm91cm5lIGFuZCBWaWN0b3JpYSB8IEhlcmFsZCBTdW4iLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy5oZXJhbGRzdW4uY29tLmF1LyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzOTY2MTQ4ODQ0IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM2YzFjNzhlMjI2Ni0wNGVmOGFhNjdmZWVmNy02YjNmNTE1Mi0xZDRjMDAtMTgzNmMxYzc4ZTNmODYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtc3lkMSIsImFjY291bnRJZCI6IDEzMjIyMiwidXJsIjogImh0dHBzOi8vd3d3LmhlcmFsZHN1bi5jb20uYXUvIiwid2Vic2l0ZUlkIjogMTMyMjI0LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI5ZTJiLThjODEtMWY5NC0xMWFmLTE3YzUtNWRkNS1kMGFhLWFkYWQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2Mzk2NjE0ODg0MSIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAzNjM2LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjYzOTY2MTQ4ODQ0LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 -, , ASN (),
Reverse DNS
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-blue-xx32
date
Fri, 23 Sep 2022 20:49:09 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Sep 2022 20:49:08 GMT
truncated
/ Frame 30A0 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/webp
b5d1cdf6-f710-4b13-8ab1-81f83acf17b5
https://www.heraldsun.com.au/ Frame CFE8 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/b5d1cdf6-f710-4b13-8ab1-81f83acf17b5
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.6b4eae78c0737926a617.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
668
font
c.bannerflow.net/fs/api/v2/ Frame 30A0 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2Fa1458566-4e8f-4130-abf4-46d872f89411.woff&t=%20%27.0158GHRabeilmnoprsy
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a3a28f93d961cfbfd06862379ffb2a94c778b220c45a1b7bc2e4fa317b2d1dfc

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 16:57:35 GMT
server
cloudflare
age
2433094
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=a1458566-4e8f-4130-abf4-46d872f89411-subset.woff
cf-ray
74f625303c5f5a9c-MEL
expires
Sat, 26 Aug 2023 16:57:35 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zLaB,pingTime:-10,time:2327,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663966148032%7C%7C137b6de1087dd404cc152dbed2574b56%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cac5e03dfc969bb44c611b1e3baed2e24%7C%7C9cc8ab1817fc84503e286e74724001cf%7C%7C6d94cc0969e2584559ba87a90a585ae3%7C%7C7a0ba5c0ca62537740b9d00cb8d10807%7C%7C994e55487e46b66de5a502a68c7a46dc%7C%7C1663701684,sca:%7Bspg:b295b505-a36e-3354-1229-5044862b8174%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:09 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zLaC,pingTime:-10,time:2648,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663966148032%7C%7C137b6de1087dd404cc152dbed2574b56%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cac5e03dfc969bb44c611b1e3baed2e24%7C%7C9cc8ab1817fc84503e286e74724001cf%7C%7C6d94cc0969e2584559ba87a90a585ae3%7C%7C7a0ba5c0ca62537740b9d00cb8d10807%7C%7C994e55487e46b66de5a502a68c7a46dc%7C%7C1663701684,sca:%7Bspg:b295b505-a36e-3354-1229-5044862b8174%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:09 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame 69FE 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/webp
8eef315c-285d-4900-b0e9-bc4c50ecff6d
https://www.heraldsun.com.au/ Frame 9CFB 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://www.heraldsun.com.au/8eef315c-285d-4900-b0e9-bc4c50ecff6d
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.6b4eae78c0737926a617.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
668
font
c.bannerflow.net/fs/api/v2/ Frame 69FE 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2Fa1458566-4e8f-4130-abf4-46d872f89411.woff&t=%20%27.0158GHRabeilmnoprsy
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a3a28f93d961cfbfd06862379ffb2a94c778b220c45a1b7bc2e4fa317b2d1dfc

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 16:57:35 GMT
server
cloudflare
age
2433094
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=a1458566-4e8f-4130-abf4-46d872f89411-subset.woff
cf-ray
74f625303c615a9c-MEL
expires
Sat, 26 Aug 2023 16:57:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21D0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
395094
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 07:04:15 GMT
expires
Tue, 19 Sep 2023 07:04:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6CFC 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f147.1e100.net
Software
GSE /
Resource Hash
bee2515486a37601214d11697ca6a851e130ca23de7254fe4842d8522d95cde6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mpiLA9P16Wq8-LR3j-6u3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-mpiLA9P16Wq8-LR3j-6u3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Sep 2022 20:49:09 GMT
expires
Fri, 23 Sep 2022 20:49:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 351E 		460 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=heraldsun.com.au&sn=ChromeSyncframe&so=0&topUrl=www.heraldsun.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4372e551f08e67e5190c9812201cd26dd180d2de126e9cf5fc5555cc0af63235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.heraldsun.com.au
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:08 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
766988
strict-transport-security
max-age=31536000; preload;
expires
0
font
c.bannerflow.net/fs/api/v2/ Frame 69FE 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2F8c9124e0-8484-4ea5-a8a2-6fc4baba78fa.woff&t=ACFGINOPRST
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3ecdafd419ef22d7ec5a0049d169b2424362fc96e6f25b5a15a8277ffe334497

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 18:11:51 GMT
server
cloudflare
age
614238
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8c9124e0-8484-4ea5-a8a2-6fc4baba78fa-subset.woff
cf-ray
74f62530ece55a9c-MEL
expires
Sat, 16 Sep 2023 18:11:51 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 30A0 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F56b98d041daefa24141e6f8b%2F8c9124e0-8484-4ea5-a8a2-6fc4baba78fa.woff&t=ACFGINOPRST
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3ecdafd419ef22d7ec5a0049d169b2424362fc96e6f25b5a15a8277ffe334497

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Sep 2022 18:11:51 GMT
server
cloudflare
age
614238
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8c9124e0-8484-4ea5-a8a2-6fc4baba78fa-subset.woff
cf-ray
74f62530fcea5a9c-MEL
expires
Sat, 16 Sep 2023 18:11:51 GMT
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame 21D0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 22:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 22:01:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6CFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=1324990103670617&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
optimize
c.bannerflow.net/io/api/image/ Frame 0509 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fimages%2F1ead3191-5e2f-4843-92e4-c18604924ca4.png&w=237&h=182&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2d10aa7f5de7fbddabd0b72139d2a725cdf8121b29752b0093bab60122aec2c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 20:56:00 GMT
api-supported-versions
2.0
age
85989
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
74f62531ba9e5a5b-MEL
content-length
9176
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
50ee887b-1a55-4944-8809-4bb447c83fe5.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/ Frame 0509 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/50ee887b-1a55-4944-8809-4bb447c83fe5.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
002ead933c272b068d77ce515000fe0a2287afc64284388514a533142deb2a96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
ufcXa0C94y/wkiMdmlKRuQ==
age
3013
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 07:49:28 GMT
server
cloudflare
etag
W/"0x8DA96EED1A403D4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cf7c3318-301e-0079-3cf7-c91102000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
74f62531baa25a5b-MEL
03ab25e9-28ba-4847-a09a-b1bd5398bfef.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/ Frame 0509 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/03ab25e9-28ba-4847-a09a-b1bd5398bfef.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
48d6d229654db5d1e2c380695afeec06765adb06ca1eb4433550367255f20600

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
6O+Li4yjtlZIAZln8J6fJw==
age
4725
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 07:24:28 GMT
server
cloudflare
etag
W/"0x8DA96EB5359A971"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
078f41db-001e-0062-34f7-c92f01000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
74f62531baa45a5b-MEL
a579b482-a29d-4fb5-91e5-21728309abe8.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/ Frame 0509 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/a579b482-a29d-4fb5-91e5-21728309abe8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
728b98498438842357d8f16c79852b806f5c5f1caf860baeba4e9db439f6f424

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
ltV4UFrmGT6cCmt/IGLZHw==
age
4733
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 07:40:06 GMT
server
cloudflare
etag
W/"0x8DA96ED82A70E53"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
170cad1a-e01e-0027-29f7-c9fae2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
74f62531baa65a5b-MEL
03ab25e9-28ba-4847-a09a-b1bd5398bfef.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/ Frame BC42 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/03ab25e9-28ba-4847-a09a-b1bd5398bfef.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.6b4eae78c0737926a617.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
48d6d229654db5d1e2c380695afeec06765adb06ca1eb4433550367255f20600

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
6O+Li4yjtlZIAZln8J6fJw==
age
4725
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 07:24:28 GMT
server
cloudflare
etag
W/"0x8DA96EB5359A971"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
078f41db-001e-0062-34f7-c92f01000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
74f62531cab85a5b-MEL
a579b482-a29d-4fb5-91e5-21728309abe8.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/ Frame BC42 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/a579b482-a29d-4fb5-91e5-21728309abe8.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.6b4eae78c0737926a617.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
728b98498438842357d8f16c79852b806f5c5f1caf860baeba4e9db439f6f424

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
ltV4UFrmGT6cCmt/IGLZHw==
age
4733
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 07:40:06 GMT
server
cloudflare
etag
W/"0x8DA96ED82A70E53"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
170cad1a-e01e-0027-29f7-c9fae2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
74f62531caba5a5b-MEL
optimize
c.bannerflow.net/io/api/image/ Frame BC42 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Ftabcorp%2F57693bd09db2141338c63aba%2Fimages%2F1ead3191-5e2f-4843-92e4-c18604924ca4.png&w=340&h=340&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c7221ffa3da444e473cdb65c88faea0453238b68981fc448a5ff0e2de40757bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 20:55:41 GMT
api-supported-versions
2.0
age
86008
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
74f62531dabe5a5b-MEL
content-length
21740
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
08bace25-7b50-4a60-b733-b476e0f67105.svg
c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/ Frame BC42 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/tabcorp/57693bd09db2141338c63aba/images/08bace25-7b50-4a60-b733-b476e0f67105.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.13.64 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a81ebee20fbc247287cef125a84815c2aa1604bc94e1e4cc70f4e5b64299a439

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 23 Sep 2022 20:49:09 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
tErnlkMQj11m5dgtHiFwzg==
age
4675
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 07:49:28 GMT
server
cloudflare
etag
W/"0x8DA96EED17640F6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d96e28cd-001e-0000-2ef7-c9ed26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
74f62531dac05a5b-MEL
generate_204
tpc.googlesyndication.com/ Frame 21D0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FfKKIg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 20:49:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=1324990103670617&bg=!h4SlhMDNAAYIxsuQKMY7ACkAdvg8Wnk3oqdxASNw4GXOvLOiu0M9AUcYhBqq8MQpzGw57u9ZqVMKmgIAAAB3UgAAAAJoAQeZAqWklCQpj6zmvZppGaDxS0HeSo0qBVwxlsEibQRuwBeQIsi3Jo98znlt42tn8_bk26-g5G-Nunw5-FW8gXL38G2Wmh88wy1sPkpXmsFIfN8Silo-hNAyVj3r7ZC45KwxQ-hpmlAdbkU_sYLcefrr4xCwbrLe197QUXiqCJy26o50va6AZguG-AfF4FikV9EeYg7023P4ecNlMBHyJl0U5TZsRRHk-2BkmKpAnOYhRoTSgVCVhIK_ApXEvFlCsIar_5V0WZjIKq3k1BaTb6DqLQ_iyd8kf_KBuFPXvtyOGIq-nEG-Q4CiPxZGXUSuXKMs872o8dWIIkdI0hKDdNvXcIdF4kivNItsaIBexCabgwNragu2paTPV0maK3ImEPgKFLUYi3j22FdTdl3S2NF6qmBhGJvCQ0PT_h9xn-vqo7ReIKk8iLXSJAZMLosOy1uzrHsR0d1SW0ioKe8qk6hs-Rl_GU8j-pAnPW7A6UBChVzNKTRGxFu-IoQouU-RoCIov501f2Grz5LJ4t51xbAF_AJye2izW52-W5tzjrUcLFzfe3WbbnPKlC7REQQOK60kzxUCvx8oSTzp5lu4lYq3L335Ml_SLgGEZoLNSCu_eVVHsUOKJRWj4IuujuORHF-38kKnaK0Mdvvn8c0VMbY5HW0-D_6TqUX81bvagNXqKKvIjyjAQqyWfW1rUNDUuQ0l8xEWyzpO7lgPVPah1N2mtK7z_PdiTtuSwAIL89UulbtEJ1HsfO9CkOS7hOA7XWZiYUKbfsLQ5Xh5Rs9tKr1cTAdt5ObAxUvg5VAnIquODA0RoU7S7prNTUUM25_DVvsGkCbJXkmjnUdXODZEwa1ppnjrQo5Bndx-TzBox2f_meSUq1Vu4qSQsGDa6Bvn5hQN6oNeM_FdNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zLYL,pingTime:5,time:6057,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6057,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5109~100%5D,as:%5B5109~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:301,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,sis:1170%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:12 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b295b505-a36e-3354-1229-5044862b8174&tv=%7Bc:p4zLYL,pingTime:5,time:6057,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:970%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6057,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:970,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5109~100%5D,as:%5B5109~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:301,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r*.10507%7C1r1%7C1s.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1r*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:972,sis:1170%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:12 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930468&asId=5166262a-718a-1ae5-acef-cf7595196252&tv=%7Bc:p4zM2M,pingTime:5,time:6006,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:976%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6006,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:976,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5039~100%5D,as:%5B5039~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:299,fm:tiicnbc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r.10507%7C1r1%7C1r2%7C1s*.930468%7C1s1%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.930468%7C1u1,idMap:1s.cd56f8fd-59dd-63b9-6526-acc6c42b3586.19_10507%7C1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:976,sis:1172%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:12 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zM8r,pingTime:5,time:6037,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6037,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5022~100%5D,as:%5B5022~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:301,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.10507%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,sis:1209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:12 GMT
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=cd56f8fd-59dd-63b9-6526-acc6c42b3586&tv=%7Bc:p4zM8s,pingTime:5,time:6038,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:1023%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6038,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1023,wc:0.0.1600.1200,ac:1117.624.300.250,am:i,cc:1117.624.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5023~100%5D,as:%5B5023~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:301,fm:tiicnlc+11%7C12%7C13%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c11%7C1c12%7C1c13%7C1d%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m1%7C1m2%7C1m3%7C1n1%7C1o%7C1p%7C1q%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1s2%7C1t1%7C1t2%7C1t3%7C1t4%7C1u.10507%7C1u1%7C1u2,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:1024,sis:1209%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.94.67.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Sep 2022 20:49:12 GMT
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/2970e271
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/1McDhLIVMB
Domain
cookie-matching.mediarithmics.com
URL
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAjpNjXUszOJC8wrFrAKz6E&google_cver=1
Domain
lbs.eu-1-id5-sync.com
URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Domain
syd-1-apex.go.sonobi.com
URL
https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2247161b2b280b28%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2254c57af34e86a4%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%226b74a1914f8343%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%227536c4750e319a%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=7c0b14bc-6c09-48dc-871e-c6262a3a2948&pv=255210cd-a703-4716-b724-16e6f8043d79&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0

Verdicts & Comments Add Verdict or Comment

322 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| _taboola object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr function| toggleShowMore object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter undefined| $ function| jQuery function| admiral object| googletag number| taboola_view_id function| loadjs boolean| isLoadedIndiesJs function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| COMSCORE function| udm_ object| ns_p object| placementData string| nam object| __AMP_LOG object| __AMP_MODE function| AmpStoryPlayer function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise object| lazySizes object| ads_api object| vidora function| vidoraTrackExtraElements object| vidoraHelper function| 4dm1r11545242527 object| app object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| nb undefined| rea_site_short string| site_short string| pathname string| loc object| theseAddresses object| notTheseAddresses object| nrm_sites object| auth object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| vidora_ns object| m string| urhehlevkedkilrobacf object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| KAMPYLE_EMBED function| setImmediate function| clearImmediate object| ID5 object| npt object| metrics object| mready object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts number| interval function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ads_core object| ads_extra string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET number| AMAZON_APS_TIMEOUT object| kw_ignore object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId function| pbjsChunk object| _pbjsGlobals object| apsUnits object| nca_ipsos object| dm object| brandmetrics function| __assign object| ggeac function| __spreadArrays object| _brandmetrics boolean| isAlloyConfigured boolean| isFetchedIndies function| parcelRequire boolean| apstagLOADED object| atsenvelopemodule object| ats function| GeaLoader function| omrhp object| $jscomp function| $jscomp$lookupPolyfilledValue object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData object| diagPixSentCodes object| __iasAdRefreshConfig function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents boolean| DotMetricsInitScript object| DotMetricsSettings undefined| google_measure_js_timing object| Criteo boolean| hasApsUnits object| ads_ready object| DotmetricsJSON object| CryptoJS object| DotMetricsObj object| UrlCache object| SUBSCRIPTIONS object| SWG string| s_tnt function| cookieWrite function| cookieRead string| g string| f0 object| s_i_newscorpau-hsweb_newscorpau-global undefined| oneTagObj function| ebDecode object| bsResponseObj object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| googDdmPs

169 Cookies

Domain/Path Name / Value
.taboola.com/newscorpau-aud-heraldsun/ Name: taboola_session_id
Value: v2_0187430f440626e7c69534603c810d5a_e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139_1663966137_1663966137_CIi3jgYQgPNHGOSY8eC2MCABKAEwEDiu_QZA9YUQSP3L1wNQ8poCWABgAGjepu6WpPzt-8sBcAE
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: db97064d096efd3ceffe895b18519778
.heraldsun.com.au/ Name: nk
Value: db97064d096efd3ceffe895b18519778
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1663966135
www.heraldsun.com.au/ Name: lux_uid
Value: 166396613692286414
www.heraldsun.com.au/ Name: _tb_sess_r
Value:
www.heraldsun.com.au/ Name: _tb_t_ppg
Value: https%3A//www.heraldsun.com.au/
.taboola.com/ Name: t_gid
Value: e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
www.heraldsun.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
.scorecardresearch.com/ Name: UID
Value: 18A6285eb4707bf5a16691c1663966137
.heraldsun.com.au/ Name: bm_sv
Value: B27B0BAA27D7B508394502C9B0DB8865~YAAQ1nUyF6EA72GDAQAAak4cbBH01ThcR/dc3peXG+jr0eIsxtUEnkqxac+Pd/JheSRfwcypPjRFq0JP5dEBVbM1XTHoBHiexh9nFit28q+pJlPpYMoJzC/GC9YhztTM5OCao7kvd0CGSKarTSswsZGIlapuWGwOOKdXYoF3SI0h1Pnh+WLgZoQeW6xsZTDhI4z9NwBcfWfjaOj0GEa7sWRTEXADZp4ydWf0Cr5tsBKWWJpehi3ctWkEvdeQa4ESLR7/3U6k~1
.heraldsun.com.au/ Name: utag_main
Value: v_id:01836c1c50d00066b999a46818e003074001d06c00b08$_sn:1$_se:1$_ss:1$_st:1663967938577$ses_id:1663966138577%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.903526268679602
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3A25a05d40-3b81-11ed-8fc2-b5f7e5f4c186.Ke34liyemceXxW8Yp%2B1c5VfM9nRdlYe4kxbHBlMaFDY
.heraldsun.com.au/ Name: _ncid
Value: a44ed66ffff785807d1d384e187b416b
.heraldsun.com.au/ Name: metrics_pcsid
Value: not%20set
.heraldsun.com.au/ Name: _cb
Value: 3TP6hKqGfWDP7R3J
.heraldsun.com.au/ Name: _chartbeat2
Value: .1663966139179.1663966139179.1.BFB7JiBxw5vwBVVwJMfbfUUuDrG1.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: 600625e9-a975-4cc4-8bae-7ec1ea54371b.1663966139.1.1663966140.1663966139.d5dc3e3d-63b1-427f-a028-ccecce049cff
.heraldsun.com.au/ Name: _awl
Value: 3.1663966139.0.5-83e6c3a62f168e87108268577aa98a17-6763652d617369612d6561737431-0
.doubleclick.net/ Name: IDE
Value: AHWqTUkXwse2mDqZVhjaE_dzVQ5IJWpECYQVVcXvu4n9mVUKzUKIjQ4LVT9XtunfZ-U
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1663966140041.631870787
www.heraldsun.com.au/ Name: vidoraUserId
Value: a95im08i514bs81unobmtqudmnkafo
.heraldsun.com.au/ Name: nol_fpid
Value: 7lmv6i3imzcgxvnth7h1cvxxvo8tv1663966140|1663966140121|1663966140121|1663966140121
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: AWSALB
Value: 85F64TTwF/PSe012uNa34bbznWpmm865oWQeglXvj5S+q8srIpjOyEsGFs6Q3Zc4tG68P+LQRLJRTWvi39wj78lJ2qtT1M10iaNvTVq3yVyWk9GzkLNsbs96Cny9
.heraldsun.com.au/ Name: ak_bmsc
Value: DDBF4C3D8D518232A6D5F7417F89ED8C~000000000000000000000000000000~YAAQ1nUyF+AA72GDAQAAzFYcbBF18ZbOxstuFBiUHAUNwt6qqpZfAcGOznJH5gRErZ8arb9FIX9dV3LZZei6tZNWPx5kT5+mFmCwU8HtFnl9OyccT1Z8c0/Jr7wGyOnlY4zwptqT05Mv1zw06pVlqcCF2TFqzKJiDalMKxp4lNFKUiFseDhrmOLfPdYHdTeI9zCvEaYP1DQQhqjFekMlASWUghvRPMPZx0nv+vX821J+FvbzuyY0Ra8Lk4pcGU2kHTOa/XcqnuE7bsL2p3t1iwQo09p2BYi4VCnPQYtBfi5YPKgAY/nuypoLVrulkPwBiUjQy1Edg9ZsWDQqw8uOSaM+6+JHUU6C+GQXywUJoHDRWF/fcXAAovc9M6gSsDAxdiQ2iuIjAXMlvDdaGNlNQrGNEgZ6Ucvb+EeJ+2yHDrgo1Ki8/QbFaCQ9yTOP0CtYjINIz1tv8JEWKEEkJ1m6LriYhHAg/loa1fiHUGD0tikUWPVY/boUvKuUFlw+5AXSaaz0
www.heraldsun.com.au/ Name: AWSALBCORS
Value: 85F64TTwF/PSe012uNa34bbznWpmm865oWQeglXvj5S+q8srIpjOyEsGFs6Q3Zc4tG68P+LQRLJRTWvi39wj78lJ2qtT1M10iaNvTVq3yVyWk9GzkLNsbs96Cny9
.adsrvr.org/ Name: TDID
Value: 548033b2-aa44-4d80-8e92-adbc87e96a0f
.demdex.net/ Name: demdex
Value: 22318271791660588513733439796371681451
.newscgp.com/ Name: sp
Value: bd25ba71-aaf5-4312-8da6-b1813e55c4d9
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=acb5db4f-e9c9-4d0e-a933-fa034e40e0e1&Created=09/23/2022 20:49:00&UserMode=0&guid=ac76c924-ae26-4c53-9604-404a531f40d3&ver=1
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.criteo.com/ Name: uid
Value: dd5aed95-24f1-4ccd-aa7e-c85c5031fbf0
www.heraldsun.com.au/ Name: DM_SitId1557
Value: true
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: true
www.heraldsun.com.au/ Name: DM_SitIdT1557
Value: true
www.heraldsun.com.au/ Name: DM_SitId1557SecIdT13062
Value: true
.lijit.com/ Name: ljt_reader
Value: FXbhCQZHhs33o0-XTPCUwR9g
.contextweb.com/ Name: V
Value: CUp02mrbZBaM
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g9r|5Ql.0.e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4190a22118bca5bd
.imrworldwide.com/ Name: IMRID
Value: 26ee12f0-3b81-11ed-a03c-496064936ef3
.openx.net/ Name: i
Value: 73ebdc05-b216-4304-8527-80c57c364b40|1663966140
.smartadserver.com/ Name: pid
Value: 352463850108838176
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: EbyCIezw1xpfFrr+mdCLSh4YwxBicDxuBNq9FWLf0qV0fT5soqRMaU9WBrqSL5Oswz8rDvUYlvHayt+TJiXXLGcc/S6p8CH+S73BsRbOZ0jpN61JlskrfDEN5cUP
.lijit.com/ Name: _ljtrtb_42
Value: e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139
.bidswitch.net/ Name: tuuid
Value: c985f782-8280-47d2-bac8-cf55a10d334d
.bidswitch.net/ Name: c
Value: 1663966140
ads.playground.xyz/ Name: connect.sid
Value: s%3AvJtGh8VNxK6Z1-bNtVOYDCpXJyHP_orH.zo6WJ1MHHIz%2BsM1GTXYEtrpxlA1x2lbQ4R8g69TgZ18
.3lift.com/ Name: tluid
Value: 4144066453853904283345
.adnxs.com/ Name: icu
Value: ChgIzrIrEAoYASABKAEwvbe4mQY4AUABSAEQvbe4mQYYAA..
.adnxs.com/ Name: uuid2
Value: 7832201268429598831
.rubiconproject.com/ Name: khaos
Value: L8EYH7QT-1K-7IT4
mfad.inskinad.com/ Name: azk
Value: ue1-4e0da05aaffe403a81bc2c5f8d5bb64e
mfad.inskinad.com/ Name: azk-ss
Value: true
.bidswitch.net/ Name: tuuid_lu
Value: 1663966141
.heraldsun.com.au/ Name: s_ecid
Value: MCMID%7C22297125268877538493731050814935474609
.omnitagjs.com/ Name: ayl_visitor
Value: 4a6d39e664ef2851caa144cd46ad2664
.heraldsun.com.au/ Name: s_nr30
Value: 1663966142068-New
.heraldsun.com.au/ Name: s_gdslv
Value: 1663966142069
.heraldsun.com.au/ Name: s_gdslv_s
Value: First%20Visit
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: tp
Value: 12601
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C10%2C10%2C1200
.heraldsun.com.au/ Name: s_cc
Value: true
.adx.opera.com/ Name: UID
Value: b794632e604a4fab98538d3a2c97c248
.mfadsrvr.com/ Name: tuuid
Value: 45f750ba-c62e-4cb4-a687-e5e7a2fbf75a
.mfadsrvr.com/ Name: c
Value: 1663966141
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0183658d-9df2-48d0-5c7d-3b33588bc485.P8Ms1Qgut84uENUkeEW8nwtJ2SWyILzgiWq3oZbuSVE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AAYNljZ3ySNBcfTszWIvEhWfR_nE.GM0AxwqMw0iQfRcPCTKXQQ9YQCcQquQ69HhXeasvgb4
.ad-m.asia/ Name: uid
Value: 1O8oVV99LjJ
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 22318271791660588513733439796371681451
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuC960_004c3mC960_
.serving-sys.com/ Name: G4
Value: 0009fM00I6_
.serving-sys.com/ Name: OT2
Value: 0001DC1rfk
.serving-sys.com/ Name: u2
Value: 484bb679-037b-4136-bc05-56f74d4ec77a4IW050
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yy4bvgAAAGu2cgN1
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663966142
.mfadsrvr.com/ Name: ssh
Value: !taboola,1663966142
.dpm.demdex.net/ Name: dpm
Value: 22318271791660588513733439796371681451
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiYyMjI5NzEyNTI2ODg3NzUzODQ5MzczMTA1MDgxNDkzNTQ3NDYwOVIOCIbA8eC2MBgBKgNPUjLwAYbA8eC2MA==
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: or2
.turn.com/ Name: uid
Value: 3804033771104967681
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19259%7CMCMID%7C22297125268877538493731050814935474609%7CMCAAMLH-1664570942%7C9%7CMCAAMB-1664570942%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C-575207172%7CMCOPTOUT-1663973342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19266%7CvVersion%7C5.1.1
.mathtag.com/ Name: uuid
Value: 9477632e-1bbf-4600-a4ff-e5ca42238bf3
.mookie1.com/ Name: id
Value: 10522238326652769851
.mookie1.com/ Name: mdata
Value: 1|10522238326652769851|1663966143062
.mookie1.com/ Name: ov
Value: 6de5cd5d922cc5cd0bd3549a72ebd074
.casalemedia.com/ Name: CMID
Value: Yy4bv5rZ8KR3-QQTMKfd.QAA
.casalemedia.com/ Name: CMPS
Value: 5327
.casalemedia.com/ Name: CMPRO
Value: 5327
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.120144954.1663966143
.t.co/ Name: muc_ads
Value: 252c77d3-f267-47a8-a209-9cb8cd906ace
.eyeota.net/ Name: mako_uid
Value: 1836c1c6453-489e0000010841b0
.eyeota.net/ Name: SERVERID
Value: 16816~DM
.twitter.com/ Name: personalization_id
Value: "v1_uZNvpJiQQJDSvzGSA2nYOw=="
.scanscout.com/ Name: uid
Value: CI-ce38edefc6ba2689863bbae31ee7f199
.scanscout.com/ Name: UIAA
Value: 22318271791660588513733439796371681451
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1663966143659"
.linkedin.com/ Name: li_sugr
Value: 8ef6af1a-570e-435d-9eac-dc7f4c79b7e5
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&527937cb-e4f6-4006-881e-c10433b7b99f"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2484:u=1:x=1:i=1663966143:t=1664052543:v=2:sig=AQE4F3s81X6gOtH765OEnu3Zg8hZ9Q5J"
.admatrix.jp/ Name: uid
Value: 183f644c-3d77-4e85-aaaf-6b029e8bb15a
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Yy4bvgAAAGu2cgN1&KRTB&22978-Yy4bvgAAAGu2cgN1&KRTB&23194-Yy4bvgAAAGu2cgN1&KRTB&23209-Yy4bvgAAAGu2cgN1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.demdex.net/ Name: dextp
Value: 358-1-1663966142092|470-1-1663966142193|481-1-1663966142295|771-1-1663966142396|903-1-1663966142569|19566-1-1663966142670|23728-1-1663966142771|30432-1-1663966142872|30064-1-1663966142973|66757-1-1663966143074|134096-1-1663966143175|144230-1-1663966143276|144231-1-1663966143377|144232-1-1663966143477|144233-1-1663966143578|144234-1-1663966143679|144235-1-1663966143779|144236-1-1663966143880|144237-1-1663966143981|147592-1-1663966144082|461447-1-1663966144183
.linkedin.com/ Name: UserMatchHistory
Value: AQIJL-rpTCDbxgAAAYNsHGYmH1QDeVOLo8MKDJrjFlXO8xcMvebR_isDD5YniUlPgCJeM3O0QJekKw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKRslMTqfbZnAAAAYNsHGYmI1vVMP_69JkHEp-Ad3o2_sdtD58NBdcaWY35M8p73Yx2iPHb-4g3EdCrey3rwQ
.yahoo.com/ Name: A3
Value: d=AQABBMAbLmMCEOwgOnGiwfRVJ3vIUW8FF-AFEgEBAQFtL2M3YwAAAAAA_eMAAA&S=AQAAAhoXNqgpLZbEwkZbXmMmKyE
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220923204904b2eb9102-6e50-4cc3-8213-78d577aae6b4AQEV0YH8pqsKb6xKKmp1NgXBWRMN-JuJ"
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.ads.pubmatic.com/ Name: KCCH
Value: YES
.spotxchange.com/ Name: audience
Value: 2934737a-3b81-11ed-91a9-11ae77110307
.krxd.net/ Name: _kuid_
Value: PGMqnqRv
.adform.net/ Name: C
Value: 1
.id5-sync.com/ Name: id5
Value: 9f05d9d2-d428-4199-811b-b1bbbee25a71#1663966141520#3
.heraldsun.com.au/ Name: __gads
Value: ID=461a493b86d24319:T=1663966144:S=ALNI_MZWHRn3DWZ78yIpP-LoEAC3ypVC0w
.heraldsun.com.au/ Name: __gpi
Value: UID=000009dbdd927f95:T=1663966144:RT=1663966144:S=ALNI_MbnG33PoMvnqA4Exc3uM2ekbC8T9Q
.adform.net/ Name: uid
Value: 2853615921117379872
.adsymptotic.com/ Name: U
Value: 3596eecbfb89397bf55fd2d5bb7f9f84
.pubmatic.com/ Name: KADUSERCOOKIE
Value: BE814DD2-8AF9-45EA-8C3B-F27446E2F4EB
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158393:2
.pubmatic.com/ Name: DPSync3
Value: 1665100800%3A201_197%7C1664496000%3A164%7C1663977600%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1665100800%3A21_13_7_220_22_54_8_71%7C1664755200%3A63%7C1664496000%3A223
.brand-display.com/ Name: _knxq_
Value: 57144d72-364d-6eb6-81ef3970.1663966145.0.1663966145.1663966145
.google.com/ Name: NID
Value: 511=DOnSLOPIFEnBk-khQGgms23pRkV9cvtxQ90mtZ4js2EXUjXAjXBTPUEd_bhwrbkbHjpdJPCRrWhmvp9LeMkUOglHHS9H9GKgpAzXi67kmGjhW2s4M2y4gAmYxK0q9weJJcAgf3p8ZBdNzNoTNp_D-zi3S-Y7HbT2YWPyJNXKXc4
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~27bw:175w~27bw:18z8~27bw"
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsIjMe4zOLrjjsQBRIVCgZnb29nbGUSCwiikP3O4uuOOxAFEhYKB3J1Ymljb24SCwjyqObk4uuOOxAFEhkKCnJpZ2h0bWVkaWESCwjE6Z_b4uuOOxAFEhUKBmNhc2FsZRILCNCGl9Pi6447EAUSFwoIcHVibWF0aWMSCwjq3ODj4uuOOxAFGAEgAigCMgsI6tTjkPnrjjsQBTgBWghwdWJtYXRpY2AC
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-548033b2-aa44-4d80-8e92-adbc87e96a0f&KRTB&22918-548033b2-aa44-4d80-8e92-adbc87e96a0f&KRTB&23031-548033b2-aa44-4d80-8e92-adbc87e96a0f
.pubmatic.com/ Name: PugT
Value: 1663966145
.simpli.fi/ Name: suid
Value: 53BE16FACAE44F778F8CBED772FECD44
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&KRTB&16736-uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&KRTB&23019-uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3&KRTB&23208-uid:9477632e-1bbf-4600-a4ff-e5ca42238bf3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEA2GdkvL133OTv-lTQz8fXc&KRTB&16514-CAESEA2GdkvL133OTv-lTQz8fXc&KRTB&23025-CAESEA2GdkvL133OTv-lTQz8fXc&KRTB&23386-CAESEA2GdkvL133OTv-lTQz8fXc
.tapad.com/ Name: TapAd_TS
Value: 1663966145744
.tapad.com/ Name: TapAd_DID
Value: 7500e4fb-0b77-4186-a716-216ef3e0717e
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:53BE16FACAE44F778F8CBED772FECD44
.quantserve.com/ Name: d
Value: EPIBCwGVJ_ijAA
.quantserve.com/ Name: mc
Value: 632e1bc1-c1349-8cde1-89e19
.dyntrk.com/ Name: dyn_u
Value: 07030001_632e1bc1e4cfe
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA&KRTB&19420-UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA&KRTB&22979-UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA&KRTB&23403-UKFYpFfwCfBL8VvyUqtH-QX2D_BLqlOkV6sqjhrA
.pubmatic.com/ Name: SPugT
Value: 1663966145
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLXrpDt7SrUJCKB0+A8/5Oa2uQBqXHOpsdy4kL5yATkWfy0CWNKbNS1tT8h2DZUn+pumcZlz7yr2AsEy1bQpUAe5ElgYJ7z+6k=
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M40]EVNsVF']wIg2InAm4sbj!]tasry'o57REOn17Lr$fDd^q_C2X/</$tZoI-YVNh7BMg`htJ^lZQoeD1W-044)d+]UemqxE[pW1v)QW28YMn^[GT@tnLb0zbLi5Pqx(XstGt!@@Ye.Nt/A
.rlcdn.com/ Name: rlas3
Value: SKZ5jGczZXM9fLg7KeQDcd+RSlV8dLFBFGIEWBrEKZo=
.rlcdn.com/ Name: pxrc
Value: CMK3uJkGEgUI6AcQABIFCOhHEAA=
.amazon-adsystem.com/ Name: ad-id
Value: A9rkACDpQEMysN2migzN58g|t
.casalemedia.com/ Name: CMTS
Value: 4765
.id5-sync.com/ Name: 3pi
Value: 464#1663966141643#225140002#e6afb196-78d4-4b84-b840-eea995c9486d-tucta27a139|2#1663966142266#-1020168324#7832201268429598831|3#1663966143390#1077829545#9477632e-1bbf-4600-a4ff-e5ca42238bf3|264#1663966143904#-852133759#548033b2-aa44-4d80-8e92-adbc87e96a0f|10#1663966145272#-413074381#2853615921117379872|108#1663966146370#-2018087675

16 Console Messages

Source Level URL
Text
other warning URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=24
Message:
A preload for 'https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=24' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=942667575553.2585?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.heraldsun.com.au/
Message:
Access to XMLHttpRequest at 'https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2247161b2b280b28%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2254c57af34e86a4%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%226b74a1914f8343%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%227536c4750e319a%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=7c0b14bc-6c09-48dc-871e-c6262a3a2948&pv=255210cd-a703-4716-b724-16e6f8043d79&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0' from origin 'https://www.heraldsun.com.au' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://syd-1-apex.go.sonobi.com/trinity.json?key_maker=%7B%2247161b2b280b28%22%3A%22a9857035cf13fef1b454%7C970x250%2C1800x1000%2C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1%22%2C%2254c57af34e86a4%22%3A%22a9857035cf13fef1b454%7C300x250%2C300x600%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1%22%2C%226b74a1914f8343%22%3A%22a9857035cf13fef1b454%7C728x90%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2%22%2C%227536c4750e319a%22%3A%22a9857035cf13fef1b454%7C300x250%7Cgpid%3D%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2%22%7D&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=7c0b14bc-6c09-48dc-871e-c6262a3a2948&pv=255210cd-a703-4716-b724-16e6f8043d79&vp=desktop&lib_name=prebid&lib_v=6.13.0&us=3&ius=1&coppa=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy4bvgAAAGu2cgN1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v91.js(Line 99)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2841397702564094204
Message:
Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)
network error URL: https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEAjpNjXUszOJC8wrFrAKz6E&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13cec5017795d47c24ed7843a7de92ac.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
beacon.krxd.net
bedsberry.com
bh.contextweb.com
bidder.criteo.com
bs.serving-sys.com
c.amazon-adsystem.com
c.bannerflow.net
c1.adform.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.speedcurve.com
cdn.taboola.com
cdn1.adoberesources.net
cds.taboola.com
ce.lijit.com
check.analytics.rlcdn.com
cm.everesttech.net
cm.g.doubleclick.net
collector.bonzai.co
collector.brandmetrics.com
connect.facebook.net
content.api.news
cookie-matching.mediarithmics.com
d.adroll.com
d.turn.com
d3273622690172371738-t3804033771104967681.id.amgdgt.com
dcollector.bonzai.co
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
e1.emxdgt.com
eb2.3lift.com
edge.adobedc.net
edition.pagesuite.com
eus.rubiconproject.com
f0g6h1vavlivdekwpg159mmvwiov41663966140.nuid.imrworldwide.com
fastlane.rubiconproject.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
images.taboola.com
insight.adsrvr.org
invoke.bonzai.co
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lm.serving-sys.com
login.newscorpaustralia.com
massets.bonzai.co
match.adsrvr.org
match.taboola.com
metrics.heraldsun.com.au
mfad.inskinad.com
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news.google.com
newscorpau.demdex.net
onetag-sys.com
origin.go.heraldsun.com.au
p.adsymptotic.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.zprk.io
play.google.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
ps.eyeota.net
px.ads.linkedin.com
r.turn.com
resourcesssl.newscdn.com.au
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
sg-trc-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
subscriptions.heraldsun.com.au
syd-1-apex.go.sonobi.com
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ts2020-indies-client.web.app
u.openx.net
udc-neb.kampyle.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
visitor.omnitagjs.com
widget.perfectmarket.com
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.linkedin.com
x.bidswitch.net
cookie-matching.mediarithmics.com
lbs.eu-1-id5-sync.com
login.newscorpaustralia.com
syd-1-apex.go.sonobi.com
103.229.10.211
103.229.206.241
103.231.98.193
103.231.98.194
103.231.98.195
103.231.98.196
103.71.26.125
104.16.13.64
104.16.86.20
104.18.102.194
104.18.13.76
104.18.18.126
104.18.19.126
104.244.42.195
104.244.42.5
104.254.151.60
104.254.151.69
104.26.7.155
104.84.196.155
107.178.254.65
13.107.42.14
13.224.250.113
13.224.250.29
13.224.250.40
13.224.250.80
13.224.250.85
13.225.2.118
13.227.254.113
13.227.254.25
13.227.254.75
13.227.254.80
13.230.152.89
13.35.15.213
13.35.17.5
13.35.19.109
139.99.49.250
141.226.229.48
141.226.230.50
141.95.98.65
141.95.98.69
142.250.4.155
142.251.10.132
142.251.10.147
142.251.10.148
142.251.10.154
142.251.10.157
142.251.10.94
142.251.12.113
142.251.12.132
142.251.12.148
142.251.12.94
142.251.12.97
146.75.112.157
151.101.193.108
151.101.193.175
151.101.194.217
151.101.194.49
151.101.65.44
157.240.235.1
157.240.235.35
172.217.194.156
172.64.133.15
172.67.38.106
174.137.133.49
18.136.174.146
18.139.202.127
18.139.71.162
18.141.109.184
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
185.84.60.21
192.0.66.122
199.127.207.184
199.36.158.100
20.50.2.28
202.131.200.82
202.131.200.84
209.191.163.208
23.106.127.53
23.106.69.73
23.207.36.111
23.207.36.189
23.207.36.196
23.207.36.231
23.207.36.240
23.207.36.241
23.207.37.206
23.75.85.227
3.1.235.254
3.126.109.107
3.231.177.24
3.231.251.159
3.5.168.14
3.94.67.15
31.220.27.155
34.102.253.54
34.111.151.213
34.120.155.137
34.160.46.16
34.192.92.212
34.204.58.250
34.98.64.218
34.98.67.3
35.156.160.21
35.167.146.49
35.190.60.146
35.213.12.39
35.227.202.26
35.241.45.82
35.247.47.28
35.71.131.137
42.99.140.187
42.99.140.192
44.231.196.20
50.116.239.135
50.116.239.150
52.12.199.59
52.221.16.11
52.223.2.229
52.33.194.179
52.45.175.185
52.46.155.104
52.74.162.2
52.76.80.16
52.77.147.158
52.84.251.10
52.84.251.4
52.84.251.49
52.84.251.6
52.84.251.73
52.84.45.86
54.169.170.163
54.169.222.109
54.169.224.149
54.206.8.238
54.239.38.253
54.87.77.212
54.95.212.5
63.140.36.101
63.140.36.103
69.173.158.64
69.173.158.65
74.118.186.45
74.125.130.155
74.125.200.139
74.125.200.157
74.214.196.131
82.145.213.8
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
002ead933c272b068d77ce515000fe0a2287afc64284388514a533142deb2a96
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0268a8ef11474a3820e29c1603888580fb78a0b34427f41701593cbbff83a6e2
02875082e1d53c14a0c3f6f34b670f1af7b48a518c38526003c34a2e1e8054f9
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0422c1be425a330e066dc9ac7ba5d76e323e757b3ddc2a95c5319e2ca5090968
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e67598714a0c4563e38e21462f805842803eea1954787eb593acafbe8e9740
07eebaabb6e2422ce7a01c346a62b108257cae5a07b5a3a630f0937013ddc05c
08251b2c17040483e9691d8260601c039e4d5ae69971b3f21311f7823b468eb3
0ab2d22328ccfb136ee81ad17d662c23d61d0bdae81ff1f773569ca0e116ecea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10efe3fa9e9c8738e827562151951785f33dd1772351e66f2dbbc583366e2a21
1169fe5b930b6b6bf31748fd0b0483547d2820188ec5937cfa3ea7c341657f91
12628e8318237b4ff9be0901cc322a1e9708f32892c1cea237abb886cdd9e5c5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
157603bb688e945a0c191c12f22e9d5ad1018a2fde53f2f6847587051afbef13
16f0f89e19a036cf9ea714154fa886045476d6d52ad603032cdba66f00f31981
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1915a6c3f9f643007a1ae96227d6df7c638f9ae1031b7d8faf99e1f6f3b397bb
1a21812b5c15bddb8c2a4fdb93b9ffddbb07e7326a0c8de9784bbdbe093cce5c
1aa3b50696fb5ad8391efe27876e8cc8276745e0b941540cc5c23c570b71f176
1b672d771ea2e2d6cf15df45fa4978c98d571b4521e5ebedb7b060e65577c127
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1e0048d90172ebbb946617c24a981dbc8a4d585329c16ecd3eeac25d6a0acd58
1f79d4b220be478592cc03715aef8b50c900a331882a7c767a37e86980661d50
2010b01553e93e885d5ebe27c838a7072e670673fb512a609e7a370bd23fd90f
20d524679433f7ea8cc577e25ecb0e9ef69d6266c265305da9d5d015ebd9d7e5
21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82
2201c6165d3822aeb64b2e40552ddf4a5a0a8940ee2b22b250bdd8ea69eac683
22f34411e82a152d53006684e3529ee0a666d3f6880f0ed03ba34f3ff435d345
232814ff5319e7e8c5122e3acc731005a8f93d7ba044715865ab44347e709e9d
250686eb4f9e94b0bd0812e4e65b239b3355af85e21aff1dfaf3914f8b99f8f3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
283ab662ebcf00415d4ba2b25452e97a3bdaa40934a4c64da16368f38d5e0063
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b593d5157de866011a1d6355f4cde11cd843b699aac2b94a4d39ceb93166a38
2b7c550f6ec66d4c2f7c602d5e7448f8bb4143a95539a7447208cf4b903866cf
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2d10aa7f5de7fbddabd0b72139d2a725cdf8121b29752b0093bab60122aec2c7
2e78e124f7ea3759d84f81b44f00269e8959b7bd0ca3956727a4739ed9cbfe07
2f3f0e38d25e2529c02a0f9fcf635f60761ef24800156882898bc8de2a1a9c94
343c41ce052350958d10bef12ff5a89fa32ede28385cdc6f41e199ef87c87613
36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0
37b69563450fbcd23d52fff0609cd0435464f1ed8ca45f40ff098a0bafe8ef56
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3c311ebfce1615de1bb2323f6acef439bc9cae9da36372455eb92f148cd31268
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e219149e0c53679e1897b7a15f29456a32e0adead298056e076e4b7a8662418
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ecdafd419ef22d7ec5a0049d169b2424362fc96e6f25b5a15a8277ffe334497
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
41c8716329fc80f2ba12ccc0e7a221958dbe4dcdc593a143fecdafc0bc46a4d3
42ffbcd5fae6a0eda00246031330f0c87d21ec4c9451787199c02d49746a3d12
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4372e551f08e67e5190c9812201cd26dd180d2de126e9cf5fc5555cc0af63235
438d50b298a91528388dbfd044a8eb83a456eb3a3e03ad01e96ce94522724e1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44208ae4a04dd3cea520d684c85edac43509f6fb7b145172590bcb3041bc49d3
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
45eb0b2ade27df0ff0de76dba4f80ac988a3e69bd98b44ebc8a0e329423233f3
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d6d229654db5d1e2c380695afeec06765adb06ca1eb4433550367255f20600
4900ea49e481698bb56421bd6e83d4750862081321b3cb552bc873624412db68
49ce62fc87dcbc7089ab59208f038405d8ba9c3e12f2968f4e8aad598a3408b7
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc8ea47cdd4d9a1f9b0df1a290845cd64a8d37f48bd2743210d931e82d56f24
4dbb65b1b2d03dbed737ad03ce9f46e959d28406bb0ce0f7f7c07524d692594f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e23ce46900a09dac8e3dba44d6e6baea9a0d2f250af87fc1d94852458ad3414
4efd299554ae31a6881902182f86ea9b301aea88a45efe0d7198f8f8100358c1
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5535d469a212454eb0dfb654ca63b980e8c2edf1a6c2e4ac63cda7b49635a543
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562a54a9de4f36915707253f5778af0db10d90143d07dfb649f92f4c42261aa4
588198372bc5ed676e38c97981daaeb27d928f0fa5d736311488174e563e2917
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ca2d0b308aadcf4c4b2cdfed9605be2da920cb5bb897515fe52dbf5e6c26db9
5ca8f5045d53a7a87b40504e7d1fcd99c58d9c086bfb9d452bda2d6a3e96f424
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5e7b471a7b5dcd0107a7a7d6e057c7a6377f258a3bf28087ce83711e0ae4826a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f401a9a05aadc1f3cecb007dda67e900478bd19653aa067084ec76183c48c75
5fdcd8eab8e8911c76cef0629371366ae32f32984a1e77a33bdc46b537d7bbba
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
604785b3b644788c1974b7af27011d8d0b31620f6383aed37b19349e95818ce2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d7dbd4440b78099146b016e521889a1659d7293fdb7fa92bf6ab3430f8739d
6200b73d57d5402ff5a5c550f51e62480ad41185e32be940ac7b947deaece44a
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
62cf532d62b2f0ae4e6d0e6382e9a1c76e954b4ee081dd8c6edc0adc3cf774e0
63919867af3995b5bdf26e6d016d1c020d0a79b7d28ba4f397065826b734f432
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
66252e62a81292fc91811e17a73cc573a5898ae06d3cc004bfcc54e0563020bd
66849d32bc3bc530db5d7111e5c6cba07d63a6c49b288b4e03ad7a1f480337c9
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
6a77472837e7ddf699575bc763d0815b5d54b4d5fe3e392e1dd5d812a45ac219
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6ac8e4c34cedb89bb130f7b765ed13f7c8c0d305cb45c90eabee473364f1c701
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cd18fb060f883e248e3c8957a85d8ca35e87f853497b190d9607abc5a18bb1b
6cef2bfb5da27a3ac4e8a945b4c99d9f3d8f015f86c3b064602a28c6b0bc45c3
6cf160f3480ac2d83ccb59f5783ea8c32488f90c4d285b35bb320ac59eef3f0c
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
706fb49bb9b8b62245becfb45e2514a73652a62e219925a7dcc2d596e05cdf48
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
7228664e710ed4d04cc2c10582d86174e7f28ae53983638bd4c244271a4d51d7
728b98498438842357d8f16c79852b806f5c5f1caf860baeba4e9db439f6f424
729d370f25c9d95fe9082403d40e2bbf75899742afc0381bd3b8f6ae6d58cd06
736c2d3c83596bc17524d1a9bce892412356d62d1cf2093c3346c6a89172ed94
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749017b53b677c8309df48f408a6446f0d29e8256fe34d6a8521ce804b1e370e
7529d4d5708aca99d641fb1a0347f2ba3aefd89e30c93974c85fb734421b9945
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
77cd9a483177d7149d1eea99c6cb604ed30c86567dc6a8e32a11e571bcf1bf7b
78693f617638dd93eb7434a37d1b06bfbc4765dd09b850f5948aaded63db14de
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7b6c0b25c2cb3a2edfe8c42852119cffb292560fe035805ec58d85522316996d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
7da80d698eeed667d9dc3e69ae1fc6ebe00fcd1f518aa299c81e65c1edf50dfe
7ef92b289510806c5cb30ffb6afc031d276874b28e33f8afa1eba7dbfcc68ead
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
80071d167df92e3b7a334b9a133d289001a0ca778aa74e0f75651bbccc4ca31e
80b4f5670de7971efa0bf0a2fcc5a5ec948bd5bc9f3608391be5e0202cbcb56e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8189b423ab0098619e47b27fad28ed6e28457aadfe234403feb1ae9d21478909
82098b75569948cc99fb49df0a4ec6f6e73a9e4e9b6937db3d8ba4516e281b14
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e16c99941918429bedaa779a8ef8cbca2a6258399365116ae543d10bd334e5
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
88a1f7f477e84bd9b583c1a87ff2800cc61e929c1f75dde95b57677972b5d4db
8987f2cd6b207ce54118ad34053d914999ac4bc077e271f71eb6ce4e07f6022a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a17f5eca37fb4688bd25836a90561b03607275abc4a55a30980ec93bbab6414
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab9b143c1a9f51f38c62db005fb4b49572e4d796f0e74e6b3b56ee41036f954
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
8c4f842ac23c50dee3e342c2296a5f07b27003a48e4652ca300bedad8aaebb59
8d104b2cc15ed8889f9162848ae2a6197de0776a69ac08a59e941726a0a5b9a9
8dc7874c2b1de2f08584e8a6ce0a81c05a0697dab0e520b2df25370f2230c579
906a98a075dba5087cd725e8625154294c91ad571cd2df2a8592d26cc602c607
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92e22113edcd26fab6802154c99f1c3d438f121855aab0e64177b39938dc7d23
92fa0b1c0c602c7ddc7e2132ba4fee2ef158dd279d98ce6fcaf1db19ccbccdfc
936a3918860f620030b68133187817497bcdcbb6e04d96323c8b3a0a13c2482a
947f9ff78805d78da6dc9a68b2a55cd9314745f7797b34eaac5fc753d6048c6d
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
97e95b169e96a01488b70117543491505f44a1c442fcd1fd175abdcf9181ba26
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99851996ea84714c58e62d631c85d85c2c15f7959aa3d9c0c1932ddd418cd2e9
9a547c4128d0639e5707d680eeee4cf5ff5cdfed9893dbed7c8ee69fb02ebdff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa4717548dfbefc2bab0e5b0240edcee4172bb02283c05cdcb49d35897110f2
9acbaea363ad457056ecae988693eab9b49fd0819a1cf57277103dd0d89427ef
9afe7858dac5c682eea79b12e408852803d393491c5fdaf57260d822c504fe59
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11b7881e180e2305a8bcdcc13f2de8464c396daba5546f4e6c8ea089cf7d9cc
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3a28f93d961cfbfd06862379ffb2a94c778b220c45a1b7bc2e4fa317b2d1dfc
a3c9728730ffd33b100a65dc3ddcaf6632aa1667694acc96c29851c2acd32bb1
a486035c3d5b6ce3880c726c3d400dce42087d796044e2642fe0559cc74d709a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ebee20fbc247287cef125a84815c2aa1604bc94e1e4cc70f4e5b64299a439
a8736b961cbb09603dd4aaf7727e0a6d4049d0f783535159f7d2e497676609dc
a8a48e17be417a84a539591e8d6305240f073db02dccf04b5278a598d6300679
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9c49a1a796368e2060aada186576d3c25b80a5b292639a8c9790fe8f16d24fc
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
abd27c2f47afb62e0a30c8dae3eb539a61bfb95053e4e38d28a2dc3a02258ee8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acda2a0988e4a29493581bc476c14e1e0b5ac1cb4e64923dfc4108316f570f05
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aefd9d5f80f99a114ed72642e172bc10fc70495af40cccdf76e923ffffaaab30
afe3379fd219f3c158a7bdefbf2065de08fe78835ec7d2d813cdae454eccc54d
b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e8456cf832f41c6b239b94e9019d861850b145b576b68181184a09232f6c67
b1fc74d0b3f64fce95f6d59237047d0d572e750596b79f9eaed50d9499f837bd
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b70054ce492ddee689523c7ac1abf26fc6795f5c4b6450f1aa5893a83f0ebab5
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f4643b0abb221129fb74d66a7e9cf47b5aff8e235954e123c632b9cb570e4
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
becd2a944229c83e2505fe40e431b449fe4e3d1c50563d938c766ec20055a39d
bee2515486a37601214d11697ca6a851e130ca23de7254fe4842d8522d95cde6
bf8ab9e2a6f23f39d76070b3ada20ff121a90cc6708d5930e432bcfd56bd861c
bfcf80bfb2d17562d38d3f50db9274d902ec50021beb3cc46ca61de7d2410a2d
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25bfbbf57399794e2238727d4d7c9d681c86879e54d9950ab92bf0b34c9f7bd
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c57db64b6ebab1b9ee87ac06f504550adfd9b294e414fe3122fedf8e727da69f
c6b30be9e2ecab19294bbf313c1b95df4ef35c8299bbabfd6e4ec67d95a12376
c7221ffa3da444e473cdb65c88faea0453238b68981fc448a5ff0e2de40757bc
c7e2f8064d93198d074ac3b6594ac920d41f0c48dfb52769b8fcbf08058d5c8b
c9f999dc36e2bb41362246be0cbf0e65ac9eea0ab75b8aa29ed7d104fe88afce
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cdd76b681f2194c9e5d905a8531c6b6a5114c16ffe9595e51fbafbdc228c4744
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cec2431de66d7fe173d48edd2afe8231bffac9763dc7701784b8a270403f2815
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d2fb5c67ed0f02b3e07f33d1999174e050c221ce9c875f28e148346eb1fa4c04
d356980855c9ed9e4f4ff72aa19216384c3468aa13602211b8e93ce01ddbde00
d3b9d32c29984765d47e9ecfa9f9a0318adda7920b4d8fde67b965a1161b03b7
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d70b9ac997a78a70c8ed6433c54edcbf0eb48887def5da4c0e879cbd577279fa
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d8d62fb666e52c32a974dc669968c255ecb778339af05b88bd277faf4d5104c5
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dc303bf7749f402fa46ad0f7f3caba015b6b6f9102258c9f33e10005e58df53f
dccecef2c75416b0fd25700cda95db908100cb256e8f0257819d65e8b18e3dc2
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcf16724556097a6131d2d60fabb3f79882fa79b43aa4ccdab4de10df994ead7
e04775740ec8b9db7622970f707a9bf458ebb5385fc1d6a414312447f8e71ab7
e095be329fb58f2614765ad7417ae4ac8745d6155ffd5c0514b9661ccc9bd9b7
e2b47f6850e47a047f2dce76569a61df775d7504fe64716ec66af316ab80e489
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e2ca77a43ecfab315c2404e0c40c56453692fe70fc9205cb46fc06556ef834
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d
e86ca1e15b3efaabf787ab5923261b8e93422effd04079f57f93e6fec5bb2568
e87455ae95f61cfbc0f7cb6fddf160a4359d212caca78f512ce2fe37dded02e0
eb8dc4597b756ea76241d2b49eb043b4ff563168cd1c52c60e6fb24a2a62e384
ebb4807c4eb6dca83da209b9d9cbafd1191a5960535e9cfaf6cb2423d59e6f15
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eca4a69307e834abdc7a26a17ff60bd9b844144c8c422b3b7aef561170e18415
ed34e3530f07faa0bf28c25a533cf0673392267357cfd93ff69f45b986d7f560
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efe97a85d051561e4abcf5817e2a6b839806148c4d506b18f66263c8eb1a396e
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f113e0743984ad398a7f12b9eb887f51bbf3d399d0a17b9e9d81e4643ff982f9
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f6f9b28ce46bc46d6dc12b7a3e09437e46b159144cf7ea835cfd4702cad05ad8
f75cd8fe41cba177b5096d142684c936c9a9f13143d4fe6b427a96599cf399f8
f9cf5054354592eaa1b15b0730066d22b155be4f64e24c9f1fa1519786a67156
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd48e2679f423978f355af346fdc7f929f249e6cff29ed8aa13e50a4d2b796b9
fd7f63a616415c15cf0031af82bba45bc785fc646e49a6dbae25430130e3586f
fee943a9dad82106a8ac253ed19352785e2db488595759bfb36e8951bc300dd3