urlscan.io logo urlscan.io
SecurityTrails logo

www.heraldsun.com.au Open in urlscan Pro
23.52.235.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heraldsun.com.au/
Effective URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Submission: On December 08 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 10 countries across 112 domains to perform 564 HTTP transactions. The main IP is 23.52.235.84, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.heraldsun.com.au. The Cisco Umbrella rank of the primary domain is 586940.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 26th 2023. Valid for: a year.
This is the only time www.heraldsun.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 65 23.52.235.84 16625 (AKAMAI-AS)
1 13 23.52.245.131 16625 (AKAMAI-AS)
25 23.204.64.193 16625 (AKAMAI-AS)
1 151.101.66.217 54113 (FASTLY)
1 13.35.148.114 16509 (AMAZON-02)
3 34.160.169.226 396982 (GOOGLE-CL...)
8 23.40.74.168 16625 (AKAMAI-AS)
1 23.46.34.73 16625 (AKAMAI-AS)
14 18.244.214.85 16509 (AMAZON-02)
2 18.67.93.30 16509 (AMAZON-02)
3 23.214.44.119 16625 (AKAMAI-AS)
7 13.35.147.40 16509 (AMAZON-02)
13 142.250.204.14 15169 (GOOGLE)
1 23.204.64.151 16625 (AKAMAI-AS)
1 172.217.167.102 15169 (GOOGLE)
3 13.107.21.200 8068 (MICROSOFT...)
1 18.67.107.130 16509 (AMAZON-02)
2 157.240.8.23 32934 (FACEBOOK)
1 13.224.181.67 16509 (AMAZON-02)
2 107.21.182.54 14618 (AMAZON-AES)
1 151.101.193.175 54113 (FASTLY)
2 104.22.52.86 13335 (CLOUDFLAR...)
1 23.198.63.128 16625 (AKAMAI-AS)
15 142.250.76.98 15169 (GOOGLE)
3 13.35.151.131 16509 (AMAZON-02)
1 18.67.93.43 16509 (AMAZON-02)
2 104.26.13.18 13335 (CLOUDFLAR...)
2 23.48.96.232 20940 (AKAMAI-ASN1)
5 23.214.88.160 20940 (AKAMAI-ASN1)
1 151.101.1.140 54113 (FASTLY)
2 104.19.147.8 13335 (CLOUDFLAR...)
3 18.67.111.74 16509 (AMAZON-02)
4 13.35.147.106 16509 (AMAZON-02)
1 13.35.147.76 16509 (AMAZON-02)
4 3.25.20.197 16509 (AMAZON-02)
1 13.224.181.11 16509 (AMAZON-02)
1 151.101.129.229 54113 (FASTLY)
4 162.19.138.116 16276 (OVH)
1 34.149.26.226 396982 (GOOGLE-CL...)
5 142.251.221.66 15169 (GOOGLE)
1 172.217.167.98 15169 (GOOGLE)
2 99.84.238.146 16509 (AMAZON-02)
1 13.35.147.22 16509 (AMAZON-02)
3 157.240.8.35 32934 (FACEBOOK)
8 142.250.71.67 15169 (GOOGLE)
1 52.221.162.132 16509 (AMAZON-02)
1 34.227.121.59 14618 (AMAZON-AES)
1 13.35.147.85 16509 (AMAZON-02)
1 23.38.138.181 16625 (AKAMAI-AS)
1 23.221.20.194 16625 (AKAMAI-AS)
2 13.107.213.31 8075 (MICROSOFT...)
1 151.101.193.140 54113 (FASTLY)
12 13.54.220.201 16509 (AMAZON-02)
2 63.140.38.186 14618 (AMAZON-AES)
1 1 52.74.155.254 16509 (AMAZON-02)
13 54.79.148.68 16509 (AMAZON-02)
1 18.67.114.43 16509 (AMAZON-02)
5 12 103.43.90.54 29990 (ASN-APPNEX)
2 13.239.180.158 16509 (AMAZON-02)
1 18.67.93.127 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
2 34.102.253.54 396982 (GOOGLE-CL...)
1 67.199.150.87 3257 (GTT-BACKB...)
4 69.173.158.65 26667 (RUBICONPR...)
3 7 104.18.36.155 13335 (CLOUDFLAR...)
2 141.95.98.64 16276 (OVH)
2 2 50.116.239.135 6336 (TURN-US-ASN)
14 21 69.173.158.64 26667 (RUBICONPR...)
11 20 142.250.67.2 15169 (GOOGLE)
2 12 52.46.155.104 16509 (AMAZON-02)
8 12 3.33.220.150 16509 (AMAZON-02)
3 20.114.189.135 8075 (MICROSOFT...)
1 63.140.38.149 14618 (AMAZON-AES)
2 23.204.64.196 16625 (AKAMAI-AS)
4 13.35.144.104 16509 (AMAZON-02)
1 151.101.28.157 54113 (FASTLY)
2 142.250.66.232 15169 (GOOGLE)
2 23.198.57.183 16625 (AKAMAI-AS)
2 4 142.251.221.70 15169 (GOOGLE)
4 142.250.204.2 15169 (GOOGLE)
5 5 18.143.106.89 16509 (AMAZON-02)
1 23.214.88.51 20940 (AKAMAI-ASN1)
4 23.198.59.89 16625 (AKAMAI-AS)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
1 100.25.107.27 14618 (AMAZON-AES)
2 18.158.203.99 16509 (AMAZON-02)
1 199.127.207.182 26120 (RHYTHMONE)
4 151.101.128.84 54113 (FASTLY)
2 2 54.153.211.209 16509 (AMAZON-02)
1 1 34.199.164.108 14618 (AMAZON-AES)
1 35.160.247.117 16509 (AMAZON-02)
1 1 23.40.72.216 16625 (AKAMAI-AS)
7 8 151.101.66.49 54113 (FASTLY)
4 23.52.255.186 16625 (AKAMAI-AS)
7 142.251.221.68 15169 (GOOGLE)
3 142.250.204.3 15169 (GOOGLE)
1 51.75.95.152 16276 (OVH)
3 51.75.95.135 16276 (OVH)
1 51.75.93.54 16276 (OVH)
4 51.75.93.98 16276 (OVH)
1 57.129.23.120 16276 (OVH)
4 51.75.89.127 16276 (OVH)
1 51.75.92.250 16276 (OVH)
1 51.75.89.188 16276 (OVH)
3 67.199.150.81 62713 (AS-PUBMATIC)
10 172.64.151.101 13335 (CLOUDFLAR...)
2 2 34.233.55.153 14618 (AMAZON-AES)
2 2 18.238.192.40 16509 (AMAZON-02)
1 1 198.8.71.131 54312 (ROCKETFUEL)
4 6 35.244.154.8 396982 (GOOGLE-CL...)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 1 45.137.176.88 60350 (VP)
2 2 104.18.25.173 13335 (CLOUDFLAR...)
1 4 52.76.144.130 16509 (AMAZON-02)
1 17 207.65.33.82 62713 (AS-PUBMATIC)
2 4 35.213.12.39 15169 (GOOGLE)
1 2 35.244.159.8 15169 (GOOGLE)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 13.107.42.14 8068 (MICROSOFT...)
1 67.220.228.201 16509 (AMAZON-02)
2 2 18.177.210.19 16509 (AMAZON-02)
1 131.153.206.102 59210 (PHOENIXNA...)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 52.77.135.86 16509 (AMAZON-02)
1 2 69.175.41.79 32475 (SINGLEHOP...)
1 1 18.239.199.51 16509 (AMAZON-02)
1 2 13.35.147.55 16509 (AMAZON-02)
1 2 52.74.150.191 16509 (AMAZON-02)
1 2 119.9.108.211 45187 (RACKSPACE...)
2 2 35.194.66.159 396982 (GOOGLE-CL...)
2 182.161.73.129 55569 (CRITEO-AS...)
1 142.250.204.1 15169 (GOOGLE)
1 151.101.1.44 54113 (FASTLY)
1 74.118.186.107 6336 (TURN-US-ASN)
1 54.79.99.215 16509 (AMAZON-02)
15 142.251.221.65 15169 (GOOGLE)
13 13.35.147.8 16509 (AMAZON-02)
12 13.35.147.95 16509 (AMAZON-02)
2 13.33.88.56 16509 (AMAZON-02)
6 18.67.93.29 16509 (AMAZON-02)
40 35.166.101.88 16509 (AMAZON-02)
6 184.24.241.42 16625 (AKAMAI-AS)
1 13.35.147.78 16509 (AMAZON-02)
4 207.65.33.76 62713 (AS-PUBMATIC)
2 3 185.84.60.20 198622 (ADFORM)
2 2 18.178.8.168 16509 (AMAZON-02)
2 2 103.229.10.192 16509 (AMAZON-02)
2 2 107.178.254.65 396982 (GOOGLE-CL...)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
2 172.64.149.180 13335 (CLOUDFLAR...)
2 52.195.101.72 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 18.138.18.111 16509 (AMAZON-02)
1 1 54.152.61.223 ()
1 2 35.186.193.173 15169 (GOOGLE)
1 182.161.73.146 55569 (CRITEO-AS...)
1 1 82.145.213.8 ()
1 1 139.162.38.30 63949 (AKAMAI-LI...)
2 2 89.207.22.108 ()
564 136
65    23.52.235.84 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-235-84.deploy.static.akamaitechnologies.com
www.heraldsun.com.au
content.api.news
mhr.talk.news.com.au
13    23.52.245.131 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-245-131.deploy.static.akamaitechnologies.com
tags.news.com.au
25    23.204.64.193 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-193.deploy.static.akamaitechnologies.com
resourcesssl.newscdn.com.au
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    13.35.148.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-148-114.syd1.r.cloudfront.net
d2n6ofw4o746cn.cloudfront.net
3    34.160.169.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.169.160.34.bc.googleusercontent.com
bedsberry.com
8    23.40.74.168 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-74-168.deploy.static.akamaitechnologies.com
statsapi.foxsports.com.au
1    23.46.34.73 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-34-73.deploy.static.akamaitechnologies.com
players.brightcove.net
14    18.244.214.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-214-85.sfo53.r.cloudfront.net
static.adsafeprotected.com
2    18.67.93.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-30.syd62.r.cloudfront.net
assets.vidora.com
3    23.214.44.119 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-44-119.deploy.static.akamaitechnologies.com
login.newscorpaustralia.com
subscriptions.heraldsun.com.au
7    13.35.147.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-40.syd1.r.cloudfront.net
tags.tiqcdn.com
13    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
news.google.com
play.google.com
1    23.204.64.151 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-151.deploy.static.akamaitechnologies.com
cdn.optimizely.com
1    172.217.167.102 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f6.1e100.net
ad.doubleclick.net
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    18.67.107.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-107-130.syd62.r.cloudfront.net
static.chartbeat.com
2    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
1    13.224.181.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-67.syd1.r.cloudfront.net
au.tags.newscgp.com
2    107.21.182.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-182-54.compute-1.amazonaws.com
pixel.zprk.io
1    151.101.193.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    23.198.63.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-63-128.deploy.static.akamaitechnologies.com
cdn1.adoberesources.net
15    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
securepubads.g.doubleclick.net
3    13.35.151.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-151-131.syd1.r.cloudfront.net
c.amazon-adsystem.com
1    18.67.93.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-43.syd62.r.cloudfront.net
ats-wrapper.privacymanager.io
2    104.26.13.18 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
2    23.48.96.232 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-232.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
5    23.214.88.160 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-214-88-160.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    18.67.111.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-74.syd62.r.cloudfront.net
cdn-gl.imrworldwide.com
4    13.35.147.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-106.syd1.r.cloudfront.net
au-script.dotmetrics.net
1    13.35.147.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-76.syd1.r.cloudfront.net
cdn.adsafeprotected.com
4    3.25.20.197 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-25-20-197.ap-southeast-2.compute.amazonaws.com
au.pixel.newscgp.com
1    13.224.181.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-11.syd1.r.cloudfront.net
ncg.tags.news.com.au
1    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    34.149.26.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.26.149.34.bc.googleusercontent.com
api.rlcdn.com
5    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
1    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
googleads4.g.doubleclick.net
2    99.84.238.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-238-146.sfo5.r.cloudfront.net
geo.privacymanager.io
1    13.35.147.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-22.syd1.r.cloudfront.net
config.aps.amazon-adsystem.com
3    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
8    142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net
www.gstatic.com
1    52.221.162.132 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-162-132.ap-southeast-1.compute.amazonaws.com
bs.serving-sys.com
1    34.227.121.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-121-59.compute-1.amazonaws.com
ping.chartbeat.net
1    13.35.147.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-85.syd1.r.cloudfront.net
rm-script.dotmetrics.net
1    23.38.138.181 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-138-181.deploy.static.akamaitechnologies.com
cdn3.optimizely.com
1    23.221.20.194 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-20-194.deploy.static.akamaitechnologies.com
a20352597942.cdn.optimizely.com
2    13.107.213.31 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
12    13.54.220.201 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
dpm.demdex.net
newscorpau.demdex.net
2    63.140.38.186 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-186.data.adobedc.net
newscorpau.sc.omtrdc.net
edge.adobedc.net
1    52.74.155.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-155-254.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
13    54.79.148.68 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
pixel.adsafeprotected.com
1    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
12    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    13.239.180.158 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-239-180-158.ap-southeast-2.compute.amazonaws.com
secure-sdk.imrworldwide.com
1    18.67.93.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-127.syd62.r.cloudfront.net
bvc1ogexrchmfxmh67mwfxmw2prqo1702008747.nuid.imrworldwide.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    67.199.150.87 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
4    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
ad.turn.com
21    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
20    142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
cm.g.doubleclick.net
www.googletagservices.com
12    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
12    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
3    20.114.189.135 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
v.clarity.ms
1    63.140.38.149 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-149.data.adobedc.net
metrics.heraldsun.com.au
2    23.204.64.196 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-64-196.deploy.static.akamaitechnologies.com
s.pinimg.com
4    13.35.144.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-144-104.syd1.r.cloudfront.net
js.adsrvr.org
1    151.101.28.157 (Sydney, Australia)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    142.250.66.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net
www.googletagmanager.com
2    23.198.57.183 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-57-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    142.251.221.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f6.1e100.net
8228261.fls.doubleclick.net
4    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
www.googleadservices.com
googleads.g.doubleclick.net
5    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.214.88.51 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-214-88-51.deploy.static.akamaitechnologies.com
hb.yahoo.net
4    23.198.59.89 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-59-89.deploy.static.akamaitechnologies.com
image5.pubmatic.com
ads.pubmatic.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    100.25.107.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-107-27.compute-1.amazonaws.com
logx.optimizely.com
2    18.158.203.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-203-99.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
1    199.127.207.182 (United States)

ASN26120 (RHYTHMONE, US)
dt.scanscout.com
4    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    54.153.211.209 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-211-209.ap-southeast-2.compute.amazonaws.com
ps.eyeota.net
1    34.199.164.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-164-108.compute-1.amazonaws.com
usermatch.krxd.net
1    35.160.247.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-247-117.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    23.40.72.216 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-72-216.deploy.static.akamaitechnologies.com
tags.bluekai.com
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    23.52.255.186 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-255-186.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    142.251.221.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net
www.google.com
3    142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net
www.google.com.au
1    51.75.95.152 (Germany)

ASN16276 (OVH, FR)
c0.eu-3-id5-sync.com
3    51.75.95.135 (Germany)

ASN16276 (OVH, FR)
c1.eu-3-id5-sync.com
c3.eu-3-id5-sync.com
c6.eu-3-id5-sync.com
1    51.75.93.54 (Germany)

ASN16276 (OVH, FR)
c2.eu-3-id5-sync.com
4    51.75.93.98 (Germany)

ASN16276 (OVH, FR)
c4.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.eu-4-id5-sync.com
c6.eu-4-id5-sync.com
1    57.129.23.120 (France)

ASN16276 (OVH, FR)
c5.eu-3-id5-sync.com
4    51.75.89.127 (Germany)

ASN16276 (OVH, FR)
c7.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-4-id5-sync.com
c7.eu-4-id5-sync.com
1    51.75.92.250 (Germany)

ASN16276 (OVH, FR)
c2.eu-4-id5-sync.com
1    51.75.89.188 (Germany)

ASN16276 (OVH, FR)
c3.eu-4-id5-sync.com
3    67.199.150.81 (Singapore, Singapore)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
10    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    34.233.55.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-55-153.compute-1.amazonaws.com
i.liadm.com
2    18.238.192.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-192-40.sfo53.r.cloudfront.net
live.rezync.com
1    198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    52.76.144.130 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
17    207.65.33.82 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
4    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    18.177.210.19 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-210-19.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    52.77.135.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    69.175.41.79 (Park Ridge, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ce.lijit.com
1    18.239.199.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-199-51.sfo53.r.cloudfront.net
live.primis.tech
2    13.35.147.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-55.syd1.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
2    52.74.150.191 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.211 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
2    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
1    54.79.99.215 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-79-99-215.ap-southeast-2.compute.amazonaws.com
invoke.bonzai.co
15    142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
tpc.googlesyndication.com
13    13.35.147.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-8.syd1.r.cloudfront.net
massets.bonzai.co
12    13.35.147.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-95.syd1.r.cloudfront.net
collector.bonzai.co
2    13.33.88.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-56.sin2.r.cloudfront.net
au.audience.newscgp.com
6    18.67.93.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-29.syd62.r.cloudfront.net
dcollector.bonzai.co
40    35.166.101.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-101-88.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
6    184.24.241.42 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-241-42.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    13.35.147.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-78.syd1.r.cloudfront.net
check.analytics.rlcdn.com
4    207.65.33.76 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
3    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    18.178.8.168 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-8-168.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
2    103.229.10.192 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    52.195.101.72 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-101-72.ap-northeast-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
1    54.152.61.223 (None, )

ASN- ()
sync.srv.stackadapt.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    139.162.38.30 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1451-30.members.linode.com
gocm.c.appier.net
2    89.207.22.108 (None, )

ASN- ()
pubmatic-match.dotomi.com
Apex Domain
Subdomains		 Transfer
68 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 602
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3936
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
1 MB
40 api.news
content.api.news — Cisco Umbrella Rank: 71092
512 KB
38 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 139
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
8228261.fls.doubleclick.net — Cisco Umbrella Rank: 195069
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
229 KB
32 bonzai.co
invoke.bonzai.co — Cisco Umbrella Rank: 299287
massets.bonzai.co — Cisco Umbrella Rank: 309329
collector.bonzai.co — Cisco Umbrella Rank: 263335
dcollector.bonzai.co — Cisco Umbrella Rank: 279503
611 KB
32 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
eus.rubiconproject.com — Cisco Umbrella Rank: 588
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3385
48 KB
29 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image5.pubmatic.com — Cisco Umbrella Rank: 71003
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com — Cisco Umbrella Rank: 1224
39 KB
26 heraldsun.com.au
www.heraldsun.com.au — Cisco Umbrella Rank: 586940
subscriptions.heraldsun.com.au — Cisco Umbrella Rank: 915245
metrics.heraldsun.com.au
429 KB
25 newscdn.com.au
resourcesssl.newscdn.com.au — Cisco Umbrella Rank: 111085
488 KB
22 google.com
news.google.com — Cisco Umbrella Rank: 6415
play.google.com — Cisco Umbrella Rank: 32
adservice.google.com — Cisco Umbrella Rank: 93
www.google.com — Cisco Umbrella Rank: 2
79 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
197 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
80 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
11 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
js.adsrvr.org — Cisco Umbrella Rank: 1355
insight.adsrvr.org — Cisco Umbrella Rank: 557
14 KB
15 news.com.au
tags.news.com.au — Cisco Umbrella Rank: 96464
mhr.talk.news.com.au — Cisco Umbrella Rank: 783100
ncg.tags.news.com.au — Cisco Umbrella Rank: 189920
289 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
secure.adnxs.com — Cisco Umbrella Rank: 478
29 KB
12 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
newscorpau.demdex.net — Cisco Umbrella Rank: 139228
14 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
4 KB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
2 KB
8 eu-4-id5-sync.com
c0.eu-4-id5-sync.com — Cisco Umbrella Rank: 14551
c1.eu-4-id5-sync.com — Cisco Umbrella Rank: 14437
c2.eu-4-id5-sync.com — Cisco Umbrella Rank: 14516
c3.eu-4-id5-sync.com — Cisco Umbrella Rank: 14394
c4.eu-4-id5-sync.com — Cisco Umbrella Rank: 14454
c5.eu-4-id5-sync.com — Cisco Umbrella Rank: 14419
c6.eu-4-id5-sync.com — Cisco Umbrella Rank: 14463
c7.eu-4-id5-sync.com — Cisco Umbrella Rank: 14494
2 KB
8 eu-3-id5-sync.com
c0.eu-3-id5-sync.com — Cisco Umbrella Rank: 14378
c1.eu-3-id5-sync.com — Cisco Umbrella Rank: 14300
c2.eu-3-id5-sync.com — Cisco Umbrella Rank: 14269
c3.eu-3-id5-sync.com — Cisco Umbrella Rank: 14327
c4.eu-3-id5-sync.com — Cisco Umbrella Rank: 14309
c5.eu-3-id5-sync.com — Cisco Umbrella Rank: 14396
c6.eu-3-id5-sync.com — Cisco Umbrella Rank: 14279
c7.eu-3-id5-sync.com — Cisco Umbrella Rank: 14281
2 KB
8 gstatic.com
www.gstatic.com
160 KB
8 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 983
idsync.rlcdn.com — Cisco Umbrella Rank: 408
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4249
2 KB
8 foxsports.com.au
statsapi.foxsports.com.au — Cisco Umbrella Rank: 644384
12 KB
7 newscgp.com
au.tags.newscgp.com — Cisco Umbrella Rank: 147314
au.pixel.newscgp.com — Cisco Umbrella Rank: 155555
au.audience.newscgp.com — Cisco Umbrella Rank: 134967
50 KB
7 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1001
31 KB
6 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
px.moatads.com — Cisco Umbrella Rank: 594
109 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
383 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3350
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7223
bvc1ogexrchmfxmh67mwfxmw2prqo1702008747.nuid.imrworldwide.com
68 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
70 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
v.clarity.ms — Cisco Umbrella Rank: 7267
22 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 59012
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6692
24 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 617
146 KB
5 serving-sys.com
secure-ds.serving-sys.com — Cisco Umbrella Rank: 2632
bs.serving-sys.com — Cisco Umbrella Rank: 1487
lm.serving-sys.com — Cisco Umbrella Rank: 2628
27 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
2 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 715
2 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 774
cdn3.optimizely.com — Cisco Umbrella Rank: 4821
a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 177490
logx.optimizely.com — Cisco Umbrella Rank: 1439
130 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
2 KB
3 google.com.au
www.google.com.au — Cisco Umbrella Rank: 29909
671 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 KB
3 privacymanager.io
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 2488
geo.privacymanager.io — Cisco Umbrella Rank: 2070
53 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
15 KB
3 bedsberry.com
bedsberry.com — Cisco Umbrella Rank: 237843
25 KB
2 dotomi.com
pubmatic-match.dotomi.com
742 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4999
662 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
2 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
878 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
61 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
854 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
521 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
491 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1751
beacon.krxd.net — Cisco Umbrella Rank: 699
528 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
146 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 745
21 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
ad.turn.com — Cisco Umbrella Rank: 773
920 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
581 B
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 18928
632 B
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 776
dis.criteo.com — Cisco Umbrella Rank: 550
563 B
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2199
3 KB
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2872
21 KB
2 zprk.io
pixel.zprk.io — Cisco Umbrella Rank: 18758
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
91 KB
2 newscorpaustralia.com
login.newscorpaustralia.com — Cisco Umbrella Rank: 123878
3 KB
2 vidora.com
assets.vidora.com — Cisco Umbrella Rank: 87860
6 KB
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2197
436 B
1 opera.com
t.adx.opera.com
552 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 28132
652 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
405 B
1 adobedc.net
edge.adobedc.net — Cisco Umbrella Rank: 3990
818 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
99 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 648
412 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
554 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
280 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
513 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1414
680 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
374 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
1 KB
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 638
502 B
1 scanscout.com
dt.scanscout.com — Cisco Umbrella Rank: 58360
183 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
396 B
1 t.co
t.co — Cisco Umbrella Rank: 589
377 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
659 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
19 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 omtrdc.net
newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 161995
271 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1387
637 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1455
201 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
1 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1266
8 KB
1 adoberesources.net
cdn1.adoberesources.net — Cisco Umbrella Rank: 9300
20 KB
1 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4226
970 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
24 KB
1 brightcove.net
players.brightcove.net — Cisco Umbrella Rank: 3040
250 KB
1 cloudfront.net
d2n6ofw4o746cn.cloudfront.net
28 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5979
9 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mathtag.com Failed
sync.mathtag.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
564 112
Domain Requested by
40 dt.adsafeprotected.com www.heraldsun.com.au
40 content.api.news www.heraldsun.com.au
25 resourcesssl.newscdn.com.au www.heraldsun.com.au
resourcesssl.newscdn.com.au
24 www.heraldsun.com.au 2 redirects www.heraldsun.com.au
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
15 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
www.heraldsun.com.au
www.googletagservices.com
14 pixel.rubiconproject.com 9 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
s.amazon-adsystem.com
14 cm.g.doubleclick.net 11 redirects www.heraldsun.com.au
s.amazon-adsystem.com
14 static.adsafeprotected.com resourcesssl.newscdn.com.au
www.heraldsun.com.au
pixel.adsafeprotected.com
13 massets.bonzai.co invoke.bonzai.co
massets.bonzai.co
www.heraldsun.com.au
13 pixel.adsafeprotected.com cdn.adsafeprotected.com
www.heraldsun.com.au
13 tags.news.com.au 1 redirects www.heraldsun.com.au
resourcesssl.newscdn.com.au
tags.tiqcdn.com
au.tags.newscgp.com
12 collector.bonzai.co www.heraldsun.com.au
12 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ssum-sec.casalemedia.com
ads.pubmatic.com
11 dsum-sec.casalemedia.com 1 redirects www.heraldsun.com.au
ssum-sec.casalemedia.com
js.adsrvr.org
11 dpm.demdex.net tags.news.com.au
www.heraldsun.com.au
ssum-sec.casalemedia.com
10 simage2.pubmatic.com 1 redirects js.adsrvr.org
ads.pubmatic.com
www.heraldsun.com.au
9 match.adsrvr.org 7 redirects js.adsrvr.org
s.amazon-adsystem.com
9 ib.adnxs.com 4 redirects tags.news.com.au
www.heraldsun.com.au
acdn.adnxs.com
8 sync-tm.everesttech.net 7 redirects ads.pubmatic.com
8 www.gstatic.com news.google.com
www.gstatic.com
8 statsapi.foxsports.com.au resourcesssl.newscdn.com.au
7 image2.pubmatic.com www.heraldsun.com.au
ads.pubmatic.com
7 www.google.com www.heraldsun.com.au
securepubads.g.doubleclick.net
7 token.rubiconproject.com 5 redirects www.heraldsun.com.au
eus.rubiconproject.com
7 news.google.com subscriptions.heraldsun.com.au
news.google.com
www.heraldsun.com.au
www.gstatic.com
7 tags.tiqcdn.com www.heraldsun.com.au
tags.tiqcdn.com
6 dcollector.bonzai.co www.heraldsun.com.au
6 www.googletagservices.com securepubads.g.doubleclick.net
6 idsync.rlcdn.com 4 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
6 play.google.com www.gstatic.com
5 px.moatads.com www.heraldsun.com.au
5 ups.analytics.yahoo.com 5 redirects
5 analytics.tiktok.com tags.tiqcdn.com
analytics.tiktok.com
4 pixel.tapad.com 2 redirects s.amazon-adsystem.com
ads.pubmatic.com
4 x.bidswitch.net 2 redirects js.adsrvr.org
ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
tags.news.com.au
4 ct.pinterest.com s.pinimg.com
www.heraldsun.com.au
4 8228261.fls.doubleclick.net 2 redirects www.heraldsun.com.au
4 js.adsrvr.org secure-ds.serving-sys.com
insight.adsrvr.org
4 fastlane.rubiconproject.com tags.news.com.au
4 id5-sync.com tags.news.com.au
cdn.id5-sync.com
4 au.pixel.newscgp.com au.tags.newscgp.com
4 au-script.dotmetrics.net tags.news.com.au
www.heraldsun.com.au
au-script.dotmetrics.net
3 c1.adform.net 2 redirects ads.pubmatic.com
3 simage4.pubmatic.com ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 www.google.com.au www.heraldsun.com.au
3 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
tags.news.com.au
3 ssum-sec.casalemedia.com s.amazon-adsystem.com
js-sec.indexww.com
ssum-sec.casalemedia.com
3 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
3 secure.adnxs.com 1 redirects www.heraldsun.com.au
3 insight.adsrvr.org 1 redirects js.adsrvr.org
3 v.clarity.ms www.clarity.ms
3 www.facebook.com www.heraldsun.com.au
3 pagead2.googlesyndication.com ad.doubleclick.net
www.googletagservices.com
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 c.amazon-adsystem.com tags.tiqcdn.com
c.amazon-adsystem.com
3 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.heraldsun.com.au
3 bedsberry.com www.heraldsun.com.au
bedsberry.com
2 pubmatic-match.dotomi.com 2 redirects
2 ipac.ctnsnet.com 1 redirects ads.pubmatic.com
2 prebid-a.rubiconproject.com tags.news.com.au
2 pippio.com 2 redirects
2 cms.quantserve.com 2 redirects
2 pool.admedo.com 2 redirects
2 au.audience.newscgp.com tags.tiqcdn.com
au.tags.newscgp.com
2 static.criteo.net tags.news.com.au
static.criteo.net
2 um.simpli.fi 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 ce.lijit.com 1 redirects s.amazon-adsystem.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 match.prod.bidr.io 2 redirects
2 us-u.openx.net 1 redirects www.heraldsun.com.au
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 adservice.google.com 8228261.fls.doubleclick.net
2 ps.eyeota.net 2 redirects
2 lm.serving-sys.com secure-ds.serving-sys.com
2 ssum.casalemedia.com 2 redirects
2 acdn.adnxs.com www.heraldsun.com.au
tags.news.com.au
2 www.googletagmanager.com secure-ds.serving-sys.com
2 s.pinimg.com www.heraldsun.com.au
s.pinimg.com
2 lb.eu-1-id5-sync.com tags.news.com.au
cdn.id5-sync.com
2 ads.playground.xyz tags.news.com.au
www.heraldsun.com.au
2 secure-sdk.imrworldwide.com www.heraldsun.com.au
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 geo.privacymanager.io ats-wrapper.privacymanager.io
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 cdn.brandmetrics.com tags.tiqcdn.com
cdn.brandmetrics.com
2 cdn.id5-sync.com tags.tiqcdn.com
securepubads.g.doubleclick.net
2 pixel.zprk.io tags.tiqcdn.com
www.heraldsun.com.au
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 login.newscorpaustralia.com www.heraldsun.com.au
login.newscorpaustralia.com
2 assets.vidora.com resourcesssl.newscdn.com.au
assets.vidora.com
1 gocm.c.appier.net 1 redirects
1 t.adx.opera.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 js-sec.indexww.com tags.news.com.au
1 image4.pubmatic.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 check.analytics.rlcdn.com tags.news.com.au
1 z.moatads.com massets.bonzai.co
1 invoke.bonzai.co www.heraldsun.com.au
1 edge.adobedc.net cdn1.adoberesources.net
1 sync.1rx.io www.heraldsun.com.au
1 trc.taboola.com www.heraldsun.com.au
1 ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 match.sharethrough.com s.amazon-adsystem.com
1 prebid.a-mo.net s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 sync.adotmob.com 1 redirects
1 trace.mediago.io 1 redirects
1 p.rfihub.com 1 redirects
1 c7.eu-4-id5-sync.com cdn.id5-sync.com
1 c6.eu-4-id5-sync.com cdn.id5-sync.com
1 c5.eu-4-id5-sync.com cdn.id5-sync.com
1 c4.eu-4-id5-sync.com cdn.id5-sync.com
1 c3.eu-4-id5-sync.com cdn.id5-sync.com
1 c2.eu-4-id5-sync.com cdn.id5-sync.com
1 c1.eu-4-id5-sync.com cdn.id5-sync.com
1 c0.eu-4-id5-sync.com cdn.id5-sync.com
1 c7.eu-3-id5-sync.com cdn.id5-sync.com
1 c6.eu-3-id5-sync.com cdn.id5-sync.com
1 c5.eu-3-id5-sync.com cdn.id5-sync.com
1 c4.eu-3-id5-sync.com cdn.id5-sync.com
1 c3.eu-3-id5-sync.com cdn.id5-sync.com
1 c2.eu-3-id5-sync.com cdn.id5-sync.com
1 c1.eu-3-id5-sync.com cdn.id5-sync.com
1 c0.eu-3-id5-sync.com cdn.id5-sync.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net www.heraldsun.com.au
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com www.heraldsun.com.au
1 logx.optimizely.com cdn.optimizely.com
1 analytics.twitter.com www.heraldsun.com.au
1 t.co www.heraldsun.com.au
1 image5.pubmatic.com www.heraldsun.com.au
1 hb.yahoo.net www.heraldsun.com.au
1 www.googleadservices.com secure-ds.serving-sys.com
1 static.ads-twitter.com www.heraldsun.com.au
1 metrics.heraldsun.com.au tags.news.com.au
1 d.turn.com 1 redirects
1 htlb.casalemedia.com tags.news.com.au
1 hbopenbid.pubmatic.com tags.news.com.au
1 bidder.criteo.com tags.news.com.au
1 bvc1ogexrchmfxmh67mwfxmw2prqo1702008747.nuid.imrworldwide.com www.heraldsun.com.au
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 cm.everesttech.net 1 redirects
1 newscorpau.sc.omtrdc.net tags.news.com.au
1 newscorpau.demdex.net tags.news.com.au
1 alb.reddit.com www.heraldsun.com.au
1 a20352597942.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 rm-script.dotmetrics.net www.heraldsun.com.au
1 ping.chartbeat.net www.heraldsun.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 api.rlcdn.com tags.news.com.au
1 cdn.jsdelivr.net tags.news.com.au
1 ncg.tags.news.com.au au.tags.newscgp.com
1 cdn.adsafeprotected.com tags.news.com.au
1 www.redditstatic.com tags.tiqcdn.com
1 ats-wrapper.privacymanager.io tags.tiqcdn.com
1 cdn1.adoberesources.net tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 ad.doubleclick.net tags.tiqcdn.com
1 cdn.optimizely.com tags.tiqcdn.com
1 subscriptions.heraldsun.com.au www.heraldsun.com.au
1 players.brightcove.net resourcesssl.newscdn.com.au
1 mhr.talk.news.com.au www.heraldsun.com.au
1 d2n6ofw4o746cn.cloudfront.net www.heraldsun.com.au
1 cdn.speedcurve.com www.heraldsun.com.au
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
0 sync.search.spotxchange.com Failed www.heraldsun.com.au
564 194
Subject Issuer Validity Valid
news.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-25		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
bedsberry.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
statsapi.foxsports.com.au
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-08 -
2024-05-10		 a year crt.sh
players.brightcove.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-30 -
2024-05-30		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.vidora.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-09		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-16 -
2023-12-15		 3 months crt.sh
au.tags.newscgp.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-23		 a year crt.sh
*.zprk.io
Amazon RSA 2048 M03		 2023-09-19 -
2024-10-17		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
secure-ds.serving-sys.com
R3		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
www.newsconnect.com.au
Amazon RSA 2048 M02		 2023-03-10 -
2024-04-07		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bs.serving-sys.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M01		 2023-04-12 -
2024-05-10		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
metrics.heraldsun.com.au
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-19 -
2024-07-19		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-19		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
lm.serving-sys.com
Amazon RSA 2048 M01		 2023-02-14 -
2024-02-15		 a year crt.sh
*.tremorvideodsp.com
Go Daddy Secure Certificate Authority - G2		 2022-12-03 -
2024-01-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.eu-3-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.eu-4-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2023-07-18 -
2024-06-28		 a year crt.sh
edge.adobedc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-21 -
2024-11-20		 a year crt.sh
bonzai.co
Amazon RSA 2048 M02		 2023-10-03 -
2024-10-31		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.bonzai.co
Amazon RSA 2048 M03		 2023-11-26 -
2024-12-24		 a year crt.sh
au.audience.newscgp.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-26		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
analytics.rlcdn.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-24		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh

This page contains 70 frames:

Primary Page: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Frame ID: D6067009BF2C946DA0FBED3A8D6E32AD
Requests: 306 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ZT7EheVqVf9L3wv2dl9HVkTKqvtMM--4&nonce=tE3rAw6spvQkHkJEyHsH1Zj03g9goKn-&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMy4yIn0%3D
Frame ID: 4851CB00A5E3597CEE5F384C4B30C399
Requests: 5 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: AA7FC058BB93C8C818F4811410F1EC38
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1702008746902&publicationId=heraldsun.com.au
Frame ID: F4F9BBACB9B5A8E967817C78F8ED59FF
Requests: 14 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: EDB8BAA0875C636E2A8AA1920452E912
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: D25B1B980CBC9759F203528C5B5FD3F5
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 583CD40EB12382AAED066826D5534AD8
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Frame ID: 580F269F8ACEF8951D2FD669C1C8ECAD
Requests: 1 HTTP requests in this frame

Frame: https://s.pinimg.com/ct/core.js
Frame ID: 6699BAF2D570D1671E259255904DB257
Requests: 5 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: A8C30A2AFE34842D5BAE713770A3352C
Requests: 1 HTTP requests in this frame

Frame: https://static.ads-twitter.com/uwt.js
Frame ID: 3587CB7546E18601A6DC89DD7EE2B3A7
Requests: 3 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Frame ID: 18C947AFCDFF4DAAD35862F052EA99B3
Requests: 4 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: F926F3C358C046C42B4C43C0B19B41F2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: A681C1ACAB395FFADD1FE81B17E71ED2
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179
Frame ID: 7A577F73EA4844E788F9C1417F825918
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575
Frame ID: D15A0217E52EC3F6FD0708C94A1757FA
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Frame ID: A83A7A652575D63498BB7C479991B8C5
Requests: 4 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/conversion.js
Frame ID: B533459B0A7E80C8841A530FCB0A56B8
Requests: 4 HTTP requests in this frame

Frame: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zay5jand4RTJ1RVBNcnNWQzJHWTNHbGhzbmpuc2NiSH5B&gdpr=0&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&dpid=55953
Frame ID: 822902FA7960C3082B6C279D4F5F2A17
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FC00D96F992188CDA8F6ADD293EFFB39
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 747AB5207E11F6FFD42457BDFD7B7C60
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 39073E2B3761BC118F14CE422CA6683C
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 755A6AA2D0786BB55A54523E110A2CEF
Requests: 17 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: BF2A34F510FF727B2008EC693168194D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Frame ID: 874806BE273F73499E1C65F5EDF3902E
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Frame ID: 4A6E3F2D24959EF3F0C5ECAF3EEFAACD
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867fb702585&google_gid=CAESEBD5mdMQVP3zeJb9ETW9dvo&google_cver=1
Frame ID: D716E53A2320D9140098F4F649348AF2
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cbbf1e09-ad59-469f-a877-8867fb702585&expiration=1704600749&gdpr=0&gdpr_consent=
Frame ID: 4A801BA0B78E544229FFAC24D80E512F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
Frame ID: 65B9566A3984EE15B837E6EC4E0D99D6
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cbbf1e09-ad59-469f-a877-8867fb702585&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Frame ID: 000952C7973C214093D4318CC2C66D40
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 1916F316CFE409AE7B9B60CE3A543001
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID65582A45-3A0D-47AA-84B0-0E63A3261A05
Frame ID: D3D91CFD33F50D95F78BFA8F6A8BC97F
Requests: 1 HTTP requests in this frame

Frame: https://ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9EDC0F0188C6088AA6B09E75020BC6DD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst34TnaBJUK0ZuFrOsi_vo1bId5DQ1dwkf76LB3x7sY6Oe3V_APdSYp-EH7FfP5Iql-lpkAOYE5lIum_gHzPGJttqG1I6rUqB2c-KRhxloBxGhTtvO4NurY1VcTJoPxot0GkGfbREoAhi7FcF65ykg9JTP78Y6Eshz7sQPA-To_urfkhFXLIkKd-CZ-YrPHHGw1XhZo6cs14I7LIX6tjOqmhvFGDnVvz9GFJw1cft4WxzbfbMNpE_u4xQqfpQyDzxcRGAM2dYE5WCK8AksfN0H7OVsMYwGiMOI5Wo7_UNGDiLlT3zp39hBioCvRIyZuTOb8AFCauAPxgQ&sai=AMfl-YSEQMvB_EF3fGKu56bzjaU6FtneVAmSRdAWxGh7MGdMfrpR41V3cKNre4dxq8aoCuLl_D_hH-fVX_kycp0o5DlAxsUCqIbYB1eDLRjvoqi-n5esgALUu-qYC2xkcOLuciAGE4SbREpE&sig=Cg0ArKJSzGGbm5pf65SMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D53B2EDC2CB8B25265D9C0A5640983B2
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYYXc5MBykFS0EROjhPvIwnZqt3NW5YZme6ZCjotvD5c9vQEkyLaskDUMynV3pHqvErT4MurbnAk8sq-VhEOK7uuYPcNaq6shjrXCtPFWyK_6yc9PcAQTIoSNG4_nHmcp3efi6g-ft6ZSDV6sJEMSOEv8z4QSq9Khkc2fzpI0Arjdg33_Gy9XJsyUj9icY1RdsxIyZu8pnYESkjKZFXMAIghT4jxKzqFiv8G0pbfwNBOCIMozuc-cSqc5pHMDnQn6Rvibat6lL6aZaT8Wg--cByYotKVaK0lh8CZaLnhB5_HVguYU72J7i_20q_pW2TdfresmYC8p-OQ&sai=AMfl-YTVFmp6KWylzccQpx-O4WiK2yL25Ip0N0BbG-sNGxoZdjuP8pPkgq4c6Ey3MM_FsqxiHlx2sBk97-QUNuoH5vgBB6lzSD--Ip1ubpzw4xtAbyLmn49c0kSuWM0tNjy0nMTevcVoENwc&sig=Cg0ArKJSzM1SYweEfhiOEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7EB4E68C9B45155D3E1101268973AAEF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmjHpl1LwhAYEsvKHWI7fsFO2zrYimV80u_RxlIhA80KRgOaqgmiF7JSupfRI0VNjMaakfCwFsXsviGQUO0ppctXKV3X1IhHZhzX7yi235o2TwYhvgmN5gMA-PXAZIWiLJczm2_i5OgYJsQWnKAVvY6JCjSzHRPgukVSzUa-ol0hzi5VKZ-omEAs2ddh_PwHQAKX7DWmX8YgZNs2JYX91u_zAlWuIXpFvWTiTSVGcBzO30BpX18ko55waE_rWpTTC1v5BLQbdHmkICVtN2aUvPS07tkagNEVUNPLp5DipnWzq4T55qlWz1VxuhkRDrjelHCM6B6JJNdt65QU8-CZgR6eenXvDAbOlt-A&sai=AMfl-YTmvvYYbXXQdoPYCyhaXmQu_aDACBkepdCUKS-PNIZ8ilfMEQCAt8vDz5RLbYpQApMtfnHGz5TAbCIYIJGPIigi48MU30ZhO3nszP3ZQMK7WlO3jaJH0tbAP3TufWfT2hbvQi-ekfgG&sig=Cg0ArKJSzIQ-sncej4igEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 7C6B213FC0B576D85B98BEC8C2028FFC
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbnH17DYcMgvw7RbCXhC2jHYX2q5WqBZVkcoYGpwLqzKhOKBfgt68NEKZj_0cVqs_liztf1q28RIwjvrVQoDVX98OZc5d0dVr6Zk3Tf4VO87MKFWwzwZbPB0mSWZcAgR_7u8Qj0iwjYSD8G4MvR1i_9uOGuHbB2ZiDnX4C_eKHZsQzvvZCDAoFeRcVuhXsifeosyyncq8gAEnIzdI2t9DdVVpOxOhCjmP7Anb33j6u8DS64-Y1zq1eNUdpjX1bpvGGj2FuIBFh6E_oexrAXyKTrRS5RORmcak_qUfktcuzXdELXQJl2J45824svhAPtPQmxQW8ChmWXw&sai=AMfl-YTI3C7axZ6VjhYihWEfrf61MrQ2rfHxLrJVtZQMcifTXjLpU47Yxbe4Ite1U3mzS6NhJnH113NvR8vSlbfyjsnGi56DCpB_yYOdbKKmFTH5Ip-X1XSSm36Hp7KxxMMO1_dspqHsVnGh&sig=Cg0ArKJSzDffc1bP3nOCEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 50205560E423B3134EA2F9059B8CB3F1
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM7dhEH5DxD_dsScrAK7sJK7zmuCwveNjNAeSXj6iAZGgFXIsuCka2clUtBL7CQi7gBCCIkQOnvnPkFf1PfUWO0LGJKgIwH39LfP7fpQfdfc82eJgYtsy08yPFKBX6bvQBHvh9HACcPospTqFSEApODD_YPuTP3H5HlNlC-V_TGCYeNErcuDAbvk6DxZmEQt9CICpZXE58OpTOdocqmkkuYtsU8sTpS9Z1z60O9zUGulUv2WhWNK6mznWCTRPRQX0EdFMNbGDCOgRR7Gi4CVoQ_pOo4GqEKOernGTzz_mj9OJAxFAScBfndUirX14C2PJ1jURo8hUc1sIEPbDH9JvCHqlK_Y3zj-0pSw&sai=AMfl-YRvSe944tZ2i6KhV9wT2JwCCt5OiY64MOwnef3jaGw48xfKq3YDF6z4WT1AjtfBL-5TpOxBzU6Hp4gbWkEoz-zTluYHL6-vYnKb5WpcWW1yGaZXxASyREUeNsFAxiUQMz_4owBs_WkY&sig=Cg0ArKJSzFbJOGOTFqNfEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 720779FD5A59189D775EC5FAE323C1B2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6H2Nb0GssbXrhZ14PiIdFIGY3_HYil23hY1YR0HxFoF40psKJ-UerzrxJag3fShI4aKMBUUYu9sYPyWKVsDemNc1pxO05iMKJl4iULT43lHbMPL5MrVdmJcMM02u5bFKH0LhLewX-ihx81FqrqGq1spw_8sQYgdMEjkI4HDdn9v76UnWqwilfEKQub7T7-XrbkBs7xslA-jQFeRmLbZHPzY6YE_fGx6leEYYTVFf-PW90IA9lQFHbprslgnyfQ0eOAMDnyj75ZHcgOSk614yDrtmYrFIlKwb71s451ViZMCo4EcO7ZdRQzuC72HwCwm_wkRtw7nrd2EBqVK7nPlnqVbmnzmK1uQI1og&sai=AMfl-YSCkZEP3q2YDgnUfE9fEZWJyJIQqYllWx69LAbbKvmt0rxMpOSUPHrpftlH0mlmutkCZWXMgmKIPFHk3dTRURtfT6JziJ61kcf6nKk2dR87x717GXE4-QB2ZsnKNeZIHWRsUVTJRL_w&sig=Cg0ArKJSzIiH8b5U9XFrEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 43F283CB08F831BA91A94D806BE37587
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084895&pubOrder=3263880218&cb=2134353111&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957ba-957f-11ee-9494-025fa74f1723
Frame ID: CB87AD92F21E17F45D60E6D1BB65BFC8
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084910&pubOrder=3263880218&cb=1007091598&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bb-957f-11ee-9494-025fa74f1723
Frame ID: 5369119AE92D6E42D26D7A760D08CC7F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452144141&pubOrder=3263880218&cb=160836748&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bd-957f-11ee-9494-025fa74f1723
Frame ID: 6C404E35CAF9E40B3EA36D3DF07AD05E
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138436782532&pubOrder=2553375348&cb=837571303&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bc-957f-11ee-9494-025fa74f1723
Frame ID: 07C732B9C13AC4F0705622B7B3523132
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=462992330&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957be-957f-11ee-9494-025fa74f1723
Frame ID: C3211A3D42997CCB8F7CC7DC16F8868F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138455556485&pubOrder=3004275014&cb=315655829&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bf-957f-11ee-9494-025fa74f1723
Frame ID: 31412E10C4C0385B66D3E240412076DB
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 328014FF5C01957F7E6E5686B851A823
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2727BB30A54093064971DA89D90434CD
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D52040FD9A895900BB77320E61A99661
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1D10758E98CD922641897FA29D1997B0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4AC2FB77CFF629FE5AA8B33EBE4B47F5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0061D7C599DCA69D157354CBEA71A63B
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
Frame ID: 58DBC7ABB6D6CE5970C2EE09506EE6C1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=193117286844294976&gdpr=0&gdpr_consent=
Frame ID: AB84BF03C550F9E861C839929DBC808C
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da19df99-c746-4cb7-aeda-345d866d2e28&user_group=1&ssp=pubmatic&bsw_param=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
Frame ID: 49D808672360562EFEE5288B46022E50
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1
Frame ID: 0648EAD13DEEA5A6DFA1B8F4071EDE2A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: E9F2C22B191336B31FB98DA05B0068AB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID65582A45-3A0D-47AA-84B0-0E63A3261A05
Frame ID: E6C0CA839DD5FDAEFBB6A350DF6B9E48
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 55682709855A7E88A8895CBFA7D3566D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9B3545CC74B52700FAB278003FE6080F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EDE47D9347E67ABD23FD56BBD4E3F44B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Frame ID: 8DA9B112BDEB57A6054BCDF91EBCDF3D
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 533A8C971C4D72F5BD6E998A63182D3A
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12mludvcb0ms
Frame ID: FA3B1B888BA31F6476B4E21E88863984
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Frame ID: 67219E5726DB0652F2EBCD06681459D0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=28ccdd7289c2496b8e25af2a7c1511a4
Frame ID: B108D300BABAE0AF1FDACA68E46F289B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: ABDD41E6354ADC0819924E6768EE0E20
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EDA06FB5D1949F47B1EAC6FBF73BBCB0
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: B2EE733BA80537D437F7D166FFEAEDAA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe4e0ec38fb23401487f48191ca71f750
Frame ID: 74BA5ADC3AAD21E157C2123B0DD8571A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MAxSDMaAC7GKRC_etJdyZQ
Frame ID: 6C03777800792A63547496DA1B88A786
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herald Sun | Breaking News and Headlines from Melbourne and Victoria | Herald Sun

Page URL History Show full URLs

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&170... HTTP 302
    https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

564
Requests

88 %
HTTPS

0 %
IPv6

112
Domains

194
Subdomains

136
IPs

10
Countries

6176 kB
Transfer

16243 kB
Size

199
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heraldsun.com.au/ HTTP 301
    https://www.heraldsun.com.au/ HTTP 302
    https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1702008744997036783 HTTP 302
    https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 200
  • https://cm.everesttech.net/cm/dd?d_uuid=78538120634587733701909972485330738445 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXKXrAAAAGLnLwNW
Request Chain 206
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=193117286844294976
Request Chain 225
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7354377163891688330
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzg1MzgxMjA2MzQ1ODc3MzM3MDE5MDk5NzI0ODUzMzA3Mzg0NDU= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEL5hQnGVyTW3MQo0wMN28yA&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 239
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Request Chain 241
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbbf1e09-ad59-469f-a877-8867fb702585
Request Chain 251
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179
Request Chain 252
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575
Request Chain 255
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=cbbf1e09-ad59-469f-a877-8867fb702585&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=cbbf1e09-ad59-469f-a877-8867fb702585&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zay5jand4RTJ1RVBNcnNWQzJHWTNHbGhzbmpuc2NiSH5B&gdpr=0&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&dpid=55953
Request Chain 264
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933
Request Chain 273
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=78538120634587733701909972485330738445&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=78538120634587733701909972485330738445&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 277
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=78538120634587733701909972485330738445 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78538120634587733701909972485330738445
Request Chain 279
  • https://tags.bluekai.com/site/43981?id=78538120634587733701909972485330738445&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 283
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlhLWHJBQUFBR0xuTHdOVw==
Request Chain 285
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZXKXrAAAAGLnLwNW&expires=90
Request Chain 314
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXKXrAAAAGLnLwNW
Request Chain 315
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXKXrGl3-xG4ncnm-E05TAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0ghvhYW-2V0lZVx3Tr-0w&google_cver=1
Request Chain 316
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f67a01ad7a674ec8a11e19b3ece7cc3f HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f67a01ad-7a67-4ec8-a11e-19b3ece7cc3f HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7ba02424-7b97-4043-88a0-8ae993ca99c0%3A1702008750.804227&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7ba02424-7b97-4043-88a0-8ae993ca99c0%253A1702008750.804227%26_%3D1702008750.806077&cb=1702008750.8061495 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1973209970894566899&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ba02424-7b97-4043-88a0-8ae993ca99c0%253A1702008750.804227%26_%3D1702008750.806077 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7ba02424-7b97-4043-88a0-8ae993ca99c0%3A1702008750.804227&_=1702008750.806077 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY3YmEwMjQyNC03Yjk3LTQwNDMtODhhMC04YWU5OTNjYTk5YzA6MTcwMjAwODc1MC44MDQyMjcQABoNCLCvyqsGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGrRuOL4MM8D7xwvNaq87kM&google_cver=1
Request Chain 318
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=&expires=30
Request Chain 319
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7f539768321p49n00lpw42c4r
Request Chain 320
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 321
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZXKXrGl3-xG4ncnm-E05TAAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZXKXrGl3-xG4ncnm-E05TAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091440050031
Request Chain 322
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
Request Chain 328
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZXKXrAAAAGLnLwNW
Request Chain 330
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=Y2JiZjFlMDktYWQ1OS00NjlmLWE4NzctODg2N2ZiNzAyNTg1&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867fb702585 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867fb702585&google_gid=CAESEBD5mdMQVP3zeJb9ETW9dvo&google_cver=1
Request Chain 332
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
Request Chain 334
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXKXrAAAAGLnLwNW HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZXKXrAAAAGLnLwNW
Request Chain 335
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPW42BV9-N-GKBA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPW42BV9-N-GKBA&ex=d-rubiconproject.com&status=ok
Request Chain 336
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZXKXrAAAAGLnLwNW
Request Chain 337
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBXNDJCVDAtRi03QVlW HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK-Tv49HHHPrDNzSwNEEZmk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNDJCVDAtRi03QVlW&google_push=
Request Chain 338
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTBkZDczNjQ3M2FlMjUyNmZkMTE2NDIxMTY2NjQ2OGVjYWYzY2M5ZA
Request Chain 339
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW42BT0-F-7AYV
Request Chain 341
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v6ACFsJA8oJNBwdC0q-FVg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n5KbNaRE2oKR4t1zHx_FIjeH3sG61ZMcGh0Osg--~A
Request Chain 343
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7yoP9c5QS66cNazIEbKM7A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7yoP9c5QS66cNazIEbKM7A
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJIlz1gTdNj7dZ1zdXgF6kg&google_cver=1
Request Chain 345
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPW42BT0-F-7AYV&ex=d-rubiconproject.com&status=ok
Request Chain 346
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEBt07K5S8AABQTGZH72g&expires=30
Request Chain 347
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPW42BT0-F-7AYV
Request Chain 348
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPW42BT0-F-7AYV
Request Chain 349
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPW42BT0-F-7AYV&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPW42BT0-F-7AYV&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 350
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW42BT0-F-7AYV
Request Chain 351
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPW42BT0-F-7AYV HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LPW42BT0-F-7AYV&dnr=1
Request Chain 352
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPW42BT0-F-7AYV HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW42BT0-F-7AYV HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW42BT0-F-7AYV&ckls=true&ci=oNPjudz1Jk&nc=false&trid=1658724744
Request Chain 354
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZXKXrAAAAGLnLwNW&img=1
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZVgqRToNR6qEsA5joyYaBQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 358
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=65582A45-3A0D-47AA-84B0-0E63A3261A05 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=65582A45-3A0D-47AA-84B0-0E63A3261A05 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=63f385a4-b33d-4255-9747-3fa3b9f6605c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cbbf1e09-ad59-469f-a877-8867fb702585&ttd_puid=63f385a4-b33d-4255-9747-3fa3b9f6605c%2C%2C
Request Chain 359
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=&ct=y
Request Chain 360
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=65582A45-3A0D-47AA-84B0-0E63A3261A05&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=65582A45-3A0D-47AA-84B0-0E63A3261A05&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjU1ODJBNDUtM0EwRC00N0FBLTg0QjAtMEU2M0EzMjYxQTA1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDih-A6nVDZ_B14V3iSeW5s&google_cver=1
Request Chain 363
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C6370914026403A8B3F3E4BFA42C4FA
Request Chain 365
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
Request Chain 366
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZXKXrAAAAGLnLwNW&t=2592000&o=0
Request Chain 503
  • https://c1.adform.net/serving/cookie/match?party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
Request Chain 504
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=193117286844294976&gdpr=0&gdpr_consent=
Request Chain 505
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87ec1e42-82e2-4c28-8e3b-edda992f5e8e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87ec1e42-82e2-4c28-8e3b-edda992f5e8e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da19df99-c746-4cb7-aeda-345d866d2e28&user_group=1&ssp=pubmatic&bsw_param=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
Request Chain 506
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1
Request Chain 509
  • https://idsync.rlcdn.com/420486.gif?partner_uid=65582A45-3A0D-47AA-84B0-0E63A3261A05 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY1NTgyQTQ1LTNBMEQtNDdBQS04NEIwLTBFNjNBMzI2MUEwNRAAGg0IsK_KqwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b0858e80669943de200b5fc92acff152fc6db9d478d4d817ac3d4c54124b1832791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiMDg1OGU4MDY2OTk0M2RlMjAwYjVmYzkyYWNmZjE1MmZjNmRiOWQ0NzhkNGQ4MTdhYzNkNGM1NDEyNGIxODMyNzkxNDI2YjU0MTdkY2UyMRAAGgwIsK_KqwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiMDg1OGU4MDY2OTk0M2RlMjAwYjVmYzkyYWNmZjE1MmZjNmRiOWQ0NzhkNGQ4MTdhYzNkNGM1NDEyNGIxODMyNzkxNDI2YjU0MTdkY2UyMRAAGgwIsK_KqwYSBAgCEABCAEoA&google_gid=CAESEP-Nd85drL9Ow3WDWWCCXhs&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=89a95977-4cd1-4a79-a302-2748bb3dff66
Request Chain 510
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7354377163891688330&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 511
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=65582A45-3A0D-47AA-84B0-0E63A3261A05&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5mUnubRE2uX_L4hV8c_hottqPApTWKY-~A&gdpr=0
Request Chain 521
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=193117286844294976
Request Chain 536
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENdxgAwqQaIjWGOE-t0d7sI&google_cver=1
Request Chain 537
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=193117286844294976
Request Chain 539
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eVCK33ZS39xiVI2PeVKQjC4G399iAYnUfVTUWRda
Request Chain 542
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2C6370914026403A8B3F3E4BFA42C4FA
Request Chain 543
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717819952&external_user_id=48e2de66-b298-4088-8c1f-300e4cd735d6
Request Chain 553
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12mludvcb0ms
Request Chain 554
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Request Chain 555
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=28ccdd7289c2496b8e25af2a7c1511a4
Request Chain 559
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe4e0ec38fb23401487f48191ca71f750
Request Chain 560
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MAxSDMaAC7GKRC_etJdyZQ
Request Chain 561
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3706070511088630808
Request Chain 562
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=58ee4293b7ff2193&is_secure=true&networkId=17100&version=1&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVf0yiDrgN9VSqmAAAAAAA&expiration=1702095157&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&is_secure=true&gdpr_consent=&gdpr=0

564 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.heraldsun.com.au/
Redirect Chain
  • http://www.heraldsun.com.au/
  • https://www.heraldsun.com.au/
  • https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.heraldsun.com.au%2f&1702008744997036783
  • https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
453 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
9e14f5a438897d6b49669dd16313010b7a17fc75c3159039c25fe667d6010b21
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

blaizehappened
true
cache-control
max-age=0, no-cache
content-encoding
gzip
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 04:12:24 GMT
expires
Fri, 08 Dec 2023 04:12:24 GMT
host-header
a9130478a60e5f9135f765b23f26593b
pragma
no-cache
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 463233 0 pmb=mTOE,4
x-arrrg4
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2f%3fnk%3d12a4e09c9f085d898099a46ef33b007f-1702008744&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=12a4e09c9f085d898099a46ef33b007f
x-content-type-options
nosniff
x-elasticpress-query
true
x-pathqs
TRUE
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
syd3 123 242 443
x-xss-protection
1

Redirect headers

cache-control
max-age=0, no-cache
content-length
154
content-type
text/html
date
Fri, 08 Dec 2023 04:12:24 GMT
etag
"33ff9d0c67eb5d47fbc47cd4b02fa26c:1692680720.184261"
expires
Fri, 08 Dec 2023 04:12:24 GMT
location
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
mime-version
1.0
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
pragma
no-cache
server
AkamaiGHost
vary
Accept-Encoding
x-akamai-ssl-client-sid
NPx3jyBP3/haSZ+5lumbNw==
x-check-cacheable
NO
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 09 Mar 2023 05:34:59 GMT
server
AmazonS3
x-amz-request-id
4D1GJEGT1GCV0Y5Q
etag
"c4ced7adf03d84494a6c1da275896d38"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=250503
accept-ranges
bytes
content-length
11472
x-amz-id-2
wh9KebbyRj+d142y6tc21p5N8dWqVI/mnkEOS3Nwey+jIgd6KJX2pmQ6oREneLwnX6WcrkmhkgQ=
expires
Mon, 11 Dec 2023 01:47:27 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 09 Mar 2023 05:35:46 GMT
server
AmazonS3
x-amz-request-id
1Q5F0NCFGRNN1BTF
etag
"ad24be3fafec705de20c00e56afe05ae"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=81032
accept-ranges
bytes
content-length
12052
x-amz-id-2
SDXHYbYN+u6ZH+AlsWcwU4O5dD4wD/aXkAVnJrVgnSyXTd4JQWGAbvUhccov1qyNu4GImKo+LG4=
expires
Sat, 09 Dec 2023 02:42:56 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
ZB7KQVK683EPN30M
x-akamai-ew-subworker
8096267
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=131917
accept-ranges
bytes
content-length
12440
x-amz-id-2
/vWF6CGcXk+4N9ipWDB4ci+6GKh4zBrlT3v0Uwl/C86O9FSVcn2n5cKq0Q33KsiyBifQgizqO3g=
expires
Sat, 09 Dec 2023 16:51:01 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
M99ZEG7VYDYA9DTH
x-akamai-ew-subworker
8096267
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=111358
accept-ranges
bytes
content-length
11372
x-amz-id-2
IWqxVjsxztQtBW9c7VbUvyzlerCJF8SG+MjKVrINejhMb+W/en/xjCvcoquh4+s0Hw3Lxta3ntc=
expires
Sat, 09 Dec 2023 11:08:22 GMT
lux.js
cdn.speedcurve.com/js/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=338391603
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
72045c6b93aeb78e8fe8ac11d57b8a921c22ec2bcc9b0e0e3965a436e56e0d22

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 15 Dec 2023 03:51:25 GMT
date
Fri, 08 Dec 2023 04:12:24 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
1259
x-cache
HIT
content-length
8050
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1702007485&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=u6Qr1sxkdSdBSGxk42JwRUsTUqd%2F%2BENhYbGxwOr9EV4%3D
x-served-by
cache-bne12522-BNE
last-modified
Fri, 08 Dec 2023 03:51:25 GMT
server
Apache
x-timer
S1702008745.550875,VS0,VE0
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702007485&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=u6Qr1sxkdSdBSGxk42JwRUsTUqd%2F%2BENhYbGxwOr9EV4%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1164
ipad-interface.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ipad-interface.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bea9bf7def21dd40b781823407a9a48764c5b7650a1cd228f262436c513f10e0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-e0d"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508352
content-length
1486
expires
Sat, 06 Jan 2024 04:58:16 GMT
js-critical-desktop.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
056168ca2c784368273fac448204be62038914fa7af89e209896b989407465ca
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-201f"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508414
content-length
3130
expires
Sat, 06 Jan 2024 04:59:18 GMT
css-metro-desktop-critical-homepage.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		190 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dd9f442f4b973f4fd7af161f3f15cfe056994732b722e0042f4eb68450bade82
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 06 Dec 2023 22:56:13 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6570fc0d-2f949"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2498868
content-length
26727
expires
Sat, 06 Jan 2024 02:20:12 GMT
93e6cf
www.heraldsun.com.au/akam/13/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/93e6cf
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b5adf0ba05505da041db8f0760d6fadec9474d71af49c37756465cd448e0a2c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
strict-transport-security
max-age=600 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-pathqs
TRUE
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
x-arrrg4
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
content-length
8767
pragma
no-cache
last-modified
Wed, 09 Feb 2022 15:11:57 GMT
blaizehappened
true
etag
"524218f90cf042bd2cf39f8ee65c30fbcab811ed4a569adf264f26ce02680d3c"
vary
User-Agent
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2f93e6cf&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=12a4e09c9f085d898099a46ef33b007f
expires
Fri, 08 Dec 2023 04:12:24 GMT
heraldsun.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		41 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/heraldsun.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
88368ae9b2482d286c5ed652a8b6c94f220d5a4a00cb502e19cd6bda85d39da1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 06 Oct 2023 07:06:24 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"651fb1f0-a5cc"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2481765
content-length
16468
expires
Fri, 05 Jan 2024 21:35:09 GMT
60a318320aaed2468e6718a6e4993645
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/60a318320aaed2468e6718a6e4993645?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e0745c6e6ebe70b8ee5aa409b62f745e39a7d6efbdb6dd862fdb66ac65155947

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 03:38:26 GMT
server
Akamai Image Manager
etag
bd09cc37d5d0a7a09ccecdb0e6a69543-60a318320aaed2468e6718a6e4993645-150
edge-cache-tag
60a318320aaed2468e6718a6e4993645
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181967
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4099
expires
Tue, 06 Feb 2024 03:38:31 GMT
ce16b94e733f9326a8ac4e5d69683145
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/ce16b94e733f9326a8ac4e5d69683145?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
402b69abb8c4ca07433838513d69e785781d47e6feb5f7f3686e59c6cbc39376

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
ce16b94e733f9326a8ac4e5d69683145
content-length
4286
last-modified
Fri, 08 Dec 2023 01:00:05 GMT
server
Akamai Image Manager
x-serial
2005
etag
3077b228a98d33dd1d1e169f93992b36-ce16b94e733f9326a8ac4e5d69683145-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5172387
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 00:58:51 GMT
a4800dc58ca3362245c64627aab9f696
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a4800dc58ca3362245c64627aab9f696?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
97e9b41230f3c246606f12807daab32475cd0ddb18490edf1c0b753c8327b6b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 01:31:45 GMT
server
Akamai Image Manager
etag
059ddff6ff9cbf3f7d5f59e78e80fa2d-a4800dc58ca3362245c64627aab9f696-150
edge-cache-tag
a4800dc58ca3362245c64627aab9f696
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5174433
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5183
expires
Tue, 06 Feb 2024 01:32:57 GMT
3837982a3e856dba31ecf7f8aaf018a9
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3837982a3e856dba31ecf7f8aaf018a9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e92d26b0897bf0e77a1ca33db7c3a729ca4fa391ea8159a00ded248fb48010b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 03:36:30 GMT
server
Akamai Image Manager
etag
6676ee9aeae36a6732dac70448f0b189-3837982a3e856dba31ecf7f8aaf018a9-150
edge-cache-tag
3837982a3e856dba31ecf7f8aaf018a9
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181897
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3999
expires
Tue, 06 Feb 2024 03:37:21 GMT
c0a68c26a3bc16b619176012880b904f
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/c0a68c26a3bc16b619176012880b904f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b4ee7d61f3020f864ad1d5e86908826f56aab9d74cfb0527ccd4740661150016

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
c0a68c26a3bc16b619176012880b904f
content-length
7770
last-modified
Fri, 08 Dec 2023 01:53:16 GMT
server
Akamai Image Manager
x-serial
1983
etag
c6d65a110a0a1d5619fc1927d4303fd4-c0a68c26a3bc16b619176012880b904f-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5175391
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 01:48:55 GMT
79884335bd6029493c0ca1b241400de5
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/79884335bd6029493c0ca1b241400de5?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
3ba0cff4abec93167174b3ccdd28115cc303e1db88d24b6d6e1c3eebee2d75c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 04:09:09 GMT
server
Akamai Image Server
etag
806351a9cc304708f6312d8aa67448da-79884335bd6029493c0ca1b241400de5-150
edge-cache-tag
79884335bd6029493c0ca1b241400de5
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, max-age=149
x-o
CF
x-akamai-note
original-image
access-control-allow-headers
x-newsapi-api-key
content-length
3808
expires
Fri, 08 Dec 2023 04:14:53 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 06 Dec 2023 22:56:13 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6570fc0d-2b9b"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2498862
content-length
1532
expires
Sat, 06 Jan 2024 02:20:06 GMT
app.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/app.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 06 Dec 2023 05:44:35 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65700a43-7b68"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2498979
content-length
6281
expires
Sat, 06 Jan 2024 02:22:03 GMT
theme.css
www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/plugins/newscorpau-plugins/liveblog/assets/theme.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 06 Dec 2023 05:44:35 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65700a43-c14"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2498877
content-length
960
expires
Sat, 06 Jan 2024 02:20:21 GMT
7023dacc6595017d08039740892feb06
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/7023dacc6595017d08039740892feb06?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e0b02764532818d98a44aba0ea1536f0445b38225d51f5933873279c1402c997

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
7023dacc6595017d08039740892feb06
content-length
5132
last-modified
Fri, 08 Dec 2023 02:27:23 GMT
server
Akamai Image Manager
x-serial
1453
etag
bbf0090e6adced32a4afe181783f2fdd-7023dacc6595017d08039740892feb06-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177638
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 02:26:22 GMT
0fd9eeb1ce6f751172a720940e83bc75
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/0fd9eeb1ce6f751172a720940e83bc75?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ac38e60e1064844576ce85030569c9e393c3c1c888acb6e10fe2ee7b62bcf090

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
0fd9eeb1ce6f751172a720940e83bc75
content-length
5099
last-modified
Fri, 08 Dec 2023 02:39:26 GMT
server
Akamai Image Manager
x-serial
1995
etag
8f081a1c79e4b7e842f258b2e847a3b8-0fd9eeb1ce6f751172a720940e83bc75-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5178135
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 02:34:39 GMT
9b63e774ec250115b843cb282ba3cd8b
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9b63e774ec250115b843cb282ba3cd8b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4f738bbc1d51e9c8db1623caf6122fb43f3e2f200030cadcdb8066dd456490a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 00:57:17 GMT
server
Akamai Image Manager
etag
9385b4b3e9a358d0ba2d05c08dd541e5-9b63e774ec250115b843cb282ba3cd8b-150
edge-cache-tag
9b63e774ec250115b843cb282ba3cd8b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5085867
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4652
expires
Mon, 05 Feb 2024 00:56:51 GMT
3b11b0a3ab563742c80fb957ce2e4960
content.api.news/v3/images/bin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/3b11b0a3ab563742c80fb957ce2e4960?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
54f1edee3ca4757b85c73098470d185214e3a7eb6c42fd111216a83af730a326

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 02:34:55 GMT
server
Akamai Image Manager
etag
5ea3dad1881749a48e627136e0724bc2-3b11b0a3ab563742c80fb957ce2e4960-150
edge-cache-tag
3b11b0a3ab563742c80fb957ce2e4960
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5178233
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
2440
expires
Tue, 06 Feb 2024 02:36:17 GMT
5dd559dc55adabd2cfa15379d149c59e
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/5dd559dc55adabd2cfa15379d149c59e?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f0fd06a4d58ccce9ce112fbd5f9db051da01dd847d94dc96e4ae6beccb194876

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 02:00:51 GMT
server
Akamai Image Manager
etag
25f327c0b31fb4a0c104bf10648a172d-5dd559dc55adabd2cfa15379d149c59e-150
edge-cache-tag
5dd559dc55adabd2cfa15379d149c59e
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5176088
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4025
expires
Tue, 06 Feb 2024 02:00:32 GMT
rea-logo.png
d2n6ofw4o746cn.cloudfront.net/bob/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2n6ofw4o746cn.cloudfront.net/bob/images/rea-logo.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-148-114.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 10:40:29 GMT
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
via
1.1 e57fe70b9ed429fb51b4b2432cadc67a.cloudfront.net (CloudFront)
last-modified
Thu, 09 Sep 2021 21:17:00 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
581516
etag
"731035d55715734eff2f2a0f9afb31e7"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28648
x-amz-cf-id
tIfOKd9GIUHIKuaIze2bqrVXTVNzqj4qhxGaTZYsS2pdauQCTV-ftA==
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		540 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
T5B503B80E5VB72V
x-akamai-ew-subworker
8096267
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=373239
accept-ranges
bytes
content-length
540
x-amz-id-2
k4rWfmS9igVbHu6CyD89uWxe/fadj1y9+uN6lmcEipCzsSO8iwj8xJvpfDJqtMccijzCrmeT0Lk=
expires
Tue, 12 Dec 2023 11:53:03 GMT
ktv-icon.jpg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ktv-icon.jpg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 09 Nov 2023 00:18:01 GMT
server
AmazonS3
x-amz-request-id
HK5XT3KEEF4VSH37
etag
"481ac438f263d8b4ef0b66cb4ae1364c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=262709
accept-ranges
bytes
content-length
1051
x-amz-id-2
BjDPrezyJzpNh9xLkhqLcqRn6QJq3ThXFGZ8drgwWQdHEq2MF5zI47BEWDtdiTKeF9ZNJqNxGro=
expires
Mon, 11 Dec 2023 05:10:53 GMT
bodyandsoul.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/bodyandsoul.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ccb31b1542aaee2eb3ce785ccc2b5ab2b009461292d220cd329c2112da343826
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 02 Nov 2023 06:32:24 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65434278-18b7"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2010081
content-length
2357
expires
Sun, 31 Dec 2023 10:33:45 GMT
kidspot.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/kidspot.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4c0e900d88a4d79acc98c18901c221ff93418f92cfb8e3b10f5030b5d026071a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 04 Oct 2023 00:36:31 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"651cb38f-10b5"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=2156955
content-length
1678
expires
Tue, 02 Jan 2024 03:21:39 GMT
quote.svg
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/images/icons/quote.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 26 Oct 2023 05:12:04 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6539f524-539"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
image/svg+xml
cache-control
max-age=1367230
content-length
656
expires
Sat, 23 Dec 2023 23:59:34 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
TYFME5A533FH42A9
x-akamai-ew-subworker
8096267
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=202895
accept-ranges
bytes
content-length
16112
x-amz-id-2
hQiMHjOmvE4M9qfxS2e/XaPse140gAAzOyf01U/7KzGB3yuuwtI1Qk7uWC8G6hDV/vtLJevH6SE=
expires
Sun, 10 Dec 2023 12:33:59 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
26D81E180649EDA0
x-akamai-ew-subworker
8096267
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=81392
accept-ranges
bytes
content-length
15948
x-amz-id-2
M2jUpS/AGfEBmTbGt/LFWzcUzhc/pcInY7IeLixbMpXj46fs/Ac6WDCZUtTxRoItdyGk+D8pU5c=
expires
Sat, 09 Dec 2023 02:48:56 GMT
1ddf3703d3e64ec2c88d6ed26fefe06c
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1ddf3703d3e64ec2c88d6ed26fefe06c?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
58170ce1dd7c3fb0c02555698ea0a05f84f637efdc6f8bdade56e00be1a27e6c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
1ddf3703d3e64ec2c88d6ed26fefe06c
content-length
3569
last-modified
Fri, 08 Dec 2023 03:34:10 GMT
server
Akamai Image Manager
x-serial
1079
etag
480f7a3af2da117d29b9cf60d9fb521a-1ddf3703d3e64ec2c88d6ed26fefe06c-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181707
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 03:34:11 GMT
166b8354c7a3e1aa58a964e25909438b
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/166b8354c7a3e1aa58a964e25909438b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5a2098a142b2a2ce4370cb34369cebcc65f38dce9db3eccb854adb885e40ffb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
166b8354c7a3e1aa58a964e25909438b
content-length
4277
last-modified
Fri, 08 Dec 2023 03:46:10 GMT
server
Akamai Image Manager
x-serial
1768
etag
292220f3ba5b0cd379cf3b9880d95f7a-166b8354c7a3e1aa58a964e25909438b-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182510
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 03:47:34 GMT
04e0c98c736cbafce7e3e98ceeb516f7
content.api.news/v3/images/bin/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/04e0c98c736cbafce7e3e98ceeb516f7?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
bb1b8f345e2fc6fb265e8287f544ff5449288f2e8a275519d1533023e5b11309

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
04e0c98c736cbafce7e3e98ceeb516f7
content-length
4620
last-modified
Fri, 08 Dec 2023 03:38:48 GMT
server
Akamai Image Manager
x-serial
39
etag
c3995dd9ef3baa7ef952c450087862f8-04e0c98c736cbafce7e3e98ceeb516f7-150
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182052
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 03:39:56 GMT
572f3bf03061eab4691d87c60dab9867
content.api.news/v3/images/bin/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/572f3bf03061eab4691d87c60dab9867?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e6c7e8310c2c31944f4988e3e3e7e464a5df646d6db6feeb301211dddc4c7128

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 00:03:39 GMT
server
Akamai Image Manager
etag
fb1485fad2fa9d2d3c62a80acd4ae367-572f3bf03061eab4691d87c60dab9867-150
edge-cache-tag
572f3bf03061eab4691d87c60dab9867
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5169153
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
5968
expires
Tue, 06 Feb 2024 00:04:57 GMT
8d68ccb2063edf3389fdc665100f4935
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8d68ccb2063edf3389fdc665100f4935?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
c2b24a67d925db0d9b80138eced5ca36c703262a13f62a3081e8c925b7e0751c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Tue, 05 Dec 2023 05:02:15 GMT
server
Akamai Image Server
etag
2a4792528eac97b20e4e3768ac28cc34-8d68ccb2063edf3389fdc665100f4935-150
edge-cache-tag
8d68ccb2063edf3389fdc665100f4935
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, max-age=107
x-o
CF
x-akamai-note
original-image
access-control-allow-headers
x-newsapi-api-key
content-length
3550
expires
Fri, 08 Dec 2023 04:14:11 GMT
35300597327f3502b3ce3b9d2d330c6b
content.api.news/v3/images/bin/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/35300597327f3502b3ce3b9d2d330c6b?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
94d53eed450989620e3f5d3da0c8c720f59c308726eacbf7767667c3626c1a46

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
35300597327f3502b3ce3b9d2d330c6b
content-length
7153
last-modified
Thu, 07 Dec 2023 01:53:26 GMT
server
Akamai Image Manager
x-serial
1965
etag
d47261f8cbff1a44cce7e8689ce583cb-35300597327f3502b3ce3b9d2d330c6b-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5089261
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 05 Feb 2024 01:53:25 GMT
9624730bdf1854a504672b7711e47ed4
content.api.news/v3/images/bin/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9624730bdf1854a504672b7711e47ed4?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5efaa0df93c87783107dca102be7d1fdeeda1032e5f26099d27ba4c3ce4246ca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
9624730bdf1854a504672b7711e47ed4
content-length
7935
last-modified
Tue, 21 Nov 2023 02:30:04 GMT
server
Akamai Image Manager
x-serial
399
etag
264bb156e3b835573a2741472bf76588-9624730bdf1854a504672b7711e47ed4-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=3708949
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 20 Jan 2024 02:28:13 GMT
226d19966d2bd3af6d49699d1fa5e138
content.api.news/v3/images/bin/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/226d19966d2bd3af6d49699d1fa5e138?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6751a87fcb2eb8ad430772dfdf1946211940bb0e92817e50bb54517a4be6729e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
226d19966d2bd3af6d49699d1fa5e138
content-length
8539
last-modified
Tue, 05 Dec 2023 04:46:37 GMT
server
Akamai Image Manager
x-serial
1840
etag
d9a68503db4f978547b35c9b4c925913-226d19966d2bd3af6d49699d1fa5e138-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4926830
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Sat, 03 Feb 2024 04:46:14 GMT
99535e962adeab86ecf028762fdcc5a7
content.api.news/v3/images/bin/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/99535e962adeab86ecf028762fdcc5a7?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0f5431ee7d16fe6aaf14ece03b86423fa0979939e2d3b28767e54ae63abea533

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Mon, 04 Dec 2023 06:09:21 GMT
server
Akamai Image Manager
etag
621d94f2d2b39f70ef0f89f62a341b9e-99535e962adeab86ecf028762fdcc5a7-150
edge-cache-tag
99535e962adeab86ecf028762fdcc5a7
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4845101
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
9509
expires
Fri, 02 Feb 2024 06:04:05 GMT
a28d4f519b20156575b157803233671f
content.api.news/v3/images/bin/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a28d4f519b20156575b157803233671f?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
287c91ffba5266dca4c14c4b6ac6252f56ea224633c68d974c41fadb1b7f4886

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 22:00:05 GMT
server
Akamai Image Manager
etag
c48785512fe2334e9d862be6a8183432-a28d4f519b20156575b157803233671f-150
edge-cache-tag
a28d4f519b20156575b157803233671f
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5161610
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4446
expires
Mon, 05 Feb 2024 21:59:14 GMT
1bbfb47de99699b9a577c9514fc355e9
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1bbfb47de99699b9a577c9514fc355e9?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e046665747aa6995e02a6872134b1adbdfc3df09d448ef615dbca4cb66e86d81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 03:11:54 GMT
server
Akamai Image Manager
etag
431e0da9041c5afe6a4e2e609472ff7b-1bbfb47de99699b9a577c9514fc355e9-150
edge-cache-tag
1bbfb47de99699b9a577c9514fc355e9
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5180413
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3460
expires
Tue, 06 Feb 2024 03:12:37 GMT
03675ec60b5d94cedd3713670df49539
content.api.news/v3/images/bin/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/03675ec60b5d94cedd3713670df49539?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8eb08210f3cc71a6cf15301ef18ced50937dd65b78377b1f84a91bde6d20f962

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 03:33:53 GMT
server
Akamai Image Manager
etag
6ec67a09a4ad44da6c7d2c45ff7b9bd6-03675ec60b5d94cedd3713670df49539-150
edge-cache-tag
03675ec60b5d94cedd3713670df49539
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5181713
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
3048
expires
Tue, 06 Feb 2024 03:34:17 GMT
34fa6fc3f1cb70972f96fa31a4f05759
content.api.news/v3/images/bin/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/34fa6fc3f1cb70972f96fa31a4f05759?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f50e766333eb040329cca30fe2536925cd1c3fe30c6bd968a674007404958c58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
34fa6fc3f1cb70972f96fa31a4f05759
content-length
3496
last-modified
Fri, 08 Dec 2023 02:16:10 GMT
server
Akamai Image Manager
x-serial
894
etag
c265a0998b608510813efc883bd6960e-34fa6fc3f1cb70972f96fa31a4f05759-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5176897
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 02:14:01 GMT
22648cdcc7d695daf2427a58e0bf0c51
content.api.news/v3/images/bin/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/22648cdcc7d695daf2427a58e0bf0c51?width=150
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0e6d6befe0a8e7a100edbcb5693090680c2cc9a67e07869616ffeffe4831ce85

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 02:16:51 GMT
server
Akamai Image Manager
etag
66fa4b5e27a5aff57aaff2a23b79d811-22648cdcc7d695daf2427a58e0bf0c51-150
edge-cache-tag
22648cdcc7d695daf2427a58e0bf0c51
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5177070
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
4152
expires
Tue, 06 Feb 2024 02:16:54 GMT
v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
bedsberry.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
20238e49be2591e5ce83c3b8f0f26d0add8911828ebea96442dec2d15f8be20b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 08 Dec 2023 04:12:25 GMT
x-datacenter
gce-asia-east1
etag
"b423fbf078b4326ebceb3076e0dab2735a0e7db9b2417061c9ea06ac29cf2074"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-vdsz
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adblock.js
tags.news.com.au/prod/adblock/ 		102 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/adblock/adblock.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 08 Dec 2023 04:12:24 GMT
cache-control
max-age=80054
server
AkamaiNetStorage
etag
"bebf5f8dc74222b04669a0854d13b696:1686179714.642139"
content-length
102
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		535 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
WHA88878045228V6
x-akamai-ew-subworker
8096267
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=211829
accept-ranges
bytes
content-length
535
x-amz-id-2
ckkrJ1/ph5Sug9Crv0BOk48QRU0RHXWLvqgX0ejYdmukh+Lw26wMpGBj+vfU5bSYirSiilU8e1E=
expires
Sun, 10 Dec 2023 15:02:53 GMT
icon-chevron-default.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		586 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/icon-chevron-default.svg
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-critical-homepage.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986

Request headers

Referer
https://www.heraldsun.com.au/
Origin
https://www.heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 17 Nov 2021 04:48:47 GMT
server
AmazonS3
x-amz-request-id
GYK4RND10PJ15EKJ
etag
"7cebf19c244f62cfdb05f0c375f1aef7"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=263155
accept-ranges
bytes
content-length
586
x-amz-id-2
mJYT9HtMl1jNV0SyX07+ufJZB2GX6CyoULs6Q6F2dem4V+EdVKpAgR3vf6nT2iUSYuk7CHsw0pQ=
expires
Mon, 11 Dec 2023 05:18:19 GMT
1ddf3703d3e64ec2c88d6ed26fefe06c
content.api.news/v3/images/bin/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1ddf3703d3e64ec2c88d6ed26fefe06c?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a9a0c11dde2d9aa46e9bc641b81b5404f6f0e744785a278777dcd5e4644d797b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
1ddf3703d3e64ec2c88d6ed26fefe06c
content-length
38407
last-modified
Fri, 08 Dec 2023 03:32:56 GMT
server
Akamai Image Manager
x-serial
767
etag
480f7a3af2da117d29b9cf60d9fb521a-1ddf3703d3e64ec2c88d6ed26fefe06c-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181413
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 03:29:17 GMT
166b8354c7a3e1aa58a964e25909438b
content.api.news/v3/images/bin/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/166b8354c7a3e1aa58a964e25909438b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d577dc01139b89577a092ae25ad9e1614331e5f7a45f0a7457e953aa296931dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
166b8354c7a3e1aa58a964e25909438b
content-length
43572
last-modified
Fri, 08 Dec 2023 03:44:51 GMT
server
Akamai Image Manager
x-serial
643
etag
292220f3ba5b0cd379cf3b9880d95f7a-166b8354c7a3e1aa58a964e25909438b-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5182258
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 03:43:22 GMT
04e0c98c736cbafce7e3e98ceeb516f7
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/04e0c98c736cbafce7e3e98ceeb516f7?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4471305f7d908e13742d3e6cfcb410b6e6f9695489756062c9da2305a9b04fe6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 22:52:26 GMT
server
Akamai Image Manager
etag
06081e036023566a664aa74aedc28971-04e0c98c736cbafce7e3e98ceeb516f7-320
edge-cache-tag
04e0c98c736cbafce7e3e98ceeb516f7
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5164804
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
11834
expires
Mon, 05 Feb 2024 22:52:28 GMT
572f3bf03061eab4691d87c60dab9867
content.api.news/v3/images/bin/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/572f3bf03061eab4691d87c60dab9867?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ffddb261cdb706feb2d83f5dd22f2a569ad95c25c45f5a861ed708580f1a72de

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 00:00:47 GMT
server
Akamai Image Manager
etag
fb1485fad2fa9d2d3c62a80acd4ae367-572f3bf03061eab4691d87c60dab9867-320
edge-cache-tag
572f3bf03061eab4691d87c60dab9867
content-type
image/webp
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5168602
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
19772
expires
Mon, 05 Feb 2024 23:55:46 GMT
8d68ccb2063edf3389fdc665100f4935
content.api.news/v3/images/bin/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/8d68ccb2063edf3389fdc665100f4935?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
9d8f5cba9dabe2675d9b08f4a65d17b153ce1d9ebbc10bf3fe8961f8a376453c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
edge-cache-tag
8d68ccb2063edf3389fdc665100f4935
x-akamai-im-skip-dlr
1
content-length
10408
last-modified
Tue, 05 Dec 2023 05:02:15 GMT
server
Akamai Image Server
etag
2a4792528eac97b20e4e3768ac28cc34-8d68ccb2063edf3389fdc665100f4935-320
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, max-age=101
x-o
CF
x-akamai-note
original-image
access-control-allow-headers
x-newsapi-api-key
expires
Fri, 08 Dec 2023 04:14:05 GMT
35300597327f3502b3ce3b9d2d330c6b
content.api.news/v3/images/bin/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/35300597327f3502b3ce3b9d2d330c6b?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6e1ea58d7d8d5c815f2240e45463d378ec398939e9e5816a96086ff0e50715b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 01:53:26 GMT
server
Akamai Image Manager
etag
d47261f8cbff1a44cce7e8689ce583cb-35300597327f3502b3ce3b9d2d330c6b-320
edge-cache-tag
35300597327f3502b3ce3b9d2d330c6b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5089270
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
11336
expires
Mon, 05 Feb 2024 01:53:34 GMT
9624730bdf1854a504672b7711e47ed4
content.api.news/v3/images/bin/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9624730bdf1854a504672b7711e47ed4?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6a941a1175f1fa29da2eec4eb3c70e8b1aeb54f1e2825c01438e56c8c987b1e8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 20:31:27 GMT
server
Akamai Image Manager
etag
264bb156e3b835573a2741472bf76588-9624730bdf1854a504672b7711e47ed4-320
edge-cache-tag
9624730bdf1854a504672b7711e47ed4
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5156290
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12169
expires
Mon, 05 Feb 2024 20:30:34 GMT
226d19966d2bd3af6d49699d1fa5e138
content.api.news/v3/images/bin/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/226d19966d2bd3af6d49699d1fa5e138?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2fa5e41892a9504acfb95f940b8d91ea53e5c109bbb5a06beb36e9a8857d3c1d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Tue, 05 Dec 2023 09:28:21 GMT
server
Akamai Image Manager
etag
d9a68503db4f978547b35c9b4c925913-226d19966d2bd3af6d49699d1fa5e138-320
edge-cache-tag
226d19966d2bd3af6d49699d1fa5e138
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4943819
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
12883
expires
Sat, 03 Feb 2024 09:29:23 GMT
99535e962adeab86ecf028762fdcc5a7
content.api.news/v3/images/bin/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/99535e962adeab86ecf028762fdcc5a7?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2d80c21fe0d82066de8a0ff50c7d4db333285b640debd12262acb9cb8fa340fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Mon, 04 Dec 2023 06:05:22 GMT
server
Akamai Image Manager
etag
621d94f2d2b39f70ef0f89f62a341b9e-99535e962adeab86ecf028762fdcc5a7-320
edge-cache-tag
99535e962adeab86ecf028762fdcc5a7
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=4845087
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
14433
expires
Fri, 02 Feb 2024 06:03:51 GMT
a28d4f519b20156575b157803233671f
content.api.news/v3/images/bin/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/a28d4f519b20156575b157803233671f?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fb930fbea28387d34804f0b050973afc202a926d862052ad0b861f6b93dbddd9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
a28d4f519b20156575b157803233671f
content-length
44601
last-modified
Thu, 07 Dec 2023 22:00:08 GMT
server
Akamai Image Manager
x-serial
1518
etag
c48785512fe2334e9d862be6a8183432-a28d4f519b20156575b157803233671f-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5161680
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Mon, 05 Feb 2024 22:00:24 GMT
1bbfb47de99699b9a577c9514fc355e9
content.api.news/v3/images/bin/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/1bbfb47de99699b9a577c9514fc355e9?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
02faab2bccfb952f16c0c877d82fd0e95b38498f79b1eb4a0490c4db660243c7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 03:12:06 GMT
server
Akamai Image Manager
etag
431e0da9041c5afe6a4e2e609472ff7b-1bbfb47de99699b9a577c9514fc355e9-650
edge-cache-tag
1bbfb47de99699b9a577c9514fc355e9
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5180370
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
36643
expires
Tue, 06 Feb 2024 03:11:54 GMT
03675ec60b5d94cedd3713670df49539
content.api.news/v3/images/bin/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/03675ec60b5d94cedd3713670df49539?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
cf61991817f8e12e2b1ef7ffe01b27c45bcd7112abbf34867947f5c00793096b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 03:16:46 GMT
server
Akamai Image Manager
etag
6ec67a09a4ad44da6c7d2c45ff7b9bd6-03675ec60b5d94cedd3713670df49539-650
edge-cache-tag
03675ec60b5d94cedd3713670df49539
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5180637
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
21423
expires
Tue, 06 Feb 2024 03:16:21 GMT
34fa6fc3f1cb70972f96fa31a4f05759
content.api.news/v3/images/bin/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/34fa6fc3f1cb70972f96fa31a4f05759?width=320
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8ce7bd34b47ca8eb719ca9444f805008aa234f25f4e12302ff470d20b2bd4922

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Fri, 08 Dec 2023 02:08:03 GMT
server
Akamai Image Manager
etag
c265a0998b608510813efc883bd6960e-34fa6fc3f1cb70972f96fa31a4f05759-320
edge-cache-tag
34fa6fc3f1cb70972f96fa31a4f05759
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5176610
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
10092
expires
Tue, 06 Feb 2024 02:09:14 GMT
22648cdcc7d695daf2427a58e0bf0c51
content.api.news/v3/images/bin/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/22648cdcc7d695daf2427a58e0bf0c51?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0bb7f234ff483019ba55c46dd75bb5b67b302cfe19fc867285b5aa72a982e753

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
x-check-cacheable
YES
edge-cache-tag
22648cdcc7d695daf2427a58e0bf0c51
content-length
43450
last-modified
Fri, 08 Dec 2023 02:17:04 GMT
server
Akamai Image Manager
x-serial
963
etag
66fa4b5e27a5aff57aaff2a23b79d811-22648cdcc7d695daf2427a58e0bf0c51-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5177111
x-o
CF
access-control-allow-headers
x-newsapi-api-key
expires
Tue, 06 Feb 2024 02:17:35 GMT
9b63e774ec250115b843cb282ba3cd8b
content.api.news/v3/images/bin/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.api.news/v3/images/bin/9b63e774ec250115b843cb282ba3cd8b?width=650
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f210c64af3485982d46559510ce93bb03374225d95484ddcc0226cbebee8f103

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 00:57:16 GMT
server
Akamai Image Manager
etag
9385b4b3e9a358d0ba2d05c08dd541e5-9b63e774ec250115b843cb282ba3cd8b-650
edge-cache-tag
9b63e774ec250115b843cb282ba3cd8b
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
GET
x-hobit
2B
cache-control
private, no-transform, max-age=5085918
x-o
CF
access-control-allow-headers
x-newsapi-api-key
content-length
54923
expires
Mon, 05 Feb 2024 00:57:42 GMT
css-metro-desktop-lazy.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		55 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 06 Dec 2023 22:56:13 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
"6570fc0d-37"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2499004
accept-ranges
bytes
content-length
74
expires
Sat, 06 Jan 2024 02:22:28 GMT
rampart.js
www.heraldsun.com.au/remote/identity/rampart/latest/ 		294 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f3136fe9018c1e33809a1f7cf0b6050806ead6ae575e1ca101c4b1cf50bcfe5a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:26 GMT
server
AkamaiNetStorage
etag
"0ff4ed3ffb5079c732443f0cb86b53b8:1699852837.157493"
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
application/x-javascript
cache-control
max-age=310
expires
Fri, 08 Dec 2023 04:17:36 GMT
indies-loader.js
resourcesssl.newscdn.com.au/indies/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
135c38980e286aa356cd151198e12d0f3c577531dc068bae2ba82d2945ac60f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
N2EDkRHNZNkQ3IBNXC7lUt33doAiznQs
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
x-amz-request-id
VVDQDJ5465E7RCG9
x-amz-server-side-encryption
AES256
content-length
2005
x-amz-id-2
Vns0ATJxGGwZYHu6XD5j+efrtRSWz7Jo0zRZMuWRYfDXeoltD9l7bNL8zm4dibrA/6OJE3z9ILw=
last-modified
Wed, 29 Nov 2023 00:01:29 GMT
server
AmazonS3
etag
"bb643d40ad0928161ad37ab2e9224f2c"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1335
accept-ranges
bytes
x-p
/indies/indies-loader.js
expires
Fri, 08 Dec 2023 04:34:39 GMT
js-metro-desktop-lazy.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
de5045e72ed2fb935ff309cb41569befab981796ee8a72c873cc4bebdd2644ee
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-18de0"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508375
content-length
28941
expires
Sat, 06 Jan 2024 04:58:39 GMT
player.js
resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/ 		977 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d8c8011cf82e03132ce22bc093dbbaa981cce0176331f13bfe2195530124f70e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
x-amz-request-id
SB3WVPQW1FG2GG0Y
x-amz-server-side-encryption
AES256
content-length
237483
x-amz-id-2
BkhnJaWCH33GyiXC7Q0eRwSUQ84TKokCov04QkIUO48xwVLrylKF8u6wg0nF9w9CGrb7OSnw+qk=
last-modified
Mon, 04 Dec 2023 03:51:01 GMT
server
AmazonS3
etag
"9e90c076ea8681ab7950d1a3be23c812"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=1034
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:29:38 GMT
css-logos.css
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-logos.css?ck=GW8TDz/PFl/fNxHTfI5k177Gssc=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 06 Dec 2023 22:56:13 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"6570fc0d-2b9b"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
text/css
cache-control
max-age=2498862
content-length
1532
expires
Sat, 06 Jan 2024 02:20:06 GMT
js-weather.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a925505f3081d8806a240aa875ad4e470f2c6f4413175cd5701e18172487197e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-1984"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508470
content-length
2267
expires
Sat, 06 Jan 2024 05:00:14 GMT
js-mosaics-helper.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-mosaics-helper.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95ac383c4fa19e0a921e9d5f41e2ccf537d4988c70696192739a0ab87a91801a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-2824"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508522
content-length
3246
expires
Sat, 06 Jan 2024 05:01:06 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15fa217127cf6224fe6f46eda85d4c976ee5c3085779dc7d3397bb29cc721663

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
1336
apigw-requestid
PmvA_hLHywMEMxw=
expires
Fri, 08 Dec 2023 04:12:24 GMT
campaigns
resourcesssl.newscdn.com.au/indiestudio/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indiestudio/api/public/campaigns?userType=anonymous&pageType=homepage&site=heraldsun.com.au&section=/home&device=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-user-agent,x-amzn-trace-id,x-api-key
access-control-allow-methods
GET,OPTIONS
access-control-allow-origin
*
apigw-requestid
PmyiahHvSwMEMsg=
cache-control
max-age=1745
date
Fri, 08 Dec 2023 04:12:24 GMT
expires
Fri, 08 Dec 2023 04:41:29 GMT
comments-count
mhr.talk.news.com.au/api/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=f94fa27082aa758ed5f2522ffda69598,0c514c5a9adf10bbc32468ad1bfd0481,6c3f59c71d9df52df06c6fb8ff541f38,2f6ff6b99a5d2ca3c58c113cd1b27d99,d67b9411515d1196244d62dbcfda7ac2,76b06d114a5c22f81456fecdbd4fa10d,ddc0315afc873a45cc27d1bc8566af5e,389d290f7521d63829da2a39ed25a707,e17b56de64db532b7705221e8e3edbb0,3ebb52428d19ea8de805c1cf968781f3,83e86566f7891486420892160332dfc3,59b72fe597989ce99e6f8631d7c3703b,97f41f322062133590f0bed4e98d41ea,a444a2167a9e523536eacef2ba38e29e,a7c6e743369bf3074f017dab5fc6e943,a491271b7f646a5b9ad812f71996ed34,e34c3d9745930a9c8df6f3e6ea6c5a1a,34d1c160dc7f049b21ae7e873be335cd,4b939ab215b2d1e1eec61f24510ce48a,d95c633f70613ab1e357f2f2b151c0c8,04cab3eeb71da5802a47eddd03128f34,abaa28be5a095b7afdcda7908a0084c2,b4aa42a2ec01611a81c086d06a228f07,e5b4b9df8cd4a6ddf662be7dbed49338,3d07ecfef0f5d3c57de64a9e5b729638,52d46ad72109d1f3cea8b4cc3de30ee7,682dcf2233509f4c3c6ccf15d713cbcf,5659e899cae95a5bec956201a71ca4d0,49d8dbc070de505cb3e0c8d9618fc86f,3177cb9e92b78da9f5b06c08fc13ea2b,3886630802c7523dd470b942c40ebf13,08242a0f4aeb201d947e6a3f52a8ce73,73c7e05d30219cc4a5a28a66811485c8,640de4ce0bdc1aad2e541142557d6524,5cd6dc9845dbdaf8f2b5e83272c193c2,7cb07a99128e625cf74deb43ed74a102
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
5c9285bc0b9d3d259c18c249d3f486f8a6327082ab84c29ece7b9f692f8ee90f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 04:12:24 GMT
server
nginx/1.20.1
etag
W/"54a-UcxBgq/+VRkMvrHh52oe3jOIBdc"
x-download-options
noopen
x-dns-prefetch-control
off
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-talk-trace-id
817b9810-957f-11ee-981e-15f4eb9ec991
content-length
773
x-xss-protection
1; mode=block
3000
www.heraldsun.com.au/wp-json/api/weather/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-json/api/weather/3000
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e8978a0635b2c7e92458a4fbfecb29a444434bc04e23023ba810d407f32badd4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=600 ; includeSubDomains
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-length
737
x-rq
syd3 123 243 443
server
nginx
allow
GET
vary
User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires
Fri, 08 Dec 2023 04:13:24 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		1 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
UCVFmGAgwkxC1uDLu3zykPa9AqaOs.Oo
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
x-amz-request-id
Y04GAER0WB7W3719
x-amz-server-side-encryption
AES256
content-length
482
x-amz-id-2
M4MzP8PCCjgCkZdYDxfNJhO/zR1v2JZY8LaWgpSxO+lNc/4RkrD32yTng/rbZBvyNjGMpLPo7OM=
last-modified
Wed, 06 Dec 2023 02:35:12 GMT
server
AmazonS3
etag
"36ca8df1b51aa7fd5e82601bc8ea150e"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1262
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:33:26 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f0ef50bf45765ae087cc01984ebe59f10ff50a76af8b0677dda5b436347ee9dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
yKbnZtNaCtv2qlnnvB4gp5dpJhEQggH9
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
x-amz-request-id
Y04RSKQN7RY4ZNTF
x-amz-server-side-encryption
AES256
content-length
7978
x-amz-id-2
R1U9kGVVLCp1IQUg+li7FVatL5VXU5iPe8F1elpx/nZ6KohGiNBvjbjf5ruGGoTK3R/KchW2USw=
last-modified
Wed, 06 Dec 2023 02:35:12 GMT
server
AmazonS3
etag
"464d07cc240e49c3763eb7b00e119a07"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=395
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:18:59 GMT
style.css
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
18fc9e4be49d4646ea74bb1ca94cab88db5632ad958a5dd199a3631352befc41

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Qoht2yozGlOzRuYOQB.9ZK3jBE3EntHh
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
x-amz-request-id
NT1ZA5G6T9M5VB84
x-amz-server-side-encryption
AES256
content-length
3111
x-amz-id-2
LaJpRqxP4239YM78TSsuv425Yc5Vw97rvFXmvgnP5YCUgxF7cw4fSuCSgJIokiFhWrMxmzqGsQk3Aj2+iWarjA==
last-modified
Fri, 08 Dec 2023 03:23:48 GMT
server
AmazonS3
etag
"3c45e685ea3d0e8f8168a104895e1de0"
x-i
true
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=526
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:21:10 GMT
main.js
resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/ 		262 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/indies-loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a23ce8f29e3abc309f281963119fcf39e11241c0202eee4ecd36448f48f9cae

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
W57VUsGYQF4eeEzryQ2T0nBnqpcskXeY
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:24 GMT
x-amz-request-id
NT1PN8ZNC2C5E8XX
x-amz-server-side-encryption
AES256
content-length
68482
x-amz-id-2
kzO901ZeddyLlY3gv4itIcrBK44O/x9bSekofDoAOmK5OrjzaeR4JAeY1lJAr73RJiGI0Tr7X/PqArnNMVQmxQ==
last-modified
Fri, 08 Dec 2023 03:23:48 GMT
server
AmazonS3
etag
"c0239ec23795af90237dfa473d221538"
x-i
true
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=455
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:19:59 GMT
title-arrow-blue.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/ 		168 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-blue.svg
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-metro/trending-topics-algolia/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 14 Sep 2022 05:11:08 GMT
server
AmazonS3
x-amz-request-id
0QSXVB51YPKKMCM4
etag
"66be3d1dd6a8e48ce691f235e6119f50"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=182279
accept-ranges
bytes
content-length
168
x-amz-id-2
Zae2BFR55OBFwn65SADs/ghN7lMsO4XX8NyjY9C/nselPmV5Xv7O26NF1AYlFlSncvGIaeeVvS4=
expires
Sun, 10 Dec 2023 06:50:23 GMT
arrow_left_black.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/ 		295 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/arrow_left_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 15 Mar 2023 00:11:28 GMT
server
AmazonS3
x-amz-request-id
5H68CQRPWS597F3K
etag
"f55d1ae7b7bc941af883ba0e4179a13a"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=508180
accept-ranges
bytes
content-length
295
x-amz-id-2
sx/K2ixRblWLYlUVZPIID+B1UfvkvVCf+JzcKIm7UYTkQoV1BE6a8dlozzX2P00zwQ0D7rc7llg=
expires
Thu, 14 Dec 2023 01:22:04 GMT
arrow_right_black.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/ 		294 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/icon/arrow_right_black.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
last-modified
Wed, 15 Mar 2023 00:11:28 GMT
server
AmazonS3
x-amz-request-id
4HJF9F0W1XPJW911
etag
"0213d7039af05f02cbd9551d0dec8d53"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=137825
accept-ranges
bytes
content-length
294
x-amz-id-2
zb/EM0QJs8vlcljoOQ5B7auMyI+vmSymNloECk25MysUQX90mQg8hl2IIZNokxwZVX8FlvQp7XA=
expires
Sat, 09 Dec 2023 18:29:29 GMT
query
www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/ 		0
0
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
0f0969dcc16dee3f369b19032b7d58e0c6ed4c2b8844781c27c24c6dd4aa4279

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
81803707
access-control-allow-origin
*
cache-control
max-age=2055
accept-ranges
bytes
content-length
751
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
948afceffe80d48945c9c9272bd46438f7174e4c11f050ca1a71f4c348fea70a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
82091874 82091842
access-control-allow-origin
*
cache-control
max-age=2875
accept-ranges
bytes
content-length
816
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/football/series/9/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
fa4516a649f762b33686ce307d53bb2841da251daf6c37d7017451e8f03436d9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
139561303 139074063
access-control-allow-origin
*
cache-control
max-age=2811
accept-ranges
bytes
content-length
777
currentseason.json
statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/currentseason.json?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
02c92b6983dcf3e0df788441d88b51e67693b07db8af9b497c11ad066aa26d8b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
16292083 5795067
access-control-allow-origin
*
cache-control
max-age=1810
accept-ranges
bytes
content-length
528
index.min.js
players.brightcove.net/5348771529001/938M1Zecs_default/ 		931 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://players.brightcove.net/5348771529001/938M1Zecs_default/index.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.34.73 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-34-73.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
PeOMqIIQk0AX.dt12S5B9WegUKTCIoLY
Content-Encoding
gzip
Date
Fri, 08 Dec 2023 04:12:24 GMT
x-amz-request-id
7CX8XRZ7T5GAGHAS
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
255199
x-amz-id-2
EsuAy1xefWVEeGWRzHLMTYrwpqjkh+zGVZXb2nb0jY+TFHUZ3f5uJIx86WvxOobSfmfVbKLISKg=
X-BCOV-Response-Mode
1
X-Served-By
cache-syd10176-SYD
Last-Modified
Mon, 18 Jul 2022 05:27:06 GMT
Server
AmazonS3
X-Timer
S1658122027.661738,VS0,VE1480
ETag
"ee60f1c90237e0fc32d8071fe73d0e86"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=121
Accept-Ranges
bytes
X-Cache-Hits
0
MediaSDK.min.js
tags.news.com.au/prod/heartbeat/v2.2.0/ 		175 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/heartbeat/v2.2.0/MediaSDK.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c347a09f51bb895d757c5e600ad18d57:1565826404"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=41437
content-length
35262
vans-adapter-google-ima.js
static.adsafeprotected.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
date
Sun, 03 Dec 2023 02:59:23 GMT
x-amz-cf-pop
SFO53-P4
age
436383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
KcScftNThCJgVgrUu3THxLcgORqD_BAoNlsCajQM8LWxETpaFRJaYQ==
vidora-client.1.x.x.min.js
assets.vidora.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/cs/video/vjs/stable/build/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-30.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:01:05 GMT
last-modified
Fri, 29 Apr 2022 19:16:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
6106
x-amz-server-side-encryption
AES256
etag
W/"5953e20bb28e3a3f613e0cb6e8fbacfb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
yA82OOODzDMhM-18-BMe9jQInC59NYReUVB4x4sKvfomLDHHPSfx5g==
fixturesandresults.json;from=2023-12-05;to=2023-12-15
statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/63/ 		9 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/basketball/series/9/seasons/63/fixturesandresults.json;from=2023-12-05;to=2023-12-15?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
8bc2a535d18bf3d32f863ae406e7eaf87726c4f5ba0eac2b7d23fbc2c5f48936

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
54089954 56853699
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
1248
fixturesandresults.json;from=2023-12-05;to=2023-12-15
statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/138/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/1/seasons/138/fixturesandresults.json;from=2023-12-05;to=2023-12-15?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
7670bc5b1c18317279d039221742e12ab4007948479e2933b7536126d7d5f3e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
55449320 53787060
access-control-allow-origin
*
cache-control
max-age=3
accept-ranges
bytes
content-length
1131
fixturesandresults.json;from=2023-12-05;to=2023-12-15
statsapi.foxsports.com.au/3.0/api/sports/football/series/9/seasons/138/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/football/series/9/seasons/138/fixturesandresults.json;from=2023-12-05;to=2023-12-15?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
d85044f3641a9b36a57b5bbd072c066326a6813fe5d5e0953bf7f8fd00cb6d76

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
54089930 54089929
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
1125
fixturesandresults.json;from=2023-12-05;to=2023-12-15
statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/seasons/295/ 		13 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://statsapi.foxsports.com.au/3.0/api/sports/cricket/series/9/seasons/295/fixturesandresults.json;from=2023-12-05;to=2023-12-15?userkey=6B2F4717-A97C-49F6-8514-3600633439B9
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.74.168 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-74-168.deploy.static.akamaitechnologies.com
Software
STATS API /
Resource Hash
c0ed1b3990758de1e7ccaea5c99ca9be636632479237a668aebe722f231f4ecc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:24 GMT
content-encoding
gzip
server
STATS API
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
x-varnish
81224122 81224102
access-control-allow-origin
*
cache-control
max-age=1
accept-ranges
bytes
content-length
1283
bbl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/bbl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
945b317583c8a1af77063aad1ba55e6b549ff7f36a6dd47f4633de30db9239c1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:25 GMT
last-modified
Thu, 05 Oct 2023 03:57:23 GMT
server
AmazonS3
x-amz-request-id
VQWZCANAGDSXDB49
etag
"2d9b000f6804e897c1ba8b0a3dcb414d"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=518079
accept-ranges
bytes
content-length
8362
x-amz-id-2
pL+6Y+233sapaxtLRfZFEIXtL9WeqO5ZuMNhWNW9JEdaxBTNH3kKZKV3xNrimjnoX1PbUdSPRM8=
expires
Thu, 14 Dec 2023 04:07:04 GMT
nbl.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/nbl.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c21be9db4a5aa36ef2488085f60682b852099e863f6b9d87647f17761cf9e3a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:25 GMT
last-modified
Thu, 05 Oct 2023 03:17:45 GMT
server
AmazonS3
x-amz-request-id
3SG2Z9WTTHF2MWS3
etag
"801ad54b871f51617ce7c6016ea8f2f1"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=154951
accept-ranges
bytes
content-length
27842
x-amz-id-2
T1p2cwQLztk9hx10wKeulkQRVId0XQDqEI8Eo4xLTPIM+YkPml1oo6clK6gv/3QRXwtLGydQe2Q=
expires
Sat, 09 Dec 2023 23:14:56 GMT
alw.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/alw.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ba97fdb79551ec612f180093a000ae30f31ac9b2e82304a771ea5b502aa09352

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:25 GMT
last-modified
Tue, 17 Oct 2023 00:03:34 GMT
server
AmazonS3
x-amz-request-id
3AE9AMCSBB5R0MFM
etag
"d71494b494b70d4354daafc27389780c"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=548926
accept-ranges
bytes
content-length
25676
x-amz-id-2
OF92ZjnczTpS6E4u3yabdD6Y02fbhtb7l97mh2qyEeruAm24FJowTbZmp+Mg+wXXG/xq+B3dOSA=
expires
Thu, 14 Dec 2023 12:41:11 GMT
alm.png
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/sport-images/flag-sprites/alm.png
Requested by
Host: resourcesssl.newscdn.com.au
URL: https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.64.193 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-193.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
12a3170ec516303dd7108508ec6c5b44d8fc14f906a72e03fa65771199e37b5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://resourcesssl.newscdn.com.au/indies/ts2020-indies-prod-sport/indies-sport-scoreboard/assets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:25 GMT
last-modified
Wed, 04 Oct 2023 23:49:51 GMT
server
AmazonS3
x-amz-request-id
M9HQDHM0RPAYF1HW
etag
"e5db01249e0c1fafb663e0c9bd8fc134"
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=182458
accept-ranges
bytes
content-length
25554
x-amz-id-2
B4nW1IFJDA/EGvLYGXKbyirNZHiVMPbkL6Z92N8zZ1I4SysI6qEQQ86ddZh+HzYWP1aiUZeEy8I=
expires
Sun, 10 Dec 2023 06:53:23 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=oaralv_728x90_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 10:55:52 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
11985394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
B-AqT-Bo2lb-jyiw6BLrk7u7Qk_cGyjCamcCBLNFA6YURRMRqVfUgA==
pixel_93e6cf
www.heraldsun.com.au/akam/13/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/akam/13/pixel_93e6cf
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/akam/13/93e6cf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
strict-transport-security
max-age=600 ; includeSubDomains
date
Fri, 08 Dec 2023 04:12:25 GMT
blaizehappened
true
x-pathqs
TRUE
vary
User-Agent
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
content-type
text/html
x-arrrg5
/blaize/decision-engine?path=https%3a%2f%2fwww.heraldsun.com.au%2fakam%2f13%2fpixel_93e6cf&blaizehost=cdn.heraldsun.newscorp.blaize.io&content_id=&session=12a4e09c9f085d898099a46ef33b007f
x-arrrg4
https://www.heraldsun.com.au/
content-length
0
a7c9e5896a44ce0667c04004916f59d198d9ffa92cc
bedsberry.com/0/03ba0c9d2/ 		299 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/0/03ba0c9d2/a7c9e5896a44ce0667c04004916f59d198d9ffa92cc
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
234c32f7c8c3eba6e647bb5dd9e79e29b86992067390d12bf7913c3ede8848d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 08 Dec 2023 04:12:26 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-test-vdsz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 08 Dec 2023 04:12:25 GMT
authorize
login.newscorpaustralia.com/ Frame 4851 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/authorize?client_id=AnudjFSZnp48OLKBaaB382z4LHeAfIS5&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.heraldsun.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=ZT7EheVqVf9L3wv2dl9HVkTKqvtMM--4&nonce=tE3rAw6spvQkHkJEyHsH1Zj03g9goKn-&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMy4yIn0%3D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/remote/identity/rampart/latest/rampart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.44.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-44-119.deploy.static.akamaitechnologies.com
Software
cloudflare /
Resource Hash
175c95ac6f97af7d4843d1c6ae52c646b60309b8b6202721c0184044b929372e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
83222b889d58aafb-SYD
content-encoding
gzip
content-length
931
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type
text/html;charset=UTF-8
date
Fri, 08 Dec 2023 04:12:26 GMT
expires
Fri, 08 Dec 2023 04:12:26 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 537 0 pmb=mTOE,4
x-auth0-requestid
ac75cb3f315efc9b1ab8
x-content-type-options
nosniff
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1702008747
utag.sync.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f408e57fcca7a2cd06c9a0e5810015f4791294e57a8724fb027830e63a939b7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
A3mQZUi9RzEO663vIkSszuO7Bd4bJ39p
content-encoding
br
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:10:10 GMT
last-modified
Thu, 07 Dec 2023 03:17:10 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
137
x-amz-server-side-encryption
AES256
etag
W/"51fcff86e16fc1b3db0072f603fab7b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
STc6OX1dEJND4s7iXd4MLbQzvuCSG5i6Vto3whEtpcdtYrQ_ewLnIw==
utag.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		88 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2147af34d5673f65461fc7f873e0652d2617669d19bf5774569f8d92b3d5de98

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
YrEXV.xanluIM72jIkWmFVauEx_1xREo
content-encoding
br
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:10:43 GMT
last-modified
Thu, 07 Dec 2023 03:17:09 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
104
x-amz-server-side-encryption
AES256
etag
W/"6421a979afa647bdcba5df45e3a4dd0b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
0JwuQzqLlT6SLZZP-FLBXtxOh48QsxjuBbm9jJr_vuocROJgsgSf8g==
js-c3po-bundle.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		237 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-c3po-bundle.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e037889685a5756ed0dc4cb380f78d239daceaa5a23de6ca49d541eed22edffd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 242 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:26 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-3b5a2"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508380
content-length
55222
expires
Sat, 06 Jan 2024 04:58:46 GMT
js-vidora-client.js
www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.235.84 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-235-84.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e70c4605cfa84bbad7055f51b13fc721c9323cc152f47c7e4c491a3c8177590c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-rq
syd3 123 243 443
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:26 GMT
last-modified
Thu, 07 Dec 2023 02:17:30 GMT
server
nginx
strict-transport-security
max-age=600 ; includeSubDomains
etag
W/"65712b3a-22a8"
content-security-policy
block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://www.heraldsun.com.au/csp-reports
vary
User-Agent
content-type
application/javascript
cache-control
max-age=2508521
content-length
3543
expires
Sat, 06 Jan 2024 05:01:07 GMT
ac86b3039f9184bd88bdfb06eb610a58feb9626c5
bedsberry.com/a20a39718de/ 		3 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bedsberry.com/a20a39718de/ac86b3039f9184bd88bdfb06eb610a58feb9626c5
Requested by
Host: bedsberry.com
URL: https://bedsberry.com/v2xidAbl27_bbGoUgH9vkj5iV54PlV0QELR1sl88mnfEo97R4u9tcdK4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.169.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.169.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 08 Dec 2023 04:12:26 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
x-hostname
fen-hoothoot-asia-east1-test-vdsz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 08 Dec 2023 04:12:25 GMT
csp-reports
login.newscorpaustralia.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.newscorpaustralia.com/csp-reports
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.44.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-44-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers
3ef6500b
login.newscorpaustralia.com/akam/13/ Frame 4851 		0
0
ZCYmDDEB
login.newscorpaustralia.com/uYGy2/F/c8/B6B3/OiQ3_g99/1mw3btNGfb5i/BGEpQGNdAg/Mh8a/ Frame 4851 		0
0
sec-4-0.css
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 4851 		0
0
sec-cpt-4-0.js
login.newscorpaustralia.com/_sec/cp_challenge/ Frame 4851 		0
0
extended-access.js
subscriptions.heraldsun.com.au/google-loader/ 		295 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?ck=sXPg+zRV75corRYdkC0NIYmZM2w=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.44.119 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-214-44-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ab4134369398656a18ff7a84a790b2bbbe88282c75af9e05b4884fba83a296c
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=600
last-modified
Wed, 08 Nov 2023 05:12:30 GMT
x-amz-cf-pop
SYD62-P2
etag
"14295098f99f1ff4727aa471dce658b9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=40
accept-ranges
bytes
x-amz-cf-id
Nxk7D3t_SCrRHCHLaR1MO9JJ7QK4wTgLKVTffalgRX-lbMW99KYiYg==
content-length
82238
swg.js
news.google.com/swg/js/v1/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: subscriptions.heraldsun.com.au
URL: https://subscriptions.heraldsun.com.au/google-loader/extended-access.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
13866940722f8047d28b746dc8078c87f7bff794c6f2f8344bbb53235b0bd348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60593
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 00:56:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:15:48 GMT
20352597942.js
cdn.optimizely.com/js/ 		423 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/20352597942.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.151 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
96438abac3e63aa55835f1919e3897cb442505ee5f27c576ed11a21463c6bf59
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
VqhvpWeFhPdF3NUfhaxiIpfYAb7.Y3Bj
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
W9V63ZEFR9DNEF14
x-amz-server-side-encryption
AES256
x-amz-meta-revision
3587
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=29, origin; dur=234, cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.204.64.151";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1702008746934_1023315958_67959575_26322_2975_2_6_146";dur=1
content-length
129390
x-amz-id-2
nDEkD1/1GjEJNYPA71GoUSe/2MkyA8D1+vWksS4hUiOR9CIbCiwpKwLg0Job91dGtJYu1kwlC2I=
last-modified
Fri, 08 Dec 2023 00:13:24 GMT
server
AmazonS3
etag
"b200f242cdaf51b18ff2f1ecc541a57e"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=0
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
utrack.js
tags.news.com.au/prod/utrack/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=17020087466220.07043225118953389
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=0, no-cache, no-store
content-length
833
expires
Fri, 08 Dec 2023 04:12:26 GMT
mitas.js
tags.news.com.au/prod/mitas/ 		666 B
896 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 08 Dec 2023 04:12:26 GMT
cache-control
max-age=39573
server
AkamaiNetStorage
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157
ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157?
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f6.1e100.net
Software
cafe /
Resource Hash
e7a6f4d666e81c6328e303eebb24958255b1b50965cce8bb4327041fc5f4820a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14819
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:27 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F595A64DDCFB4C5FA03FE7128F80C161 Ref B: SYD03EDGE0720 Ref C: 2023-12-08T04:12:26Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.107.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-107-130.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:31:43 GMT
content-encoding
gzip
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:16 GMT
server
nginx
x-amz-cf-pop
SYD62-P2
age
13244
etag
W/"655577b0-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ThONhuZjRzfjlhcpueefXFw9nuNwQ3hiufY1i0XB_i8vk1Dxe_qXJA==
expires
Sat, 09 Dec 2023 00:31:43 GMT
metrics.vendors.bundle.js
tags.news.com.au/prod/metrics/v2/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b828e919c2ff55a336488d2ac02c554c1b69b0b662e2e0e6cb230f0e47cd4b6d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"e236ed52e7bb1e63b0dcc1b88d05734d:1697684767.476878"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=80142
nielsen.js
tags.news.com.au/prod/nielsen/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"fb68340e5f23d55e9dd6f9e882195c13:1695883768.293004"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=70878
content-length
9944
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 08 Dec 2023 04:12:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
EPR/LgkKvCGP/FFMj1T8YKeAp9JX2AsjaZeWxbVRS/teQTVs3Z+363cp+ZetJ+2mourW26H5JtOJUaJEQXQFOA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ncg.js
au.tags.newscgp.com/prod/ncg/ 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-67.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 03:21:04 GMT
Content-Encoding
gzip
Via
1.1 e3cb2b95dc77970fa884677fa82b833e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
SYD1-C2
Age
3082
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
ETag
W/"d9de38d1900dec018a46f90cc70a48b7"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
xgXe-QQekZbZaGW_-3bXCrf6SIRJWacSuvcyK5pOU0JkXXyMGljE0w==
3zcdIyo2Tk.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/3zcdIyo2Tk.js?timewithTz=2023-12-08T04%3A12%3A26.642Z&country=au&newsconnectId=&fpid=12a4e09c9f085d898099a46ef33b007f
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.182.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-182-54.compute-1.amazonaws.com
Software
/
Resource Hash
faa9004c26fdf1b0969a0216e2b057f2d672e78327ad7a10d76545be03d714c6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
2862
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 		1 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73792bc2a387e9c986cc9ff688702fcc78ca2807b5f1dcc9a03945b9c3c7fb22
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
_qBHTOh3bMm4U4aUKRZPid4fmRumb3XH
content-encoding
gzip
via
1.1 varnish
date
Fri, 08 Dec 2023 04:12:26 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
A119CXJCKQCEYM5T
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
519
x-amz-id-2
zeyDhSRqqDKoI83MsuNTt+VA+3QP2cgvbDiTsdJNGhTWXQ04lj7RqFBygqNXQtvSOSz+eSQMlfY=
x-served-by
cache-bne12520-BNE
last-modified
Tue, 05 Dec 2023 22:48:05 GMT
server
AmazonS3
x-timer
S1702008747.687320,VS0,VE0
etag
"01e21489f2a221cb5d9779a43e40a450"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
x-cache-hits
746903
id5-api.js
cdn.id5-sync.com/api/1.0/ 		151 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
ZAAZYF25D7TNENT4
age
3396
etag
W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83222b8c8e34dfa7-SYD
x-amz-id-2
FBqYcS2ZmM3S7NJGxNpg26noh5JZKKhMEDkyG6DyKoaAYSENcQ9gRZU2Vc9dKGzWCrGFDRdGiYY=
alloy.min.js
cdn1.adoberesources.net/alloy/2.9.0/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.63.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-63-128.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
br
strict-transport-security
max-age=86400 ; includeSubDomains
last-modified
Mon, 17 Apr 2023 14:27:15 GMT
server
Akamai Resource Optimizer
etag
"9de0c970a450653866276eaad3325344:1646937469.390599"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
20617
expires
Fri, 08 Dec 2023 05:12:26 GMT
nca_aep.js
tags.news.com.au/prod/aep/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/aep/nca_aep.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"a274dbe4a9a49f23e9a2822ac546709e:1673918295.329898"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=8717
content-length
2302
tad.js
tags.news.com.au/prod/tad/ 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4e61c669b9aa3695047ed8e48bb8d2912f3b3ee78ea75b2b78e4a5d2e53f5074

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"c316d53286b0f106a6c1975fda43fadb:1701658820.651741"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=47584
content-length
36221
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
14dc585d06bcd6d97acc6b6532cbd7e52afc3653c55e955e6074aba6d20a078f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29985
x-xss-protection
0
server
cafe
etag
612 / 19699 / m202312040101 / config-hash: 18357547353528918854
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:27 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:39:38 GMT
content-encoding
gzip
via
1.1 fd2442d18add87f1fea3351cec311828.cloudfront.net (CloudFront), 1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:16 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1, SYD1-C1
age
1969
x-amz-server-side-encryption
AES256
etag
W/"ccfaf15c322e197d2e6d0d6bd5642adc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
cnwcimbTCX64GpL__Cmg9Qe8oSs81dWAtONVk_SIctEYXonkFo4dyw==
prebid.js
tags.news.com.au/prod/prebid/ 		341 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a4a344f2d75cd0e85ae0f38c72d5fa5c49fef0e1a2b9c330ece72223090efd19

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"74bb26a255908f756e2370a47355ad59:1700023268.020534"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=46033
ats.js
ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-43.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eab27c634b2201cb52d5a94c4bdec71726e1ca54039494147e92d35c5a0ce4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
L2trWbReOiYig5BAhnQn6C4nJ2iFltj6
content-encoding
gzip
via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:06:34 GMT
last-modified
Wed, 04 Oct 2023 09:49:03 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
353
x-amz-server-side-encryption
AES256
etag
W/"6faed4962ecca75dadefb64e59a801fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
jeG-bltDHdkF1VzKDPfy1muKYYeowvaESfPledRElMdk6C196OISDw==
nca_ipsos.js
tags.news.com.au/prod/ipsos/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
81d335f1468b3013dcfb19dadda021b3c8e0d565607cf6cd38af766f5af72e2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"7e6046dd979ddc50f04146ba9ef5dead:1701062678.786536"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=74583
content-length
6364
heraldsun.js
cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5b5c5a477fbef8dbdb68a01bd234d5dda7c05e221cedd93c198a362ff81758

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 04:08:04 GMT
server
cloudflare
age
263
cf-polished
origSize=6056
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMNnoFyQ1ilHLwPq8fkLrZvi1bnFaNbxDcsLP4GSc6UpXur1YoLhM9zwSH2uRrlZBl5SRrQ0wqhXQqFdTv3Gf3469JebnUGmmx8HulKoHi1J1enfjiaQInIIxbEdCGWJkY5vtDK9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83222b8e2ff26a51-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
utag.985.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.985.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af74b8b4a0e418a5461b5c5b62ab9000c6997edbddc5c050ed931bcc062ab697

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
RY2xk5dKrgClOXCkluy9NeK5wxoYefxy
content-encoding
gzip
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:08:43 GMT
last-modified
Thu, 07 Dec 2023 03:17:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
236
x-amz-server-side-encryption
AES256
etag
W/"fc881ca62998212f68985cc6c384e4aa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
C7CDQxFd6ErEe5Fm6f8Tf7oFTfwHC9st6FvONiF-j5V-xCGntlyJ9g==
utag.1200.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1200.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff9a87f98509d5b075acf151b9cedef48b02afb4e520535441bc908d5d8ca643

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
AWWCp67kADRXIrNdofz66whxI0pAeSkZ
content-encoding
br
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:08:28 GMT
last-modified
Thu, 07 Dec 2023 03:17:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
238
x-amz-server-side-encryption
AES256
etag
W/"26388dad977b26decf8034aabd5a8f08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ENPY-OVgoDMeYbK9HQXRaqUf27wjVxrVUh47EWj3G5Dv9XhWmNZNkw==
utag.1205.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1205.js?utv=ut4.46.202309110217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
818649573d1249389d5861c571d5f41fe7a6a49e559d1a77e4fd67d51ea7f905

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GzBLHX4D3oKkcgxhnQcSrQwkK4HwlLWz
content-encoding
gzip
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:08:44 GMT
last-modified
Thu, 07 Dec 2023 03:17:08 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
232
x-amz-server-side-encryption
AES256
etag
W/"03365c4b3c53ddc82c78fdb90333da6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
_51k0e4QIwEAR98IlBr-gaediOP6K_H6-3LdfQBWN6h1yV9nUX_30Q==
utag.1211.js
tags.tiqcdn.com/utag/newsltd/hwt/prod/ 		608 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8383af8aba7726aab9c165a5ff6f37e4cc077cae11916eb67ea5ac23bd30b6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
7q.LdKpc8MESHkRQ.OBnr2k58D5ppt3p
date
Fri, 08 Dec 2023 04:09:46 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
162
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
608
last-modified
Thu, 07 Dec 2023 03:17:07 GMT
server
AmazonS3
etag
"db61a4bd8e92a498ad93fb48860d761a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
x-amz-cf-id
H89o-HuoPyPi4coebeHFth5LcaQqryFstdXhnXPIfGSdi30NlA48Vw==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
x-amz-request-id
XKGND0NZ509CX06F
x-amz-cf-pop
ATL56-P2
x-amz-server-side-encryption
AES256
content-length
21820
x-amz-id-2
vaHbI0o5FSMYgdPdaFYbOMSEAv6uHVsMSKgAyNtzcRFgrLIzvgo67PGjaYRJfk9obKt+U8vCrDU=
last-modified
Wed, 06 Sep 2023 14:35:36 GMT
server
AmazonS3
etag
"220840acac0b72605c541d1c968febe3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=455
accept-ranges
bytes
x-amz-cf-id
hca-17inFhrDhEHESrmINPGBV7ufa5XP4ONnOzH01FCtESc_rbD2yw==
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH8A5OBC77UEFTNV5O50&lib=ttq
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1200.js?utv=ut4.46.202309110217
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.88.160 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-214-88-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3a21462af9801ce566897beb74ca7426d79d53725718c7a31f1ae359d0f40a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id
c46dc297.1fc64990
date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231208041227E884900A15D611C150AF-5E2D4E9C1FB0782A-00
x-cache
TCP_MISS from a23-214-88-156.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
203,23.214.88.156
server-timing
cdn-cache; desc=MISS, edge; dur=194, origin; dur=9, inner; dur=5
content-length
1333
pragma
no-cache
server
nginx
x-tt-logid
20231208041227E884900A15D611C150AF
x-cache-remote
TCP_MISS from a23-48-200-197.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.48.200.197
x-tt-trace-host
0166bad2970a464e426f92a8203d7c6ff97e92eaa5b3b4852b319d96a03aadb09a2ba2ad3ed30f87c05564931c6b77800eb43b97e9c2212b32f5184519d2268a73a3e04b35c2745752979d95c67de6a97bdafa830ba368a5d0a0fe4955c7ead3eb09b36c14958ea4cff351bc62805d841a
expires
Fri, 08 Dec 2023 04:12:27 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
2988.js
script.crazyegg.com/pages/scripts/0018/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0018/2988.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.1211.js?utv=ut4.46.202311301301
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb061a343bdb07118d85335aa88423c0bab2cc3536dce654ed5e4fdc8ace91b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
179754
cf-polished
origSize=5984
ce-version
11.5.153
cf-bgj
minify
last-modified
Wed, 06 Dec 2023 02:16:32 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
83222b8eabd755b7-SYD
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/hwt/202312070315&cb=1702008746663
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-40.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Fri, 08 Dec 2023 04:03:12 GMT
via
1.1 0b26d7ef0f265884570bdb3e6c3750b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
age
555
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
GxbLtAG4xjTqKyZzh5Zr3_Nw4RYG7uI3d1Vt5mFVpg1jp_JGt0IBkg==
PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
cdn-gl.imrworldwide.com/conf/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-74.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8d5b698907b7b16e8de39d3ac67be7b9493d7f4185ccc7cb7b771ffd46c2788

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
_cfxNR3MwUoiywIcj6jUlbzV_8F__W2q
content-encoding
gzip
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 04:03:21 GMT
last-modified
Fri, 08 Dec 2023 01:19:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
559
x-amz-server-side-encryption
AES256
etag
W/"5366f51a166708c26fc27370fe7a57b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
qGJAUxG-qn4Cz7IktQESlda6jLYvPPLUYGaUhax0PntG2XF0gZPQ5w==
door.js
au-script.dotmetrics.net/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?id=13062
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-106.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
d1a2ff3a5504eea52cf51e0f6bcebec50e6e420d1d10a40aec7b45807006db83

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"13062...245.2023120804"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
ZoZA-f5Bhf-sulkuVjhOL-0t7NPvfYHTz2pI2xq2WnXUmpCPVcQ7YA==
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/ 		65 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:26 GMT
server
AkamaiGHost
etag
"519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary
Origin, Origin, Origin
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=0, no-cache
content-length
65
mime-version
1.0
expires
Fri, 08 Dec 2023 04:12:26 GMT
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-76.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Wed, 06 Dec 2023 19:34:48 GMT
Content-Encoding
gzip
Via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C1
Age
117460
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
ZdPl2SrZc0LsoLHjc8Rci56oD34fE4xdAMTIa2w08GevIzxNqFIqNQ==
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.20.197 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-20-197.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 08 Dec 2023 04:12:26 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.20.197 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-20-197.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 08 Dec 2023 04:12:26 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
cookie.html
ncg.tags.news.com.au/prod/ncg/ Frame AA7F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-11.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Age
1384
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 08 Dec 2023 03:49:23 GMT
ETag
W/"fbee957879301d939e1c5ea8e01d09a8"
Last-Modified
Tue, 16 May 2023 02:16:02 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 f5d6d53193540aa659ec28d5052668d0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
zWDt2FSQNsrMe_wYq9uQWsb7C0nhuSlxAE23KLCf0OLMMhKeKO9qzg==
X-Amz-Cf-Pop
SYD1-C2
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231208
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aca997682d0dbc6da36f2262551bb2d69aac5a5d0ed13b876ecd74e874314eba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 04:12:27 GMT
x-content-type-options
nosniff
content-encoding
br
age
693
x-jsd-version
1.0.1897
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
818
x-served-by
cache-fra-eddf8230103-FRA, cache-bne12529-BNE
x-jsd-version-type
version
etag
W/"63f-vG+2T1zUrp2xQjeb9H33OriwzZI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
prebid
id5-sync.com/api/config/ 		135 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
3cbb17ce946796035eb3a1d9bf9f23b21b343f0e2e6b4445802c06388bba2e3b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.26.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.26.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metrics.main.bundle.js
tags.news.com.au/prod/metrics/v2/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.news.com.au/prod/metrics/v2/metrics.main.bundle.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.245.131 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-245-131.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b1965ab4f6f50070c4d8214eb75ec76218f5e26cf01519fcaa3fe1f3c81043d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"6421b36923515fbec2b20e5387a46bf3:1697684765.524524"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type
application/x-javascript
cache-control
max-age=60349
content-length
24946
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.20.197 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-20-197.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Max-Age
600
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Fri, 08 Dec 2023 04:12:26 GMT
Server
nginx
tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 		2 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.25.20.197 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-25-20-197.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Fri, 08 Dec 2023 04:12:26 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://www.heraldsun.com.au
Content-Type
text/plain; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:50:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
22917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 21:50:30 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYV3LJEfNL3O3uFyjkw6VSJ6x22sWaLLGETphv6pxffzTgxN83_6AnCLDY7gqg605nQsoaST8hm8Wy8m-wY8YB1weCnFpkCF-0casTQYL2AfvA9QdT69p_ywfpEyS6BQtBhq6hJlxVNzIOTMsv1EMG1r0&sai=AMfl-YTOjmJ1_P9Bgd-IR6kAAdswOeYe91P6TdQswxxUQpw3NbAIuhA-g4MKshY3REpVSFdR8UHEz_mXDmiIgvI&sig=Cg0ArKJSzMa_B3l4QjETEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20231206.49268&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:27 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:26:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:16:04 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:40:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 04:30:35 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame F4F9 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1702008746902&publicationId=heraldsun.com.au
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
7adf4c6b7a9483f7296741d50e0a6c6674312b9df4e4809da33789a37a5f4ac4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-38PV_9bnURULStXp_PtCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-38PV_9bnURULStXp_PtCyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Fri, 08 Dec 2023 04:12:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
article
news.google.com/swg/_/api/v1/publication/heraldsun.com.au/ 		565 B
736 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/heraldsun.com.au/article
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
64ee2bc90d98a9e336e5e0a813b1c259926d822f1af16dea1ca2355cfa13294d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ 		31 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.238.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-238-146.sfo5.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:30:31 GMT
via
1.1 c12dc5a7470811b7785c781e3f388796.cloudfront.net (CloudFront), 1.1 86eb67c9cdffbb1cad0c7a18a9b0f5a4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P6, SFO5-C3
age
16916
x-amzn-requestid
d9bffbb9-5ed7-4851-b41b-bd28c570dcf6
x-amzn-trace-id
Root=1-65725597-48712a4b61894b4933f2c0bb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PmJPtF3TDoEEsDg=
content-length
31
x-amz-cf-id
QrUIt_gAPIIp55d3waT7KF6L-xbos_IK8dvs1bdYRSCRgNxf-V-VZQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
5119
config.aps.amazon-adsystem.com/configs/ 		505 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5119
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-22.syd1.r.cloudfront.net
Software
CloudFront /
Resource Hash
dbf2b38491d95ca0fad4cd2951d8c8eb29ceaee6243f915eb3ec7013b22a0482

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:35:02 GMT
via
1.1 f7807c0a57cfa18eb5f00429067b5f6a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD1-C1
age
2245
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
Xuupth8FCgLWH2nNUBhwFreHl0MrntbZjhgJR6k0Qn_oDuPCarIlOg==
config
c.amazon-adsystem.com/cdn/prod/ 		636 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
Server /
Resource Hash
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:11:35 GMT
via
1.1 d143ff54d809978a01bd0ec973b6c3b2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD1-C1
age
3651
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
636
x-amz-cf-id
RL7tUjo70wN56A68GeBoGB_7lQZogkTRtZ507sN3stAqTHh9c2ew7w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.151.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-151-131.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 13ad48adfe7f5ca5b82509779525e518.cloudfront.net (CloudFront)
date
Thu, 07 Dec 2023 16:14:27 GMT
x-amz-cf-pop
SYD1-C1
age
43080
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
BjI2McmkXnjeowWxZW8m63FLDSz6muXRv37-bnVWiSLyOTxK62DuHw==
384959879014125
connect.facebook.net/signals/config/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/384959879014125?v=2.9.138&r=stable&domain=www.heraldsun.com.au
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
30515e7af2d6991e1f7cace3c5c43572f6c7ff3a73f660ea75e2428f9f648746
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 08 Dec 2023 04:12:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36873
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
mNeUuItG3R8F0fMUykF+t39bPpH9ixwk2xbA6TIX4y2W1yVUNzyQ/vn6p3Thp4IqspssPPNVSe77+T5EU/gp3w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
6J6ioZ4CSvlYqWfZpC_RSOjAFNvc1H2.
content-encoding
gzip
date
Fri, 08 Dec 2023 04:12:27 GMT
last-modified
Thu, 30 Nov 2023 05:29:31 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
etag
"1cace6cc49d6432004661d16654e37f7"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=457
accept-ranges
bytes
x-amz-cf-id
oyN8lNJSKQukpC1W3guWn_cV7-lv0Wi4_gc4F-nhVkmhsRhlGlzT-g==
content-length
1278
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=ViewContent&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1702008747056&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1702008747053.545317934&cs_est=true&est_source=2353117768323382&ler=empty&it=1702008746995&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 08 Dec 2023 04:12:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=384959879014125&ev=PageView&dl=https%3A%2F%2Fwww.heraldsun.com.au%2F&rl=&if=false&ts=1702008747058&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1702008747053.545317934&cs_est=true&ler=empty&it=1702008746995&coo=false&rqm=GET
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 08 Dec 2023 04:12:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame F4F9 		0
206 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-2VXBB6RKs-kPt2LdDkJ57g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1702008746902&publicationId=heraldsun.com.au
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-2VXBB6RKs-kPt2LdDkJ57g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/ed=1/rs=ABXTjI4HC9U1obclRW8Pl5LF1c7X90L7NQ/ Frame F4F9 		745 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/ed=1/rs=ABXTjI4HC9U1obclRW8Pl5LF1c7X90L7NQ/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1702008746902&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 02:12:32 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AB... Frame F4F9 		199 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1702008746902&publicationId=heraldsun.com.au
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
2c1cbbb79ae2bb757aed7e19248ef2d314991cf082ab05dbf0bdaca3bdf420fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 17:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71811
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 03:58:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 17:18:02 GMT
Serving
bs.serving-sys.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=3504361412313870069&pageurl=$$https%3A%2F%2Fwww.heraldsun.com.au%2F$$&activityValues=$$Session%3D2006800197105316439$$&ns=0&rnd=4127494425&uinadv=%7B%7D&ccpastatus=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.162.132 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-162-132.ap-southeast-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
73d6a11ce32ab5c01d772644cabd5b522907c90729b4603d281584e6f2fdb05c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI DEVa OUR BUS UNI"
cache-control
no-cache, no-store
content-length
2420
expires
Sun, 05-Jun-2005 22:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=heraldsun.com.au&p=%2F&u=B2opSLBTn4NGB2qfqP&d=heraldsun.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=15389&o=2381&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.heraldsun.com.au%2F&b=3266&t=G-curkOzUpBNwvHP5bxevQ7tAi&V=141&i=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&tz=-480&_acct=anon&sn=1&sv=Bz3NqTD2dNQxC4vM_NBJ4AglJeGVu&sd=1&im=067b0ff2&_
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.121.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-121-59.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:27 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
97081477.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97081477.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 08 Dec 2023 04:12:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1001868C34444BD1A49DEBE0C83E7E2D Ref B: SYD03EDGE0720 Ref C: 2023-12-08T04:12:27Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97081477&Ver=2&mid=c33ccbd9-1fe1-4850-b03f-7d08fa64f58a&sid=ff436c60957f11ee87f29b5b82505567&vid=ff43a980957f11eeb4ac43e2c5289dd3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Herald%20Sun%20%7C%20Breaking%20News%20and%20Headlines%20from%20Melbourne%20and%20Victoria%20%7C%20Herald%20Sun&p=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=&lt=880&evt=pageLoad&sv=1&rn=700667
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 04:12:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2664EF4DC80A4CC4815AF8F78072A083 Ref B: SYD03EDGE0720 Ref C: 2023-12-08T04:12:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1702008747117&pvs=1&pvid=33385ca9-abc3-41b6-bb67-ef1a8e21d0d8&c=true&tzOffset=-480&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13062
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-106.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
dotmetrics-hit-status
01 OK
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
wIwOK2BGNYRUFJl574UrplSfhEFvCyM-G9hF8v0TMngwqboFBd5Y4Q==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=13062&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&dom=www.heraldsun.com.au&r=1702008747117&pvs=1&pvid=33385ca9-abc3-41b6-bb67-ef1a8e21d0d8&c=true&tzOffset=-480
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-85.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 16:03:53 GMT
via
1.1 098fddbcdf00e65b8479d1d17b41d28a.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
43715
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
_Uh1e4zzYGSimb13WaqttQKDPSAQ0UGNdB0otl9utqa7inUn2-HT7w==
script.js
au-script.dotmetrics.net/Scripts/ 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=245
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13062
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-106.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
8be4dcb40aede95c3bd86a19357e5e12c20e0876ee1942ebc281e274cfcd7b06

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
last-modified
Mon, 27 Nov 2023 10:02:37 GMT
server
Kestrel
x-amz-cf-pop
SYD1-C1
etag
"1da2118d95442d7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
ZM1iUiscmOb54Tff65N4y3Nawd1GpB95xnh1016XEi6vOnsoMCcxFw==
geo4.js
cdn3.optimizely.com/js/ 		309 B
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo4.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.38.138.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-138-181.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3cb89ebea6527df59287bc5d00d249d32042594d113a62049185b76945a6e959

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
Date
Fri, 08 Dec 2023 04:12:27 GMT
Server
AmazonS3
x-amz-request-id
DRHZWX870527H3KG
x-amz-server-side-encryption
AES256
ETag
"8777c006589ecabfa3d63a6b5bf24393"
Content-Type
application/javascript
Cache-Control
max-age=61773
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
309
x-amz-id-2
uR2omKt1kXESu54f+oc/cdWRX7NaWg0t8B3aK2nQVP/nXUr+Arl955hIMwWdAeeLfRIy++HSYsk=
a20352597942.html
a20352597942.cdn.optimizely.com/client_storage/ Frame EDB8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.20.194 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-20-194.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6484fcc9c19c09df7bf8ac514496e083ffc5ec2a54509f4a5b47e667171630f0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
917
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:27 GMT
etag
"6529c2edade213d67ec0e2f279d2104c"
last-modified
Fri, 08 Dec 2023 00:13:10 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="1";dur=0,cdnip;desc="23.221.20.194";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1702008747331_389542548_625344776_32_1290_1_5_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
nHBAOcMQ/HkxxH2Rc6hrPlEFghGMXCxoC9Xj2o6N4OgJY9M/LQsPbs11LCv0iac3DzETqrLhWpad44JkuS8sQA==
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
0T3G695ZF9EW26Q7
x-amz-server-side-encryption
AES256
x-amz-version-id
fno2pW1oXcNJMkfP_OKK8_zmKSJtgDSs
/
geo.privacymanager.io/ 		31 B
609 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/6482c35c-0542-41b0-bbf3-2711e544d04a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.238.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-238-146.sfo5.r.cloudfront.net
Software
/
Resource Hash
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:30:31 GMT
via
1.1 c12dc5a7470811b7785c781e3f388796.cloudfront.net (CloudFront), 1.1 86eb67c9cdffbb1cad0c7a18a9b0f5a4.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P6, SFO5-C3
age
16916
x-amzn-requestid
d9bffbb9-5ed7-4851-b41b-bd28c570dcf6
x-amzn-trace-id
Root=1-65725597-48712a4b61894b4933f2c0bb;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PmJPtF3TDoEEsDg=
content-length
31
x-amz-cf-id
UMNPuMCAU_0GQ4Qn1Em1s2_ixJk1HzDnoebVoJFG_8S4zgQqzhsLTg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4f778682-7195-460b-83fa-73fe4d0c111c&toploc=www.heraldsun.com.au
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/63ddc9921b9a4bebbf182f3c3519283f/heraldsun.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f4750c420dc5836a0fad3789977f8ceb13a198487936d157701dea7083201e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 08 Dec 2023 04:08:04 GMT
server
cloudflare
age
263
cf-polished
origSize=59498
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cAP9Ha%2BzqTsfmCfyto7D%2F4AGN%2FDFt0g8zog%2B%2FLYsJLfh7OqQpUVQAI2AP6cckzfrU0Bq5uV7RbpwXgHqfRikh1alJ%2Fy9qKfiLxX9MdMZen8dgBTwTYfVxWCcA9YZa%2BsDdEPhg48"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83222b8ed8776a51-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
97081477
www.clarity.ms/tag/uet/ 		877 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/97081477
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/97081477.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c923a79edfcad1510873ec3e505e8832fc74d0f311465499ec0e8d5f473ef93e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
date
Fri, 08 Dec 2023 04:12:27 GMT
x-azure-ref
0q5dyZQAAAADyl8kxaWepQZ+HT+bclMaXU1lEMDNFREdFMTIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
877
expires
-1
3zcdIyo2Tk.gif
pixel.zprk.io/v5/pixel/ 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.zprk.io/v5/pixel/3zcdIyo2Tk.gif?idgen=1&_ncid=7677659f91b0fd3e5b1d491def5c17d3&timewithTz=2023-12-08T04:12:26.642Z&country=au&newsconnectId=&fpid=12a4e09c9f085d898099a46ef33b007f
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.182.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-182-54.compute-1.amazonaws.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age
3600
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
35
www.heraldsun.com.au.json
script.crazyegg.com/pages/data-scripts/0018/2988/site/ 		961 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0018/2988/site/www.heraldsun.com.au.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0018/2988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cef1f4a03cd03efb05557253d4d4eac43ffbf1415e012891643117337a5d7fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
179743
ce-version
11.5.153
content-length
439
last-modified
Wed, 06 Dec 2023 02:16:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83222b90dcd4a93e-SYD
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PE61ECF8B-8E10-4919-930F-697F3D3DBB98.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-74.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
date
Fri, 08 Dec 2023 03:12:38 GMT
x-amz-cf-pop
SYD62-P2
age
3598
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
sLmpdNWNfesYC9PjQ-Slh9IblWzFG8JmooxryXl3pw4TzGsPIFU4tg==
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1702008747347&id=t2_vrvmwxuz&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8d86f707-1b10-4cf5-857b-919a5d751e35&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1702008747363
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
f17425fede411b839288f0e1ce2c415095637302663d5fcd5b94f6dcb542a498
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-apse2-2-v054-0eab2ba6b.edge-apse2.demdex.com 1 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
IqXdDIBBR/E=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1563
expires
Thu, 01 Jan 1970 00:00:00 UTC
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
58647
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Dec 2024 11:55:00 GMT
dest5.html
newscorpau.demdex.net/ Frame D25B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 08 Dec 2023 04:12:27 GMT
dcs
dcs-prod-apse2-2-v054-0f8adab82.edge-apse2.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 3 Nov 2023 21:17:47 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
6sQy4GsPR3M=
id
newscorpau.sc.omtrdc.net/ 		2 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=78516974098338345921912086589933866007&ts=1702008747417
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.186 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-186.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZXKXrAAAAGLnLwNW
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=78538120634587733701909972485330738445
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXKXrAAAAGLnLwNW
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXKXrAAAAGLnLwNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-020c26289.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
RTrCYIXpS/M=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXKXrAAAAGLnLwNW
Date
Fri, 08 Dec 2023 04:12:28 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 583C 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-74.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
3165
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Fri, 08 Dec 2023 03:19:48 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
x-amz-cf-id
1c2Ec_4oDVCymnQ8yvnL7G-Kkvmand1Do37iem4dYzhTKwzj7I3Jeg==
x-amz-cf-pop
SYD62-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		398 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjIsImZsIjp0cnVlLCJkb20iOiJ3d3cuaGVyYWxkc3VuLmNvbS5hdSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuaGVyYWxkc3VuLmNvbS5hdS8iLCJydXJsIjoiIiwicHZpZCI6IjMzMzg1Y2E5LWFiYzMtNDFiNi1iYjY3LWVmMWE4ZTIxZDBkOCIsImRjIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIiwidHpPZmZzZXQiOi00ODAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1702008747480
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=245
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-106.syd1.r.cloudfront.net
Software
Kestrel /
Resource Hash
f04f3ef1b173e07dcbe529d85b4a5d84f0a0456d347f7935f7ad68b6213a43c2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
wS1RuIBh0gwytW3nvjMXQkN7KFSPRm7mLZoCYR0b9Rod5AiyCpF01w==
pub
pixel.adsafeprotected.com/services/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600,160.600,120.600%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-block-300x90-1,ss:%5B300.90,315.90%5D,p:/5129/ndm.hwt/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.hwt/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=3b6ab192-91ed-9129-9b9e-28e2d8dbffd3&url=https%253A%252F%252Fwww.heraldsun.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6c1ef0a5a56e0f8283e3855d74769c8a6b2a2c39d4a64a4bdbc2b0ef1ab5d70d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
server
nginx
x-server-name
app05.au.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		113 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5119&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&pid=VGx2gnWsd01iI&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22ad-block-728x90-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-1%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-1%22%7D%2C%7B%22sd%22%3A%22ad-block-728x90-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221000x150%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-728x90-2%22%7D%2C%7B%22sd%22%3A%22ad-block-300x250-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5129%2Fndm.hwt%2Fhome-ad-block-300x250-2%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:26 GMT
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
timing-allow-origin
*
content-length
113
x-amz-cf-id
TPlqHZlpTjiMHgMsaq1wYBHtCIJkKSDZyonB8CjQu6LN-J-5GLop-g==
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
BAG3YGA5WX1KEEE2
age
1667
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83222b904999dfa7-SYD
x-amz-id-2
lyp4Ohf5BFTEBRQIvx+k9fgDm8FuKewnuR5Js+D21Y8C74oFBNP8sQR1+G4Jw4/QE649dFxeAAw=
ibs:dpid=358&dpuuid=193117286844294976
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=193117286844294976
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=193117286844294976
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-012f4d982.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
k4WexBYASeo=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
an-x-request-uuid
9d21ca81-e5e5-4aaa-bb0c-7b8c75c36968
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=193117286844294976
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 583C 		44 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&sessionId=bvc1ogexrchmfxmh67mwfxmw2prqo1702008747&c16=sdkv,bj.6.0.0&uoo=&fp_id=dfaviede5attcsjboxtjzpg34pti91702008747&fp_cr_tm=1702008747447&fp_acc_tm=1702008747447&fp_emm_tm=1702008747447&ve_id=&c30=bldv,6.0.0.673&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.180.158 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-180-158.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:27 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
bvc1ogexrchmfxmh67mwfxmw2prqo1702008747.nuid.imrworldwide.com/ Frame 583C 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bvc1ogexrchmfxmh67mwfxmw2prqo1702008747.nuid.imrworldwide.com/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-127.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:27:47 GMT
via
1.1 3aea472dcaab0d179b019b33b044a9be.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
32889
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
h-UEbxXBdvC6mfQqyzie62MPhbRmA7Ql5V8aN_0-C1uzrqs0vwNiWg==
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L... Frame F4F9 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5tQWz3uxH3tS5AGnu762Uud8v2dw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
ed04c617331e334fbed5caa76dad0bc6a82dbbf9c829eb37500ee4489af8d0a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44075
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:50:41 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L... Frame F4F9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5tQWz3uxH3tS5AGnu762Uud8v2dw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
dee3c83cf711a819773d5cecc4f9f3c9b88d6d76b6cd9ca3813a545936a0e03f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1822
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:50:41 GMT
cdb
bidder.criteo.com/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.50.0&cb=1825455662&lsavail=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ads.playground.xyz/host-config/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.heraldsun.com.au
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
77ad5fb5-c2ce-46b5-808c-4ca139324f9e
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		480 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=2&alt_size_ids=55%2C57%2C68&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&tk_flint=pbjs_lite_v7.50.0&x_source.tid=541775e9-6ff1-4423-9297-ed82ab7572e8&l_pb_bid_id=14e0d8367a49455&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=541775e9-6ff1-4423-9297-ed82ab7572e8&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-1&slots=1&rand=0.05449266957865251
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9029e9d40644b491ea3dfbf70933eaef3d07a1ea5b3f8b16feaefbb22dd63739

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
480
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		480 B
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914736&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=1&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&tk_flint=pbjs_lite_v7.50.0&x_source.tid=0b79d858-ec6e-4d8a-97d0-12a885b142f5&l_pb_bid_id=15eee09bcfb72bc&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0b79d858-ec6e-4d8a-97d0-12a885b142f5&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-1&slots=1&rand=0.33232490545985605
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ef8f621aa64890d26d3ffb95ce1ec34bfaf4e7b76cba454ee7e9aaf6da40e445

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
480
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		454 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=2&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&tk_flint=pbjs_lite_v7.50.0&x_source.tid=5fa979c5-9d93-4527-b31a-d8e7f5e3faa4&l_pb_bid_id=161d79aa2682016&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fa979c5-9d93-4527-b31a-d8e7f5e3faa4&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-728x90-2&slots=1&rand=0.14568871151268614
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e08e42038f0726aeb1f78519afe594b2379016cfa988e2b31cad7b02821e801f

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		456 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7725&site_id=125306&zone_id=1914758&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.domain=heraldsun.com.au&tg_i.page=https%3A%2F%2Fwww.heraldsun.com.au%2F&tg_i.adl=false&tg_i.pagetype=homepage&tg_i.sec1=home&tg_i.pos=2&tg_i.ad_unit=%2F5129%2Fndm.hwt&tg_i.pbadslot=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&tk_flint=pbjs_lite_v7.50.0&x_source.tid=42dd0ccd-7c26-4cce-bdf5-2f0e8c32446c&l_pb_bid_id=17b1b5608458514&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=42dd0ccd-7c26-4cce-bdf5-2f0e8c32446c&rp_maxbids=1&p_gpid=%2F5129%2Fndm.hwt%2Fhome%23ad-block-300x250-2&slots=1&rand=0.477944855582368
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
45ebd8c4c02d3be40fb3afa4fbb58a2493f0fc206b1c9fb1a1649f67b4301471

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
456
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=277566
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf1dfc8175b743db11a8b6990f6076e4cfaff2451faf94be19d90e30fb5b5ba

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx0K7OxBAaQDf%2F8pVmz%2BrV%2B0w%2BaHzCAf5DHJse%2BENSkC8Vixp1l023ljN2kiBCcbt7ZUUiFzxfd5UFUm7Wtue1G%2BPAtd4CU1Kd0LMYEL3wHUUe%2BwlK1l%2B91PzjWCpKbnsRV1ucQd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83222b90dc42a831-SYD
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		472 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
bfd422498d06efe67b59793ea13073b5ef9bec93de68e2f950ec50bd5f633338
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
an-x-request-uuid
720f9bef-416b-417b-be43-52090b7a181d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
472
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L... Frame F4F9 		236 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5tQWz3uxH3tS5AGnu762Uud8v2dw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:50:41 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L... Frame F4F9 		1 KB
779 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5tQWz3uxH3tS5AGnu762Uud8v2dw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
fee907a1d833331201ef7f88d3a573625c9afdbcfe50b1921ed5e50d770f5bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
714
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:50:41 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L... Frame F4F9 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5tQWz3uxH3tS5AGnu762Uud8v2dw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
79d277c8349d6b55245c0c1166b21a8f80f8ea057c24bfc565091b567dc44913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6482
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:50:41 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e2f5fff0548f28990c1e58e26fd2561910c83f007143037301330bc86f114651
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ibs:dpid=470&dpuuid=7354377163891688330
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=7354377163891688330
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7354377163891688330
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-0f8adab82.edge-apse2.demdex.com 1 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
5DH1s0ZaTbk=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=7354377163891688330
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame F4F9 		162 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=5745588374810489446&bl=boq_subscribewithgoogleclientserver_20231205.05_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=43948&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
ESF /
Resource Hash
37ba5cc656354ac4b35fba92e51ef53fa5afe250fc14e0cf6690e95c49d3b801
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L... Frame F4F9 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.YXq5AmNsdU8.L.B1.O/am=AIY0/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5tQWz3uxH3tS5AGnu762Uud8v2dw/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
sffe /
Resource Hash
2f4ab71e8d224990cbada55ff7cc2d3a575f2ff234ff2965c52f9305de9fe643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37157
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 11:53:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:50:41 GMT
token
token.rubiconproject.com/ Frame D25B 		0
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=78538120634587733701909972485330738445&gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
log
play.google.com/ Frame F4F9 		131 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 04:12:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 08 Dec 2023 04:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F4F9 		131 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 04:12:28 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 08 Dec 2023 04:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 08 Dec 2023 04:12:28 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F4F9 		131 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.kXwhuDDgUsw.es5.O/am=AIY0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4hxHb6Hca9LIlOdWOZIImeAbsTPQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 04:12:28 GMT
main.MTdjYzNiZDU2MA.js
analytics.tiktok.com/i18n/pixel/static/ 		397 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH8A5OBC77UEFTNV5O50&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.88.160 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-214-88-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id
1fc64a1e
date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110907312965872A3F9E0216EA720A
vary
Accept-Encoding
x-cache
TCP_HIT from a23-214-88-156.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01fd3737c443666b4385478c0714ee7cbd178630d1effa170151145fae08bc6e0152f45ed509632bbf67a4820514a4c2f2547634606e90a2fd58c2fca166ce40dcb0b63c7397b25638c603d211412d22267d22678aa2591e0cf753fca3ae7329bf
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=13
content-length
108214
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.88.160 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-214-88-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id
1fc64a44
date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110907313490E54AC27AC2B4E5D144
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-214-88-156.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0120a5f913fcf479c88f48367f2b9a30ac1b5054d28d30e4861f4aee060d678350160cda2b0e1e3ce6036c3011a3975ade27657f252bcc3f5ba968eabdc4a899ae882a7b7c4f0298407aa34e0043217003563a89d8e3384068d2a31ee57266b9ec
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=8
content-length
36070
pixel
analytics.tiktok.com/api/v2/ 		0
848 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.88.160 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-214-88-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
14acf118.1fc64a6e
date
Fri, 08 Dec 2023 04:12:28 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231208041228BE645DB68169F9BF3475-3E03433B2C91CD5A-00
x-cache
TCP_MISS from a23-214-88-156.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
229,23.214.88.156
server-timing
cdn-cache; desc=MISS, edge; dur=200, origin; dur=36, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231208041228BE645DB68169F9BF3475
x-cache-remote
TCP_MISS from a23-220-104-203.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
36,23.220.104.203
x-tt-trace-host
0166bad2970a464e426f92a8203d7c6ff97e92eaa5b3b4852b319d96a03aadb09ab50ce0df233577d5486a7ff903f37bb208250e2b1591697dff7678536d8e188993bcf676e82dbea9990bf08bf634d9ec8be8ba12ab70b9d532a854874d53abb6b9c98bfd38fe1af89be881afc7d3af4a
access-control-allow-headers
Authorization,*
expires
Fri, 08 Dec 2023 04:12:28 GMT
ibs:dpid=771&dpuuid=CAESEL5hQnGVyTW3MQo0wMN28yA&google_cver=1
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzg1MzgxMjA2MzQ1ODc3MzM3MDE5MDk5NzI0ODUzMzA3Mzg0NDU=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEL5hQnGVyTW3MQo0wMN28yA&google_cver=1?gdpr=0&gdpr_consent=
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEL5hQnGVyTW3MQo0wMN28yA&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-045b7c556.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
f/nwryj+Tf0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEL5hQnGVyTW3MQo0wMN28yA&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 580F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
283
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 08 Dec 2023 04:12:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VV99TS2ZKQB501XX5GXA

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 08 Dec 2023 04:12:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GVT0KYDXS1MX58NWZKBE
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/97081477
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.213.31 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:27 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 12:08:18 GMT
etag
"0x8DBF4C1B3818466"
x-azure-ref
0q5dyZQAAAAAcwDkwWm4zRZlS2Ok/8tmlU1lEMDNFREdFMTIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
93eb80c4-701e-005c-1a79-297b83000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
ibs:dpid=903&dpuuid=cbbf1e09-ad59-469f-a877-8867fb702585
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.heraldsun.com.au&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbbf1e09-ad59-469f-a877-8867fb702585
42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbbf1e09-ad59-469f-a877-8867fb702585
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-09eaccff2.edge-apse2.demdex.com 3 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
pgiIHsmIRZo=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbbf1e09-ad59-469f-a877-8867fb702585
date
Fri, 08 Dec 2023 04:12:28 GMT
server
Kestrel
content-length
189
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=78516974098338345921912086589933866007&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%0112a4e09c9f085d898099a46ef33b007f%011&ts=1702008748032
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
dfb1e1e11a66d49a2537c14e42ad0147126dac2bfc06e0a5ea1a3c6432a80c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-apse2-1-v054-05692a9c5.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
on18ivthS8o=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
1562
expires
Thu, 01 Jan 1970 00:00:00 UTC
collect
v.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Fri, 08 Dec 2023 04:12:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
s37369448582478
metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.heraldsun.com.au/b/ss/newscorpau-hsweb,newscorpau-global/10/JS-2.22.4/s37369448582478?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=8%2F11%2F2023%2012%3A12%3A28%205%20-480&cid.&newsnkidcookie.&id=12a4e09c9f085d898099a46ef33b007f&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=12a4e09c9f085d898099a46ef33b007f&mid=78516974098338345921912086589933866007&aamlh=8&ce=UTF-8&ns=newscorpau&cdp=3&pageName=hs%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Fwww.heraldsun.com.au%2F&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPercentPageViewed=5.0.1&getPreviousValue=3.0&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D8%2Cevent18%2Cevent63%3D35&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cherald%20sun%7Cherald%20sun%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Ccustom%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=herald%20sun&c3=D%3Dv3&v3=herald%20sun%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c12=D%3Dv12&v12=not%20set&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=3%3A12%20PM%7CFriday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=35&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=12a4e09c9f085d898099a46ef33b007f-00000000000000000000000000000000-1702008746657-47730&v110=2023-12-08%2012%3A12%3A24&v111=0&v199=en-US%2Cen&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/v2/metrics.vendors.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.149 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-149.data.adobedc.net
Software
jag /
Resource Hash
63cba7a7b3c3a6442d565047cb8aae2a8d61c1ce203b688e0e2d628034d79f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-aam-tid
ctmAFBT/QqQ=
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
4969
x-xss-protection
1; mode=block
dcs
dcs-prod-apse2-2-v054-0c7fc2f47.edge-apse2.demdex.com 5 ms
pragma
no-cache
last-modified
Sat, 09 Dec 2023 04:12:28 GMT
server
jag
etag
3655035956623310848-4617943238303114108
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 07 Dec 2023 04:12:28 GMT
core.js
s.pinimg.com/ct/ Frame 6699 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1793
up_loader.1.1.0.js
js.adsrvr.org/ Frame A8C3 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.144.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-144-104.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:42:58 GMT
Content-Encoding
gzip
Via
1.1 e32fd4d6bca08174b7bd2cfbec023138.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Nov 2023 03:37:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C1
Age
27373
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
2725PUaWCmd2kKGAWgr4xXjGTBVUXeVPlqFo7pLNU-Wr9SH-Qsc9Dg==
uwt.js
static.ads-twitter.com/ Frame 3587 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.28.157 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:08:41 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kcgs7200042-IAD, cache-syd10134-SYD
js
www.googletagmanager.com/gtag/ Frame 18C9 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-707564276
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bc337707a585e15920fb4103f3a40042343afca913548bb90c6260a2de72ae1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72402
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Dec 2023 04:12:28 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame F926 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.144.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-144-104.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 21:42:58 GMT
Content-Encoding
gzip
Via
1.1 e32fd4d6bca08174b7bd2cfbec023138.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Nov 2023 03:37:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C1
Age
27373
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
WzeYB9H7_QQJgnhn-4o8A_7URfGeGraE6i6a8JLeSAIDF78poGhATg==
pixie.js
acdn.adnxs.com/dmp/up/ Frame A681 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.57.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-57-183.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 04:12:28 GMT
Content-Encoding
gzip
X-Check-Cacheable
YES
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
X-Serial
67375
Server
nginx/1.13.10
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Sat, 09 Dec 2023 04:12:30 GMT
activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179
8228261.fls.doubleclick.net/ Frame 7A57
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=662704343300...
402 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
74c503817a8ff3d579fa281151b3e5f3ac11457cc8ea4002fa7ddef26349b114
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
227
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:28 GMT
expires
Fri, 08 Dec 2023 04:12:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575
8228261.fls.doubleclick.net/ Frame D15A
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541...
403 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575?
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f6.1e100.net
Software
cafe /
Resource Hash
1dc7fe3be91d291923c4744bb96a4f74b9edd728cd2dc18a0086599c51fe2439
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
227
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:28 GMT
expires
Fri, 08 Dec 2023 04:12:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame A83A 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820018408
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1f8c04c4627cb014b0d3f5bea7f2b2b8e06cd3c3849b80eda20e6b35dd086fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76448
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 08 Dec 2023 04:12:28 GMT
conversion.js
www.googleadservices.com/pagead/ Frame B533 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
16b4cf2b9a4908b20dff3b6c586bc3209fdf4bf53ea4f1fa2827cbffe4ceb070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18842
x-xss-protection
0
server
cafe
etag
9826982868918577658
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:28 GMT
cksync
hb.yahoo.net/ Frame 8229
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:ofz88b4&fmt=3
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=cbbf1e09-ad59-469f-a877-8867fb702585&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=cbbf1e09-ad59-469f-a877-8867fb702585&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zay5jand4RTJ1RVBNcnNWQzJHWTNHbGhzbmpuc2NiSH5B&gdpr=0&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&dpid=55953
53 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zay5jand4RTJ1RVBNcnNWQzJHWTNHbGhzbmpuc2NiSH5B&gdpr=0&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&dpid=55953
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
23.214.88.51 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-214-88-51.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 08 Dec 2023 04:12:29 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Fri, 08 Dec 2023 04:12:29 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1zay5jand4RTJ1RVBNcnNWQzJHWTNHbGhzbmpuc2NiSH5B&gdpr=0&ovsid=cbbf1e09-ad59-469f-a877-8867fb702585&dpid=55953
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
px
secure.adnxs.com/ 		0
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049974&seg=15374424&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
an-x-request-uuid
2779bbc1-fe6c-4130-93a0-8f82bdd431ab
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/ 		0
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/px?id=1049968&seg=15374298&t=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
an-x-request-uuid
4ed2682a-6925-4008-8452-2f089ed7ad2d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
845 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.214.88.160 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-214-88-160.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6120ae11.1fc64b54
date
Fri, 08 Dec 2023 04:12:28 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231208041228BBB7751311C930B5166B-4042109B1D9F1670-00
x-cache
TCP_MISS from a23-214-88-156.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time
224,23.214.88.156
server-timing
cdn-cache; desc=MISS, edge; dur=202, origin; dur=31, inner; dur=28
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231208041228BBB7751311C930B5166B
x-cache-remote
TCP_MISS from a23-48-200-200.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.48.200.200
x-tt-trace-host
0166bad2970a464e426f92a8203d7c6ff97e92eaa5b3b4852b319d96a03aadb09a4c0851575c686633b1d4207bb8b05a58a2b24ef4ac75c069e3b7f51e3959a0081e38d8eaacbc9245418c82cdaf8e32063fa57927657fa14a16b3fa83f606b60b31e987dab2a5a878791980a89af9de46
access-control-allow-headers
Authorization,*
expires
Fri, 08 Dec 2023 04:12:28 GMT
validate
assets.vidora.com/v1/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://assets.vidora.com/v1/validate?api_key=heraldsun.2F8773CE626E38E3517E704E87B6D52D
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-30.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
via
1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
Eh1gNLoivWKz9UF3myLHSwFjMQecle5ObYpW0gwj6x2Dm4iErDrDkw==
expires
Fri, 08 Dec 2023 04:12:27 GMT
usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame D25B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
adsct
t.co/i/ Frame 3587 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=53dc3ebe-e31e-4ae3-91f1-c27f31fbed27&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5b3cd0d4-e624-4480-8f82-b2a53808d852&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
144
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
0a457198cc4e0270
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
451841cfaa39e4a88b0adf67bcc59243ef393dd45f16e490bb17678a7e1977f9
content-length
43
adsct
analytics.twitter.com/i/ Frame 3587 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=53dc3ebe-e31e-4ae3-91f1-c27f31fbed27&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=5b3cd0d4-e624-4480-8f82-b2a53808d852&tw_document_href=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_document_referrer=https%3A%2F%2Fwww.heraldsun.com.au%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3flk&type=javascript&version=2.3.29
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time
145
date
Fri, 08 Dec 2023 04:12:27 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
a1036116f85096b6
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1753ec108f04dd3ba63f084d872dd8c432137d03800159ea13fc31097a3b9633
content-length
43
pixie
ib.adnxs.com/ Frame A681 		42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1702008748194&v=0.0.20&u=https%3A%2F%2Fwww.heraldsun.com.au%2F&r=https%3A%2F%2Fwww.heraldsun.com.au%2F&st=1702008748193&et=1702008748194&if=1
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-007bba0e1.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
TsHMZjIwQLI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHHM0hQEmP7oz9wJhfP9fZ6ds6rnAPe82ZJU%2F8M4Cop7MjVRQW4DnIpbActhDnjyinZdN2mSqx%2BQfEgfJOZMqga6r6mJBqY6Eoo5P6CfbAawLc5h7Yf%2FEG6kagIii7j95gY4SDvq"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933
cache-control
no-cache
cf-ray
83222b95a946a831-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
events
logx.optimizely.com/v1/ 		0
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
100.25.107.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-107-27.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 08 Dec 2023 04:12:28 GMT
Via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
Connection
keep-alive
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
d29d1500-f0e4-49db-a401-cbb3b4a06e56
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.203.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-203-99.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
tme
lm.serving-sys.com/lm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://lm.serving-sys.com/lm/tme
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.203.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-203-99.eu-central-1.compute.amazonaws.com
Software
LogModule 0.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Access-Control-Allow-Credentials
true
Server
LogModule 0.6
Content-Length
0
Content-Type
text/plain
uid
dt.scanscout.com/ssframework/ Frame D25B 		0
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.scanscout.com/ssframework/uid?UIAA=78538120634587733701909972485330738445&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.207.182 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
openresty/1.19.9.1 / Sails <sailsjs.org>
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 04:12:28 GMT
Server
openresty/1.19.9.1
Connection
keep-alive
X-Powered-By
Sails <sailsjs.org>
Transfer-Encoding
chunked
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/ Frame B533 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/859754747/?random=1702008748447&cv=9&fst=1702008748447&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
d70fb32a3cf26dde15d12e146d5171ad6338d30fa02da2af2c1e3a311ca0429e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.74d80534.js
s.pinimg.com/ct/lib/ Frame 6699 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.64.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-64-196.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18895
/
ct.pinterest.com/user/ Frame 6699 		298 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1702008748483&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
9566763923141955
content-length
173
pin-unauth
dWlkPU9Ua3paV0V6WkRRdFltWTFaaTAwWWpRM0xUZ3dPVGN0WlRWbU1XVmtabVUyWVdOaA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
e7249d1c03a7694dfa35055671bb9f996ab3ca0c
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ Frame 6699 		298 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=pagevisit&tid=2612777586108&cb=1702008748483&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1781319398419723
content-length
173
pin-unauth
dWlkPU5EY3hNakl5WXpBdFlqbGpZeTAwT1dWa0xXRXpZakV0TkRFMk16UTBaRE5qTUdaaw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
e7249d1c03a7694dfa35055671bb9f996ab3ca0c
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=78538120634587733701909972485330738445&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=78538120634587733701909972485330738445&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-1-v054-02307947e.edge-apse2.demdex.com 0 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
UGIJe8PES/U=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
303,104
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Fri, 08 Dec 2023 04:12:28 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
701.json
id5-sync.com/g/v2/ 		629 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/701.json
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a5fa51407c2b5077023695076c55cecdc708af89dfc09342adc134baf356ec51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575
adservice.google.com/ddm/fls/z/ Frame D15A 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPKF5db8_oIDFYaX6QUd-O4HRg;src=8228261;type=invmedia;cat=newsc00a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=124294938541.79575?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179
adservice.google.com/ddm/fls/z/ Frame 7A57 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179
Requested by
Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CP2E5db8_oIDFZuT6QUdbhQLQg;src=8228261;type=invmedia;cat=newsc005;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=6627043433003.179?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8228261.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D25B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=78538120634587733701909972485330738445
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78538120634587733701909972485330738445
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78538120634587733701909972485330738445
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.160.247.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-247-117.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
beacon-n011-pdx-prod.krxd.net
date
Fri, 08 Dec 2023 04:12:29 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1702008749
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=78538120634587733701909972485330738445
date
Fri, 08 Dec 2023 04:12:29 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
v1
lb.eu-1-id5-sync.com/lb/ 		44 B
290 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
4fd617ffafb554225fa615dade8d356f8545a35c0e5e0705cd0045c22f5b0e9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame D25B
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=78538120634587733701909972485330738445&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-02147069b.edge-apse2.demdex.com 0 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
X1sqrLA6Qts=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
303,104
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date
Fri, 08 Dec 2023 04:12:28 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pr
s.amazon-adsystem.com/v3/ Frame FC00 		951 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
359452d029e9eec2e6e2f606a153762b9ae7d9741a4c77413a866f93e870a17a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
951
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 08 Dec 2023 04:12:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4SJGSRHY2V9H4XJBT3Q1
/
ct.pinterest.com/v3/ Frame 6699 		35 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&tid=2612777586108&cb=1702008748766&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%2C%22pin_unauth%22%3A%22dWlkPU9Ua3paV0V6WkRRdFltWTFaaTAwWWpRM0xUZ3dPVGN0WlRWbU1XVmtabVUyWVdOaA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.heraldsun.com.au%2F%22%2C%22if%22%3Atrue%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
e7249d1c03a7694dfa35055671bb9f996ab3ca0c
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
1967600419288145
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/ Frame A83A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820018408/?random=1702008748792&cv=11&fst=1702008748792&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9100984934&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&frm=1&auid=724770718.1702008749&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820018408
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
a00648549caee247248a3b7ac4d5d0405da14b191f63a4c037ea66d1870eb145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlhLWHJBQUFBR0xuTHdOVw==
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlhLWHJBQUFBR0xuTHdOVw==
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-bne12527-BNE
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702008749.070914,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlhLWHJBQUFBR0xuTHdOVw==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/ Frame 18C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707564276/?random=1702008748824&cv=11&fst=1702008748824&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&hn=www.googleadservices.com&frm=1&auid=724770718.1702008749&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707564276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
a1bbd6d1213c59d0902e4426606d1b9d74e661ab103562210563b99d0ae0557e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZXKXrAAAAGLnLwNW&expires=90
42 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZXKXrAAAAGLnLwNW&expires=90
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-bne12527-BNE
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702008749.071282,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZXKXrAAAAGLnLwNW&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usermatch
ssum-sec.casalemedia.com/ Frame 747A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bd38acc0d64eef2eec5c884fc98610684c1fe21ec2f78e90aef07b8a2bae47

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83222b98eca7a831-SYD
content-encoding
br
content-type
text/html
date
Fri, 08 Dec 2023 04:12:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEJx811ei%2Fy0YQnu4PjBKhxTGHr8DHoH3IZJpmKozfNZDeQHXX2tQDENbHm3x3ztrjtNLLGUQZysz0SDQ6h%2BWf8Oajg7CrSevF8Q6HDNmaDaTxb4C%2BqNARRaD4rNBfL8NO3BsQwGaMbgFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3907 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 04:12:28 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 755A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=164774
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 08 Dec 2023 04:12:28 GMT
expires
Sun, 10 Dec 2023 01:58:42 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
www.google.com/pagead/1p-user-list/820018408/ Frame A83A 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820018408/?random=1702008748792&cv=11&fst=1702008000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9100984934&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNyKRazMyS4i4EtGtpo9q_Z-f1ZsOKwJ8RnSP8zUKKoef68XAV&random=1733952856&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/820018408/ Frame A83A 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/820018408/?random=1702008748792&cv=11&fst=1702008000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9100984934&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNyKRazMyS4i4EtGtpo9q_Z-f1ZsOKwJ8RnSP8zUKKoef68XAV&random=1733952856&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3907 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67b1a4313af266ec0c90106e3b70587b23e0235f454fe8be766ad4012c051b79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 04:12:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:21 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14588
Connection
keep-alive
Content-Length
13234
Expires
Fri, 08 Dec 2023 08:15:36 GMT
/
www.google.com/pagead/1p-user-list/707564276/ Frame 18C9 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/707564276/?random=1702008748824&cv=11&fst=1702008000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4N4MPOLVz3lcaXowk6ifpzu2mZlvJ6tZdZqeKRR6vJgz5QR6&random=528108330&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/707564276/ Frame 18C9 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/707564276/?random=1702008748824&cv=11&fst=1702008000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&frm=1&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4N4MPOLVz3lcaXowk6ifpzu2mZlvJ6tZdZqeKRR6vJgz5QR6&random=528108330&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/859754747/ Frame B533 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/859754747/?random=1702008748447&cv=9&fst=1702008000000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&cid=CAQSKQDICaaNZmgM6IvYz83aeWsi1gDBLp0bHL9zc3MjYSLQOa-7xzmQmy5O&random=1798301106&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/859754747/ Frame B533 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/859754747/?random=1702008748447&cv=9&fst=1702008000000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&fmt=3&is_vtc=1&cid=CAQSKQDICaaNZmgM6IvYz83aeWsi1gDBLp0bHL9zc3MjYSLQOa-7xzmQmy5O&random=1798301106&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 3907 		7 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
/
c0.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.152 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.54 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.129.23.120 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.95.135 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-3-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-3-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c0.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c0.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c1.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c1.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c2.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.92.250 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c3.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c3.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.188 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c4.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c4.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c5.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c5.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c6.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c6.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.93.98 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
/
c7.eu-4-id5-sync.com/ 		1 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c7.eu-4-id5-sync.com/
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.75.89.127 , Germany, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-headers
*
content-length
1
access-control-max-age
3600
access-control-allow-methods
GET, DELETE, OPTIONS, POST, PUT, PATCH
content-type
application/json
PugMaster
image6.pubmatic.com/AdServer/ Frame 755A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=2869164&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0ac510470baea887f80c1fa6908e73b10a0ca8f4a86b3923f4b41e380e6793af

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 08 Dec 2023 04:12:29 GMT
content-length
1672
content-type
text/html; charset=UTF-8
rum
dsum-sec.casalemedia.com/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXKXrAAAAGLnLwNW
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXKXrAAAAGLnLwNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgeqSYNBPlA1TRmHuhCTu%2FDjCI1ureQqsgiodz%2FMB5vScFLue0RCuFPtjFAD0oPZDGB54KvJ2Y64IW4IQTRoxa2cvwxv3xxQpf7jQCLOuN0XLFQwcrmbf1%2B7D9vXE2DbA%2BN8X4iCB4BqGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222b99cd98a831-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-bne12527-BNE
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702008749.071106,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZXKXrAAAAGLnLwNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 747A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXKXrGl3-xG4ncnm-E05TAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0ghvhYW-2V0lZVx3Tr-0w&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0ghvhYW-2V0lZVx3Tr-0w&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o%2F8ts8%2FUuV3b6xuJOVxaRTRijbBrTvGcz5Qqior9u54vrVpMT0JMrYJgpqkdcl5L1qUCcyYxk3VMhLE5iuvtZsGlc8qqJaPpu6yDmSHsH%2BmpHo0kUqOxG2UqyvfgBCDgsa2QjNLrudcjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222b9b5a17a977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE0ghvhYW-2V0lZVx3Tr-0w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame 747A
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=f67a01ad7a674ec8a11e19b3ece7cc3f
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=f67a01ad-7a67-4ec8-a11e-19b3ece7cc3f
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7ba02424-7b97-4043-88a0-8ae993ca99c0%3A1702008750.804227&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D7ba02424-7b97-4043-88a0-8ae993ca...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1973209970894566899&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D7ba02424-7b97-4043-88...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=7ba02424-7b97-4043-88a0-8ae993ca99c0%3A1702008750.804227&_=1702008750.806077
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY3YmEwMjQyNC03Yjk3LTQwNDMtODhhMC04YWU5OTNjYTk5YzA6MTcwMjAwODc1MC44MDQyMjcQABoNCLCvyqsGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGrRuOL4MM8D7xwvNaq87kM&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGrRuOL4MM8D7xwvNaq87kM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGrRuOL4MM8D7xwvNaq87kM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 747A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H3RRNC0YMSR3WZTD803H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 747A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=&expires=30
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=&expires=30
date
Fri, 08 Dec 2023 04:12:30 GMT
server
Kestrel
content-length
289
crum
dsum-sec.casalemedia.com/ Frame 747A
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7f539768321p49n00lpw42c4r
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7f539768321p49n00lpw42c4r
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKBAtyq3W5VATPtkqBkuMf6u4t1oYE%2BbNi55uST9nGGX9ZqxR2DGfZZ5nW9mAfHNbf%2FG5QoiPqn1GGWmaSkBTnWeb0vNRTx%2Bol5QrodVkfmPJ27jcSQG4oUFDVwv3Ty6wDfGacjgV9Wm8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222b9d3c4ca977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7f539768321p49n00lpw42c4r
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame 747A
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB4HtJKn2JqbXUm9Gc5%2BpSkFB%2FgzXNE1G3yA22iTzhyGtkCtdICDF8WX95P4%2FIA6z20DsAShtQDVhytuUd01zihbOyMlGn5epJEkJy2PaXgbEj2LqT62uAoSsQ6UuJ90e52Yj3G004b5zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222b9efe15a977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Fri, 08 Dec 2023 04:12:29 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 747A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091440050031
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091440050031
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqXphQHJv8MclkyD1ct52KZEDkfpbY%2FFzh4o3zggLIiuctKvUpUOq7uY%2FScykj6RYgdwsyIK%2BrLIvwI5zcYr7FAsghuh3DYlZ45niQXipMLnNZXlAu2A%2FgGNDN3qzUP9u5Mczl7QXBAXsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222b9e4d44a977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
292
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662091440050031
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83222b9cfbf55737-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 747A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
date
Fri, 08 Dec 2023 04:12:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame 747A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
477VGY5GS2YB4MEEGMNZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ct.html
ct.pinterest.com/ Frame BF2A 		565 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:29 GMT
pinterest-version
e7249d1c03a7694dfa35055671bb9f996ab3ca0c
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
1645638937567838
up
insight.adsrvr.org/track/ Frame 8748 		980 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
459e7e241fe157217ebc67fc5d1e9ae75bbb995233bd54f2f2a925cfd26d8e2a

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 08 Dec 2023 04:12:29 GMT
server
Kestrel
vary
Accept-Encoding
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 8748 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=12uiapu&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=trk7f24&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.144.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-144-104.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:56:33 GMT
Via
1.1 e32fd4d6bca08174b7bd2cfbec023138.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Nov 2023 03:37:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C1
Age
11829
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
iFqTNIr3kDdcurS-n__xgVGSWtBnfNs5FwdUQTIV-_AUnP5SI28Hvw==
up
insight.adsrvr.org/track/ Frame 4A6E 		575 B
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
cdc5e6c264177ca49e038b8812d036f7181eab0a771e72e91ad8010664aaa659

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 08 Dec 2023 04:12:29 GMT
server
Kestrel
vary
Accept-Encoding
setuid
ib.adnxs.com/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZXKXrAAAAGLnLwNW
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=ZXKXrAAAAGLnLwNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
an-x-request-uuid
155a4cbd-ad7d-4bea-8609-c0d0e566273a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-bne12527-BNE
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702008749.150607,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=ZXKXrAAAAGLnLwNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 4A6E 		488 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.heraldsun.com.au%2F&upid=ekg5qxt&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.144.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-144-104.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://insight.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:56:33 GMT
Via
1.1 e32fd4d6bca08174b7bd2cfbec023138.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Nov 2023 03:37:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SYD1-C1
Age
11829
x-amz-server-side-encryption
AES256
ETag
"2775054c068b37509e0798448f7fd32c"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
X-Amz-Cf-Id
oig8tr3XY5Jq0OqNQe6g1NWzV17Dfjiue69_uIHY8bfQCzlhuO0cNA==
google
match.adsrvr.org/track/cmf/ Frame D716
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=Y2JiZjFlMDktYWQ1OS00NjlmLWE4NzctODg2N2ZiNzAyNTg1&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867f...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867fb702585&google_gid=CAESEBD5mdMQVP3zeJb9ETW9dvo&google_cver=1
70 B
574 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867fb702585&google_gid=CAESEBD5mdMQVP3zeJb9ETW9dvo&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 08 Dec 2023 04:12:29 GMT
server
Kestrel

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cbbf1e09-ad59-469f-a877-8867fb702585&google_gid=CAESEBD5mdMQVP3zeJb9ETW9dvo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 4A80 		43 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cbbf1e09-ad59-469f-a877-8867fb702585&expiration=1704600749&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83222b9a4e1da831-SYD
content-length
43
content-type
image/gif
date
Fri, 08 Dec 2023 04:12:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59Q8GCl5jcr7iwbcQq7B%2FTK3sPCtZ6MvyjcjCuP%2Fh48ID7yLq%2FEAvBQ027UfKPXPS7X0HgsKbfJrDOupASu6gvbHo3re1obdVTlutdYRwggg3VemrkcXeXO5OUmPeZ1hkrXpLFNfclmlPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Pug
simage2.pubmatic.com/AdServer/ Frame 65B9
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
42 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 23:00:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
355
date
Fri, 08 Dec 2023 04:12:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
server
Kestrel
syncd
x.bidswitch.net/ Frame 0009 		43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cbbf1e09-ad59-469f-a877-8867fb702585&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://insight.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 08 Dec 2023 04:12:29 GMT
Server
nginx
sd
us-u.openx.net/w/1.0/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZXKXrAAAAGLnLwNW
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZXKXrAAAAGLnLwNW
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZXKXrAAAAGLnLwNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZXKXrAAAAGLnLwNW
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
ecm3
s.amazon-adsystem.com/ Frame 3907
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LPW42BV9-N-GKBA
  • https://s.amazon-adsystem.com/ecm3?id=LPW42BV9-N-GKBA&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPW42BV9-N-GKBA&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XMHCZRCQFXZSE3NGPHS2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPW42BV9-N-GKBA&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
Pug
image2.pubmatic.com/AdServer/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZXKXrAAAAGLnLwNW
1 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZXKXrAAAAGLnLwNW
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-bne12527-BNE
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702008749.362478,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZXKXrAAAAGLnLwNW
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 3907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBXNDJCVDAtRi03QVlW
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK-Tv49HHHPrDNzSwNEEZmk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNDJCVDAtRi03QVlW&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNDJCVDAtRi03QVlW&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNDJCVDAtRi03QVlW&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTBkZDczNjQ3M2FlMjUyNmZkMTE2NDIxMTY2NjQ2OGVjYWYzY2M5ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTBkZDczNjQ3M2FlMjUyNmZkMTE2NDIxMTY2NjQ2OGVjYWYzY2M5ZA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTBkZDczNjQ3M2FlMjUyNmZkMTE2NDIxMTY2NjQ2OGVjYWYzY2M5ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 3907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW42BT0-F-7AYV
0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW42BT0-F-7AYV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:29 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 606C13B19DED4D60A4E384F45E6CC3D4 Ref B: SYD03EDGE1420 Ref C: 2023-12-08T04:12:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYL98r1uVJAUJPj1cveQg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW42BT0-F-7AYV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3907 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GH9DFQDE0Q19MD6HMYWH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v6ACFsJA8oJNBwdC0q-FVg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n5KbNaRE2oKR4t1zHx_FIjeH3sG61ZMcGh0Osg--~A
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n5KbNaRE2oKR4t1zHx_FIjeH3sG61ZMcGh0Osg--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 08 Dec 2023 04:12:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-n5KbNaRE2oKR4t1zHx_FIjeH3sG61ZMcGh0Osg--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 3907 		70 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:29 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 3907
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7yoP9c5QS66cNazIEbKM7A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7yoP9c5QS66cNazIEbKM7A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7yoP9c5QS66cNazIEbKM7A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8R9GBSHEFSYWDV3JABPR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7yoP9c5QS66cNazIEbKM7A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3907
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJIlz1gTdNj7dZ1zdXgF6kg&google_cver=1
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJIlz1gTdNj7dZ1zdXgF6kg&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJIlz1gTdNj7dZ1zdXgF6kg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 3907
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LPW42BT0-F-7AYV&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPW42BT0-F-7AYV&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RTPNAQYJSP4VMHH559N1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPW42BT0-F-7AYV&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 3907
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEBt07K5S8AABQTGZH72g&expires=30
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEBt07K5S8AABQTGZH72g&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEBt07K5S8AABQTGZH72g&expires=30
Date
Fri, 08 Dec 2023 04:12:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 3907
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LPW42BT0-F-7AYV
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPW42BT0-F-7AYV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:29 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPW42BT0-F-7AYV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 3907
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPW42BT0-F-7AYV
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPW42BT0-F-7AYV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPW42BT0-F-7AYV
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
capi.connatix.com/us/ Frame 3907
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LPW42BT0-F-7AYV&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LPW42BT0-F-7AYV&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPW42BT0-F-7AYV&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83222ba37ad8a961-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 08 Dec 2023 04:12:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPW42BT0-F-7AYV&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83222ba2495ea961-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
v1
match.sharethrough.com/sync/ Frame 3907
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW42BT0-F-7AYV
68 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW42BT0-F-7AYV
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.77.135.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW42BT0-F-7AYV
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
merge
ce.lijit.com/ Frame 3907
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LPW42BT0-F-7AYV
  • https://ce.lijit.com/merge?pid=80&3pid=LPW42BT0-F-7AYV&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LPW42BT0-F-7AYV&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.175.41.79 Park Ridge, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
sovrn-193627-chi03-placeholder
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ord1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:31 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LPW42BT0-F-7AYV&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ord1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 3907
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPW42BT0-F-7AYV
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW42BT0-F-7AYV
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW42BT0-F-7AYV&ckls=true&ci=oNPjudz1Jk&nc=false&trid=1658724744
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW42BT0-F-7AYV&ckls=true&ci=oNPjudz1Jk&nc=false&trid=1658724744
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_pm-db5&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.35.147.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-55.syd1.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
h7JOWzl9vEGU6iK0AlPRr1UfaeNVMQtq_4RXnf4F71E2eTgPUi9-gw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW42BT0-F-7AYV&ckls=true&ci=oNPjudz1Jk&nc=false&trid=1658724744
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
tdz1fAue3nlSGokz0fXixPzUE28hG-E33eectjVANp83QgHAPl6kIg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/ 		44 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b04_homepage_S&asn=homepage&fp_id=dfaviede5attcsjboxtjzpg34pti91702008747&fp_cr_tm=1702008747447&fp_acc_tm=1702008747447&fp_emm_tm=1702008747447&ve_id=&sessionId=bvc1ogexrchmfxmh67mwfxmw2prqo1702008747&prv=1&c6=vc,b04&ca=NA&c13=asid,PE61ECF8B-8E10-4919-930F-697F3D3DBB98&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,4gegkdv6qe0w1t36e0qkj1gcdkypz1702008747&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17020087474427391&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1702008746668&c3=st,c&c64=starttm,1702008748&adid=1702008746668&c58=isLive,false&c59=sesid,&c61=createtm,1702008748&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.heraldsun.com.au%2F&c66=mediaurl,&sdd=&c62=sendTime,1702008748&rnd=805165
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.239.180.158 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-239-180-158.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
partner
sync.search.spotxchange.com/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZXKXrAAAAGLnLwNW&img=1
0
0
img
sync.mathtag.com/sync/ Frame 1916 		0
0
ecm3
s.amazon-adsystem.com/ Frame D3D9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID65582A45-3A0D-47AA-84B0-0E63A3261A05
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 08 Dec 2023 04:12:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
J0N8XK1XT3N5JF1RH0D2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 755A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZVgqRToNR6qEsA5joyYaBQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:29 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=164773
accept-ranges
bytes
content-length
5622
expires
Sun, 10 Dec 2023 01:58:42 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 755A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=65582A45-3A0D-47AA-84B0-0E63A3261A05
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=65582A45-3A0D-47AA-84B0-0E63A3261A05
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=63f385a4-b33d-4255-9747-3fa3b9f6605c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cbbf1e09-ad59-469f-a877-8867fb702585&ttd_puid=63f385a4-b33d-4255-9747-3fa3b9f6605c%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cbbf1e09-ad59-469f-a877-8867fb702585&ttd_puid=63f385a4-b33d-4255-9747-3fa3b9f6605c%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=cbbf1e09-ad59-469f-a877-8867fb702585&ttd_puid=63f385a4-b33d-4255-9747-3fa3b9f6605c%2C%2C
date
Fri, 08 Dec 2023 04:12:29 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame 755A
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.31.38
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.11.225
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 755A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=65582A45-3A0D-47AA-84B0-0E63A3261A05&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=65582A45-3A0D-47AA-84B0-0E63A3261A05&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=65582A45-3A0D-47AA-84B0-0E63A3261A05&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.211 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:11:56 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:11:56 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=65582A45-3A0D-47AA-84B0-0E63A3261A05&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 755A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjU1ODJBNDUtM0EwRC00N0FBLTg0QjAtMEU2M0EzMjYxQTA1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 04:12:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 755A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDih-A6nVDZ_B14V3iSeW5s&google_cver=1
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDih-A6nVDZ_B14V3iSeW5s&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 01:58:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDih-A6nVDZ_B14V3iSeW5s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 755A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C6370914026403A8B3F3E4BFA42C4FA
42 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C6370914026403A8B3F3E4BFA42C4FA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 04:12:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 08 Dec 2023 04:12:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2C6370914026403A8B3F3E4BFA42C4FA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 07 Dec 2023 04:12:30 GMT
65582A45-3A0D-47AA-84B0-0E63A3261A05
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 755A 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/65582A45-3A0D-47AA-84B0-0E63A3261A05?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 755A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
42 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 01:31:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cbbf1e09-ad59-469f-a877-8867fb702585&gdpr=0&gdpr_consent=
date
Fri, 08 Dec 2023 04:12:29 GMT
server
Kestrel
content-length
355
b.php
www.facebook.com/fr/ Frame D25B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZXKXrAAAAGLnLwNW&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZXKXrAAAAGLnLwNW&t=2592000&o=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 07 Dec 2023 20:12:29 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
public
x-fb-debug
u4nAYn4LEH5r5wgoOkVCaPD9zX3upZqJ0425s3tBtf/q+kBsl0jiPvEWLRYfgCuJPYC1gEe/c5iRYUvq6ad3gg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Thu, 07 Dec 2023 20:12:29 PST

Redirect headers

x-served-by
cache-bne12527-BNE
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1702008750.584666,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZXKXrAAAAGLnLwNW&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 04:12:30 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		366 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3877868391652154&correlator=3038615773977975&hxva=1&scor=3655812015906786&eid=31078659&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.hwt%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C300x600%7C160x600%7C120x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C300x90%7C315x90%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702008749664&lmt=1702008749&adxs=436%2C1112%2C808%2C0%2C176%2C1112%2C0&adys=28%2C354%2C13818%2C14650%2C8304%2C328%2C15370&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C0%7C4&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.heraldsun.com.au%2F&vis=1&psz=1600x134%7C312x250%7C300x665%7C1600x720%7C1248x0%7C312x0%7C1600x15388&msz=728x133%7C312x250%7C300x250%7C1600x0%7C1248x0%7C312x0%7C1600x0&fws=512%2C512%2C0%2C0%2C0%2C516%2C0&ohw=0%2C0%2C0%2C0%2C0%2C312%2C0&ga_vid=2031112712.1702008750&ga_sid=1702008750&ga_hid=1144642815&ga_fc=false&a3p=EhsKDGlkNS1zeW5jLmNvbRi_74G9xDFIAFICCGo.&dlt=1702008744449&idt=3071&prev_scp=pos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dff8957ba-957f-11ee-9494-025fa74f1723%7Cpos%3D1%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dff8957bb-957f-11ee-9494-025fa74f1723%26vw%3D40%2C50%2C60%2C70%26vw05%3D40%2C50%2C60%26vw15%3D40%26grm%3D40%2C50%2C60%26vw10%3D40%26pub%3D40%2C50%2C60%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dff8957bc-957f-11ee-9494-025fa74f1723%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dff8957bd-957f-11ee-9494-025fa74f1723%7Cpos%3D2%26refreshnum%3D0%26refreshed%3Dfalse%26amznbid%3D2%26amznp%3D2%26id%3Dff8957be-957f-11ee-9494-025fa74f1723%7Cpos%3D1%26refreshed%3Dfalse%26id%3Dff8957bf-957f-11ee-9494-025fa74f1723%7Cpos%3D1%26id%3Dff8957c0-957f-11ee-9494-025fa74f1723&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3D12a4e09c9f085d898099a46ef33b007f%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26pid%3Dnone%26adl%3Dfalse%26sssw%3Dtrue%26abtest%3Da%26pvid%3D12a4e09c9f085d898099a46ef33b007f-00000000000000000000000000000000-1702008746657-47730%26amznbid%3D0%26amznp%3D0%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1509996_PG%252CIAS_3011680_PG%252CIAS_3011756_PG%252CIAS_3011779_PG%252CIAS_3011758_PG%252CIAS_1509656_PG%252CIAS_1509463_PG%252CIAS_1508986_PG%252CIAS_3011767_PG%252CIAS_3011755_PG%252CIAS_1500903_PG%252CIAS_3011694_PG%252CIAS_1507654_PG%252CIAS_1508970_PG%252CIAS_1513564_PG%252CIAS_1506123_PG%252CIAS_3012922_PG%252CIAS_3011734_PG%252CIAS_3011763_PG%252CIAS_3011765_PG%252CIAS_1507080_PG%252CIAS_3011728_PG%252CIAS_1508967_PG%252CIAS_3011726_PG%252CIAS_3012764_PG%252CIAS_3011773_PG%252CIAS_1510566_PG%252CIAS_1509981_PG%252CIAS_3013247_PG%252CIAS_3011691_PG%252CIAS_1500692_PG%252CIAS_3011777_PG%252CIAS_1509978_PG%252CIAS_3011752_PG%252CIAS_1500902_PG%252CIAS_1507653_PG%252CIAS_3011699_PG&adks=1798527053%2C1263259910%2C1415436295%2C1982096792%2C3785065344%2C2320616304%2C3544675803&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
34e090ce181d8557a8a45048c5f8ace5e42fa9f4bc3216db6cc2ba92cdc0c845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42811
x-xss-protection
0
google-lineitem-id
6405743267,6405743267,5276126762,6405743267,5275743052,5969529023,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138452084895,138452084910,138436782532,138452144141,138445902045,138455556485,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9EDC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:30 GMT
expires
Sat, 07 Dec 2024 04:12:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cm
trc.taboola.com/sg/adobe/1/ Frame D25B 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-vcl-time-ms
60
date
Fri, 08 Dec 2023 04:12:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
58889
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-kbfi7400050-BFI
pragma
no-cache
server
nginx
x-timer
S1702008750.357006,VS0,VE60
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
0
sync.1rx.io/usersync/adobe/ Frame D25B 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
v3
id5-sync.com/gm/ 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
34f81caac338e3937608c43dc6c890d5fe053de2f243255cc9508470b52d48bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.heraldsun.com.au
date
Fri, 08 Dec 2023 04:12:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
interact
edge.adobedc.net/ee/v1/ 		725 B
818 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.adobedc.net/ee/v1/interact?configId=a1c5b3bc-ee60-4471-b1d4-6ae69f1da99d&requestId=bed748e3-6dca-438d-852c-3f33210806f7
Requested by
Host: cdn1.adoberesources.net
URL: https://cdn1.adoberesources.net/alloy/2.9.0/alloy.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.186 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-186.data.adobedc.net
Software
jag /
Resource Hash
940699e7170c09c94d4c9635679dde6277b2a8b1be37c403d46b32f5b0ae487a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
server
jag
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.heraldsun.com.au
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge
VA6;7
access-control-allow-credentials
true
x-konductor
N/A
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-xss-protection
1; mode=block
x-request-id
bed748e3-6dca-438d-852c-3f33210806f7
view
securepubads.g.doubleclick.net/pcs/ Frame D53B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst34TnaBJUK0ZuFrOsi_vo1bId5DQ1dwkf76LB3x7sY6Oe3V_APdSYp-EH7FfP5Iql-lpkAOYE5lIum_gHzPGJttqG1I6rUqB2c-KRhxloBxGhTtvO4NurY1VcTJoPxot0GkGfbREoAhi7FcF65ykg9JTP78Y6Eshz7sQPA-To_urfkhFXLIkKd-CZ-YrPHHGw1XhZo6cs14I7LIX6tjOqmhvFGDnVvz9GFJw1cft4WxzbfbMNpE_u4xQqfpQyDzxcRGAM2dYE5WCK8AksfN0H7OVsMYwGiMOI5Wo7_UNGDiLlT3zp39hBioCvRIyZuTOb8AFCauAPxgQ&sai=AMfl-YSEQMvB_EF3fGKu56bzjaU6FtneVAmSRdAWxGh7MGdMfrpR41V3cKNre4dxq8aoCuLl_D_hH-fVX_kycp0o5DlAxsUCqIbYB1eDLRjvoqi-n5esgALUu-qYC2xkcOLuciAGE4SbREpE&sig=Cg0ArKJSzGGbm5pf65SMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
invoke.do
invoke.bonzai.co/mizu/ Frame D53B 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2665275376880228902&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2668887954420828497&rnd=361760162
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.99.215 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-99-215.ap-southeast-2.compute.amazonaws.com
Software
Jetty(8.1.7.v20120910) /
Resource Hash
5284eec8b880c1f3cebe4823d8abb13368fcb9a1e4d213ae3f9a9e7bf1443a93

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
date
Fri, 08 Dec 2023 04:12:30 GMT
server
Jetty(8.1.7.v20120910)
content-length
9624
content-type
text/html;charset=ISO-8859-1
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D53B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7EB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYYXc5MBykFS0EROjhPvIwnZqt3NW5YZme6ZCjotvD5c9vQEkyLaskDUMynV3pHqvErT4MurbnAk8sq-VhEOK7uuYPcNaq6shjrXCtPFWyK_6yc9PcAQTIoSNG4_nHmcp3efi6g-ft6ZSDV6sJEMSOEv8z4QSq9Khkc2fzpI0Arjdg33_Gy9XJsyUj9icY1RdsxIyZu8pnYESkjKZFXMAIghT4jxKzqFiv8G0pbfwNBOCIMozuc-cSqc5pHMDnQn6Rvibat6lL6aZaT8Wg--cByYotKVaK0lh8CZaLnhB5_HVguYU72J7i_20q_pW2TdfresmYC8p-OQ&sai=AMfl-YTVFmp6KWylzccQpx-O4WiK2yL25Ip0N0BbG-sNGxoZdjuP8pPkgq4c6Ey3MM_FsqxiHlx2sBk97-QUNuoH5vgBB6lzSD--Ip1ubpzw4xtAbyLmn49c0kSuWM0tNjy0nMTevcVoENwc&sig=Cg0ArKJSzM1SYweEfhiOEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 7EB4 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7EB4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7EB4 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:30 GMT
1698030790552832069
tpc.googlesyndication.com/simgad/ Frame 7EB4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1698030790552832069
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
a7ac93815d34a45b882000c6c3141631709a72e2f24b9c29dcbe2e618438e9fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 09:18:39 GMT
x-content-type-options
nosniff
age
154431
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8444
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 07:42:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 09:18:39 GMT
l
www.google.com/ads/measurement/ Frame 7EB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdNqT5Vkr9qqKWH7zv48JcekxZxOfnbJRMxGnXReG4-jdrRFwVgft9CoLNyTTErT6GjebQshwLkHAwaUlMybdDXJspbw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 7C6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmjHpl1LwhAYEsvKHWI7fsFO2zrYimV80u_RxlIhA80KRgOaqgmiF7JSupfRI0VNjMaakfCwFsXsviGQUO0ppctXKV3X1IhHZhzX7yi235o2TwYhvgmN5gMA-PXAZIWiLJczm2_i5OgYJsQWnKAVvY6JCjSzHRPgukVSzUa-ol0hzi5VKZ-omEAs2ddh_PwHQAKX7DWmX8YgZNs2JYX91u_zAlWuIXpFvWTiTSVGcBzO30BpX18ko55waE_rWpTTC1v5BLQbdHmkICVtN2aUvPS07tkagNEVUNPLp5DipnWzq4T55qlWz1VxuhkRDrjelHCM6B6JJNdt65QU8-CZgR6eenXvDAbOlt-A&sai=AMfl-YTmvvYYbXXQdoPYCyhaXmQu_aDACBkepdCUKS-PNIZ8ilfMEQCAt8vDz5RLbYpQApMtfnHGz5TAbCIYIJGPIigi48MU30ZhO3nszP3ZQMK7WlO3jaJH0tbAP3TufWfT2hbvQi-ekfgG&sig=Cg0ArKJSzIQ-sncej4igEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 7C6B 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7C6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7C6B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:30 GMT
16105402251615478107
tpc.googlesyndication.com/simgad/ Frame 7C6B 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16105402251615478107
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
130848934ba9f28923361203a7a8b8bb947f103cbba3380fa9030ce83ef6e340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:21:37 GMT
x-content-type-options
nosniff
age
17453
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60961
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 02:40:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 23:21:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5020 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbnH17DYcMgvw7RbCXhC2jHYX2q5WqBZVkcoYGpwLqzKhOKBfgt68NEKZj_0cVqs_liztf1q28RIwjvrVQoDVX98OZc5d0dVr6Zk3Tf4VO87MKFWwzwZbPB0mSWZcAgR_7u8Qj0iwjYSD8G4MvR1i_9uOGuHbB2ZiDnX4C_eKHZsQzvvZCDAoFeRcVuhXsifeosyyncq8gAEnIzdI2t9DdVVpOxOhCjmP7Anb33j6u8DS64-Y1zq1eNUdpjX1bpvGGj2FuIBFh6E_oexrAXyKTrRS5RORmcak_qUfktcuzXdELXQJl2J45824svhAPtPQmxQW8ChmWXw&sai=AMfl-YTI3C7axZ6VjhYihWEfrf61MrQ2rfHxLrJVtZQMcifTXjLpU47Yxbe4Ite1U3mzS6NhJnH113NvR8vSlbfyjsnGi56DCpB_yYOdbKKmFTH5Ip-X1XSSm36Hp7KxxMMO1_dspqHsVnGh&sig=Cg0ArKJSzDffc1bP3nOCEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 5020 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5020 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5020 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:30 GMT
7762130119884449877
tpc.googlesyndication.com/simgad/ Frame 5020 		68 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7762130119884449877
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:45:05 GMT
x-content-type-options
nosniff
age
1645
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 06:22:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 03:45:05 GMT
l
www.google.com/ads/measurement/ Frame 5020 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTS2DFGEfarslCyMOVdcpPxs7y_pg4kVA2osj_0xKO49Sd_gjiuFl2OlY5xHnfQrNe94ANln6wFFHCTgj6ZdQoU-bE3cg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 7207 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssM7dhEH5DxD_dsScrAK7sJK7zmuCwveNjNAeSXj6iAZGgFXIsuCka2clUtBL7CQi7gBCCIkQOnvnPkFf1PfUWO0LGJKgIwH39LfP7fpQfdfc82eJgYtsy08yPFKBX6bvQBHvh9HACcPospTqFSEApODD_YPuTP3H5HlNlC-V_TGCYeNErcuDAbvk6DxZmEQt9CICpZXE58OpTOdocqmkkuYtsU8sTpS9Z1z60O9zUGulUv2WhWNK6mznWCTRPRQX0EdFMNbGDCOgRR7Gi4CVoQ_pOo4GqEKOernGTzz_mj9OJAxFAScBfndUirX14C2PJ1jURo8hUc1sIEPbDH9JvCHqlK_Y3zj-0pSw&sai=AMfl-YRvSe944tZ2i6KhV9wT2JwCCt5OiY64MOwnef3jaGw48xfKq3YDF6z4WT1AjtfBL-5TpOxBzU6Hp4gbWkEoz-zTluYHL6-vYnKb5WpcWW1yGaZXxASyREUeNsFAxiUQMz_4owBs_WkY&sig=Cg0ArKJSzFbJOGOTFqNfEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 7207 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7207 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7207 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:30 GMT
14822947184821417181
tpc.googlesyndication.com/simgad/ Frame 7207 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14822947184821417181
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 03:30:18 GMT
x-content-type-options
nosniff
age
2532
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27589
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 07:37:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 03:30:18 GMT
l
www.google.com/ads/measurement/ Frame 7207 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqzYfev-6-z-cfrAM_AUQ45w7bCm3QJv9voODXUKGQUvl42FIVrbZHwyN2ByekXGx_8jKNtWr5aULZ3M4ryaAr9R6JEQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 43F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6H2Nb0GssbXrhZ14PiIdFIGY3_HYil23hY1YR0HxFoF40psKJ-UerzrxJag3fShI4aKMBUUYu9sYPyWKVsDemNc1pxO05iMKJl4iULT43lHbMPL5MrVdmJcMM02u5bFKH0LhLewX-ihx81FqrqGq1spw_8sQYgdMEjkI4HDdn9v76UnWqwilfEKQub7T7-XrbkBs7xslA-jQFeRmLbZHPzY6YE_fGx6leEYYTVFf-PW90IA9lQFHbprslgnyfQ0eOAMDnyj75ZHcgOSk614yDrtmYrFIlKwb71s451ViZMCo4EcO7ZdRQzuC72HwCwm_wkRtw7nrd2EBqVK7nPlnqVbmnzmK1uQI1og&sai=AMfl-YSCkZEP3q2YDgnUfE9fEZWJyJIQqYllWx69LAbbKvmt0rxMpOSUPHrpftlH0mlmutkCZWXMgmKIPFHk3dTRURtfT6JziJ61kcf6nKk2dR87x717GXE4-QB2ZsnKNeZIHWRsUVTJRL_w&sig=Cg0ArKJSzIiH8b5U9XFrEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/?nk=12a4e09c9f085d898099a46ef33b007f-1702008744
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 43F2 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 43F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
27652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:31:38 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 43F2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 04:12:30 GMT
13250216711342224395
tpc.googlesyndication.com/simgad/ Frame 43F2 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13250216711342224395
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
2c7d94cf72290f0afe885cac865b79ed0faf8175005d60abd2c9d8471f2f8a3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:43:35 GMT
x-content-type-options
nosniff
age
131335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41941
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 02:56:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 15:43:35 GMT
l
www.google.com/ads/measurement/ Frame 43F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYCOoTlsPWNGmabdSgHnl0QHYkyJ27UetuVLj6ju7a8W1NQ57n-msb3R_yTVcvnfCG0vkA-f7HXw02Hd3zPHrwDy_yxw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
truncated
/ Frame 7EB4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5b8b1d5df921838c2add27d72244ece12a8a941a2efac1924be751bd1f108c9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7C6B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93401f489dace786f4718ee877f18073995d8870cc5195570f82604948b0b5ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5020 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bcbb673451cfc2f3834867588248480d5f5eca74a4213a68f7e00c3958cc6f3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7207 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c130954aa6f9e655dbb8c48e8514d5d4ad3964b0035020ca1923b029f41bc998

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 43F2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6dbc71ed639415f01a97c8f609e753ebc885db3add7e5c889a88dfc050847d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
2665275376880228902_1698737888501_script.js
massets.bonzai.co/ Frame D53B 		288 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/2665275376880228902_1698737888501_script.js
Requested by
Host: invoke.bonzai.co
URL: https://invoke.bonzai.co/mizu/invoke.do?proto=https&adid=2665275376880228902&scriptid=bonzai_script_0&sn=DFP%20(PG)&contTyp=div&plid=2668887954420828497&rnd=361760162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
008cf0303576365e2176a6a2702f43f97ba8621a03b9819f9bec472df8c32877

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 23:32:55 GMT
content-encoding
gzip
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:38:17 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1139976
etag
"2370686e9f323be5e46947a802918623"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31104000
accept-ranges
bytes
content-length
100851
x-amz-cf-id
jidx5Yx9MMZX30Y_JKQu0b7N67L32NXjxnuCmhXU7qqkJP6pvhh3Vw==
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=pre-preimp&tk=474cb5e5483c02b96f42b90d6c21243&ad=2665275376880228902&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
2or3aZ4bYli6tM_dpDsg23AiqgNASSjYMuTvajlnVqRvwnFeA1rIxg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?mode=test&adid=2665275376880228902&tk=474cb5e5483c02b96f42b90d6c21243&domain=www.heraldsun.com.au&pagename=/
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
jbW9Y9gEmePwwyESIaNTpS8o-TqhBvSrizWMwC10R2qLIcaPfAGNdg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame D53B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90a1ce715a915054ce2269d7160de2035af86f48404b5918677ed9d058f85813

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame CB87 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084895&pubOrder=3263880218&cb=2134353111&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957ba-957f-11ee-9494-025fa74f1723
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
e026e667ede932252886503ed43b96365aea8e928766138d74646edcf34a44c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
LiveRampId
au.audience.newscgp.com/ 		94 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/LiveRampId?device_id_type=newskey&device_id=12a4e09c9f085d898099a46ef33b007f&bust=16905034818750.019150480735628417&errors-in-body=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/hwt/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
7733a0353c0558298380dfe92186c2fb47590903c95b5b27c2b75e0c8d226edd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
via
1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
94
x-amz-cf-id
iPRmXVDzdN5MEsEzR1lw1f04_xHBQFqld-WRiGMU6N0gE5ImHbt4kA==
main.19.8.464.js
static.adsafeprotected.com/ Frame CB87 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=970x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084895&pubOrder=3263880218&cb=2134353111&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957ba-957f-11ee-9494-025fa74f1723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
28654
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_tP6nOobsY09v0XuSg2vDODX8b_2_uhsESliUyiTBPBhedpTjt5a2Q==
publishertag.prebid.js
static.criteo.net/js/ld/ 		98 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-18615"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 04:12:31 GMT
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2665275376880228902_1698737888501_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
content-encoding
gzip
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
Fgea87QFljxAc21Re7bQQT4Yuku1AVj5kzW2dfcB49rEew5NoYSZzA==
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=preimp&tk=474cb5e5483c02b96f42b90d6c21243&ad=2665275376880228902&brkp=1920x1080&brkpid=dtsMain&cw=970&ch=250
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
UEuKjhcOW2z42LZP9QtI_6-cLbtkFf10O7lzJQI37JP4-C_Do-Xb3g==
expires
Thu, 01 Jan 1970 00:00:00 GMT
1px.gif
dcollector.bonzai.co/ Frame D53B 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUwNzM3LCJmaSI6ZmFsc2UsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiIsImNudCI6ImRpdiIsInNuIjoiREZQIChQRykiLCJwbCI6IjI2Njg4ODc5NTQ0MjA4Mjg0OTciLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJEZXRlY3RlZCBTREssIFdlYiJ9&etc=0.7535054425022356
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:49 GMT
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
13003
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
P9X3swwf6hMsPIQ5ZIGayN5g-ui_WdNZdeQFXzBLGTsjdwyzB5fUMQ==
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?ev=imp&tk=474cb5e5483c02b96f42b90d6c21243&ad=2665275376880228902
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
4ekwj8K-du311RF6JAsNjHt5dLyF26AwQMgp27jnZyRmeFgbzXz5Sw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7EB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstA1aWc_ZgXJLtsG2f14OrjpLRDzYGWLjUyp-Bywxng3Q-XxE9vZW68AUoMPk14Y-Hs-_PC65Mgs9c2na7aRoUFBpBXb9mPmUzeUAst9puZpHLRRG-n1XSSkSS0LPbgbGAdrqfiEu4ocYdE84hU3pFQr500GaYlMHzUqC2wQSWVy2-U9x7sVlCuBMHj4Hd5u2meemT7Z1Xm8MKmZCWchgLD-jI4htDFYRZRVa7cNEsem2l5ZD6vBiScoy6XWNc0fR1lVE144bts3q6oToOrgrnWrterp-qxFwOf7DS-P2ruAMvjepeaVcaUr7hgZr4SQQIrhewSMFFDFSyA&sai=AMfl-YREEe0ZMxW0h3h-JwghKNTRKfn3kf6DzrVZCfWPpyOYFRCqpiNblwYycWa2vRItfgWdiK8wtlgTKc07YvZ3qc1fDpoY19421mqS_k_qyzooeAIZVCEZX9OyQ6tUgCqAl-BA017qE89M&sig=Cg0ArKJSzHrgbUt20Au5EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:31 GMT
jload
pixel.adsafeprotected.com/ Frame 5369 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084910&pubOrder=3263880218&cb=1007091598&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bb-957f-11ee-9494-025fa74f1723
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
9e79c950a3ae56dccbc4c78b01bce05d2e3c40cff0521328456e30337f094918

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 6C40 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452144141&pubOrder=3263880218&cb=160836748&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bd-957f-11ee-9494-025fa74f1723
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
bcc08a551387a09ca4432e80c9adfbaafaa0dcc06ea90922f511d62289a91441

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5020 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfynPzyY9_wE98valBcFfbZk4fuR0YF1T8qBqgTm5Cx88h0pzwzkmFHbcFezFdpMaRJZNTdGXi9w0e9Qb9S1_eEkHkK5BGKQWm2F-stInVH_5ZdxSLTGYvSv4QD1gBOaAjYN2NkOn8bW3l6JN2HRnZlqi7JUOv0XljJ39xZvmE7C_tUbRncDQZYUz-g6g53-5o0EH6QQytgB9T9mz9t0GIuZq73BYY5Y-8LzTrn8U4QWda_dJD_taPKCe2tpqMIbnGxQzmdPKhrVNNfCKwxLXBzMzHOMFSxwJH0X8jxoK7P8pO8WNrzYAd88jrRP5A0THfQ3TjOLqzyJqQ&sai=AMfl-YScFMcds4yFGJJStgQQL72TnxKZptyL5zB0ePaMXEFidW7v0ZLxWO7mCuw83d4wLQCChXUOwIScMYsFopTpNhk3Na2wEBo9x5YN7tRJ7RqSTjfCCjbnsgqPuDvfvTl3wqLR2rrdDV9h&sig=Cg0ArKJSzIi_bOSQkSa7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRK4X4_bOHcPAvP6UL8mgApsQtkekywl72mJndpY-2iFqPZ3GfFXq0aTtZYr_cokfzCU2YqpSInSGUu-ojaysKa6A0C_1GmIInLbIG8POiCgQKyy0-evv0uMOMrusAqoWwbEmiEdFFx07nWnnrxBLNn6_huO_83U7u0ia4_hM0RUTB4Ex-JU-Qeq_BfnvpmImSRlQInmWZet6SFitG-P1CsMEo9XCnGv76FRM0hLyZvqdjEeCj3r9KdWZivVnjEqRIaUvCbjwKIae6kkmGNJMvATBlSV47dZRusTLCyZ4T5bXZReXHfm3HmnjgdGQf4sBj_4H6hx6o7rmi51ozoOLpXNmJt5rDGe9D_31B&sai=AMfl-YQnRoLqBN9FSd0NSG1CuuFU03bhU0JvlmkAzvkh-2zhoHHAjKYnTJJTqPsVKLZHL6xjJWw3s4SX9lc-9AprNf2OvnZpu0hmngQ2mLhDHt9fi9W4LjFAzQvZ2br286nLgXvkUWrctjMI&sig=Cg0ArKJSzAOdBIoy0NONEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:31 GMT
jload
pixel.adsafeprotected.com/ Frame 07C7 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138436782532&pubOrder=2553375348&cb=837571303&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bc-957f-11ee-9494-025fa74f1723
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
07b6b94156077f84782bc055aae153ae46be8a4d6d99924cd1140c37c0eb4b42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7207 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso2qCgOAJFiQR9-yLWNQ6YvR_jNBiHfnikpt5sDExMMcDzpvV9QWn-8eNwb9R_-tfaqQIasQMkBD45g-K9qgQj8sGR5CU74laWEotGYmtmitvW_nddAwNFPYdgLXrTTHvwCdC5NGH9SOswGmkcGiM5kQOvMyMIl0bZdEESXrQTutrTauXPT6X-usOwfrlqWf8919petq5VU-Dak4ovDW_vIxR31FpCeLTy69EE09FhQPymFo8CTuYLvOUS_fECo2dYo6TTVcWBhmR2ZybNi7-enFY2GBpqV_fpzVwLDBtbFSsNGyepZM6pdyOw5oAPbZEn7kzbhFZr8iIW_QfqaWF-qV8uObfroYZ0ZE5M&sai=AMfl-YSfeHTzrsNCTLKVRhPBcASKESnws5nqhEwuqOFeDS1fYxK0nw4G-VB3KdF9h1YCXL4RvbY2PY251qJxMv6UpJiEBbo9bWSzLDhSc2iOd0OXyktaqQ788vtpyEkOJ82zjxkHO2ldoyBM&sig=Cg0ArKJSzEwqOi8_cMawEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:31 GMT
jload
pixel.adsafeprotected.com/ Frame C321 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=462992330&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957be-957f-11ee-9494-025fa74f1723
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
dfc4fa358cefa1c22ef7e4e89d130ed5d43ac301e6d0794b99a03544553eb267

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 43F2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUsVYmmLkYZiI7lgjgY-NYPXnpPm3ouxtAQFamLhJrktJhpL4K1I58u_J2KjV_KJaLhV8eXws6blf2JdpTZiHkjEhqQNUHE8l2Sxh3234c4B6IDLd80_glsdYDfUqdJ76fdED5ROR5TlbRXu10fGOGI_Wv23ZyG-HL_Bj5LINMRZmIFLMNJd62rfQf6e9C6KtBuZuyto_4A45n4WKauqjYBUqFODNDxhYQDodKOMyitn-6d6ChuU5ptyTcGNY5x745zwJj2ryp_ga4iOSmUx4Z1zw7LxMtuxSMcTEe5dilyzDPt3gP-OxF_t8hqPFvUOqev_jZ3eeeuFWI00gW2lu28WtwpcgmVX0kEv1j&sai=AMfl-YQhV8mcQ3ZB_T6aE3JRAywT11X0tD9MM8SKeEoqko0BQtexLZz8Mo2jtBIkl4hq7CTi-ifLFQ7X1baT1I-CmH6GhZO5AJUjZmHmhRJ7WKLBdYKKMzGEsWKcebdN5PHwDs02W8dyq1XD&sig=Cg0ArKJSzFLfTW1e_UEhEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:31 GMT
jload
pixel.adsafeprotected.com/ Frame 3141 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138455556485&pubOrder=3004275014&cb=315655829&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bf-957f-11ee-9494-025fa74f1723
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
928ef04371043843ebcdba46b78980e61a73d306d2d75010dd2a8296c7276acd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:30 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
main.19.8.464.js
static.adsafeprotected.com/ Frame 5369 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084910&pubOrder=3263880218&cb=1007091598&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bb-957f-11ee-9494-025fa74f1723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
28655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
C-omlxz8a9p4zO3NNgm4l2-EGSCsR7KlvowfqiO9X_rtkYYlEXbrxg==
main.19.8.464.js
static.adsafeprotected.com/ Frame 6C40 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452144141&pubOrder=3263880218&cb=160836748&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bd-957f-11ee-9494-025fa74f1723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
28655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
rAQc7yPtkUJQvv1L6dNB-cgkrlqXO9PsIBRmvAN2d6ySJspslm0bqw==
desktop_truskinwww.heraldsun.com.au.js
massets.bonzai.co/c2/jd/ Frame D53B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://massets.bonzai.co/c2/jd/desktop_truskinwww.heraldsun.com.au.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2665275376880228902_1698737888501_script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
content-encoding
gzip
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 20 Sep 2022 01:53:11 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
etag
"9edf0d1a271a1eec31ac16f11fbd329d"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
988
x-amz-cf-id
DBwN_DNhyp3yp1KwtyOGwYQjTVTgVv8sbu1dSZ-DmROsZV5XVg_C7A==
main.19.8.464.js
static.adsafeprotected.com/ Frame 07C7 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138436782532&pubOrder=2553375348&cb=837571303&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bc-957f-11ee-9494-025fa74f1723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
28655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
GwmIzuEGCQ-kUJwn8QlCwdkdTC80QC5jdj-meWfOu0LRigS9w3Mpgw==
main.19.8.464.js
static.adsafeprotected.com/ Frame C321 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=462992330&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957be-957f-11ee-9494-025fa74f1723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
28655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2INPfqFZvEwD5mTaSePVIPDkArjNj3k-21hWX6mPxSPdY0j-hNBz7w==
main.19.8.464.js
static.adsafeprotected.com/ Frame 3141 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138455556485&pubOrder=3004275014&cb=315655829&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bf-957f-11ee-9494-025fa74f1723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
28655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
hnCZyuUVNcjZWK_1m5pbdSzb5mK1-GcCgH-HQ_IxtDWhji7TczHiRw==
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3280 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
23568348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
wuS83DFW3EpNtkiV9wrlzxnR3xN5t41PAnQwVbJNES29KfCVqE2vLQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=970x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084895&pubOrder=3263880218&cb=2134353111&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957ba-957f-11ee-9494-025fa74f1723&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67,c:wcRDOJ,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-cd76977fc-bv9lx,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:356,mot:0,app:0,maw:0,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1o*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:378,oid:0169afda-9580-11ee-a9b3-ea24678b2a76,v:19.8.464,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
app06.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRDOL,pingTime:-8,time:379,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:379,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRDP7,pingTime:0,time:401,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:401,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~100%5D,as:%5B41~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRDPf,pingTime:-2,time:409,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:36,beZ:37,mfA:393,cmA:394,inA:394,inZ:398,prA:398,prZ:406,si:414,poA:415,poZ:431,cmZ:431,mfZ:431,loA:439,loZ:442,ltA:445,ltZ:445,mdA:37,mdZ:372%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:409,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:315.28.970.250,am:i,cc:315.28.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~100%5D,as:%5B49~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1o*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_0,google_ads_iframe_/5129/ndm.hwt/home_0__container__,ad-block-728x90-1%5D,sinceFw:29,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
moatad.js
z.moatads.com/bonzai678688331786/ 		316 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/bonzai678688331786/moatad.js
Requested by
Host: massets.bonzai.co
URL: https://massets.bonzai.co/2665275376880228902_1698737888501_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c33065e742b63134f0db0f7dbc095b0270bea39913a63bd2299a09607186196a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:35:20 GMT
server
AmazonS3
x-amz-request-id
TW4DP2RGZXAA5JP8
etag
"19174e44327f5dd80838e1494d5c1d37"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=25629
accept-ranges
bytes
content-length
110337
x-amz-id-2
UlIkJY+PEIZCNKWQxtl/xF9gabKO7OuxpLrD3JyzBrD0IjfLwD5jMFMfM2O6fNP1XAs/yVXhVjI=
view
securepubads.g.doubleclick.net/pcs/ Frame D53B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_1PYZXEQEi6Dhh-yXdTiLpIhyYfp5CZr5Lpzp1WuSWCRmhINx5NIACIvjFihF79_aJ9sixz8V_cJ7u7pumlDyOLvRMuILaGl4Mzs1ID4TK7qRFuDqR2AQQygK_NBX04owJJIpBMxkanI61mG4Ij8FDKCox28MZQkWlOIWWrwLS7qfJpJjzwwcDn25pgrXMPPqyOyWO6K5_EiGOclOj8MB4eF8lPbvtayBV0i8jRIFY4fgrNx8_IOgbQH0I9VvPCHKdYMTNwl47EPX6qTgaLMJXW9Fk31tSnN2nQogAJT231azlTUTHl8OQQGMTWC6qvOG0BGNI6xx33Yi&sai=AMfl-YS--WTPD0nXUznYUzt7sxtIym2ftf9QGzBe-ovElNlACyC8pobfF3N_KUpuDYAYHwvDYGbg-rxdsc8iB_zibJRWnU05Z6n7Jyy4GGJLvuUvs_EKs3egLQOEufIxRppp7ztvkQVz_IUc&sig=Cg0ArKJSzDdaeoxjUKaNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 04:12:31 GMT
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=BONZAI1&hp=1&wf=1&ra=1&sgs=3&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1702008751180&de=768111847820&m=0&ar=cc84ca2002d-clean&iw=105f2cb&q=2&cb=0&ym=0&cu=1702008751180&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=2665275376880228902%3A2668887954420828497%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&gw=bonzai678688331786&fd=1&it=500&ti=0&ih=2&pe=1%3A764%3A764%3A0%3A832&fs=206701&na=1647239495&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 08 Dec 2023 04:12:31 GMT
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=https%3A%2F%2Fwww.heraldsun.com.au%2F-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ADAvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-zY02nnduOmx%2BSA%3D%3D&sc=1&os=1-uQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=1195&w=1632&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-0.6362552642822266&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1702008751180&de=768111847820&cu=1702008751180&m=72&ar=cc84ca2002d-clean&iw=105f2cb&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=15713&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=98&vx=98%3A-%3A-&pe=1%3A764%3A764%3A0%3A832&as=0&ag=25&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=98&pf=0&ib=0&cc=0&bw=25&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=0&ah=50&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2665275376880228902%3A2668887954420828497%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=DOMSEARCH&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=2121639805&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 08 Dec 2023 04:12:31 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRDRD,time:557,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:557,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B197~100%5D,as:%5B197~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2727 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
23568348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
nLyOMOT_rtA7KSkAMCYi5su0nPfRfQDyp7kvvOjglTBWUjzARDTJyA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452084910&pubOrder=3263880218&cb=1007091598&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bb-957f-11ee-9494-025fa74f1723&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:e340970b-cc86-a526-5745-fa70b26a7263,c:wcRDRW,sl:inView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-7fd468b949-d99ql,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:1118.560.300.250,am:i,cc:1118.560.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:326,mot:0,app:0,maw:0,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1p*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:336,oid:0174faba-9580-11ee-804e-da7661ec8a5c,v:19.8.464,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
app06.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRDS9,pingTime:0,time:349,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:349,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1118.560.300.250,am:i,cc:1118.560.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B22~100%5D,as:%5B22~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRDSo,pingTime:-2,time:364,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:187,beZ:188,mfA:512,cmA:512,inA:512,inZ:513,prA:513,prZ:518,si:522,poA:522,poZ:530,cmZ:530,mfZ:530,loA:541,loZ:543,ltA:550,ltZ:550,mdA:188,mdZ:462%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:364,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1118.560.300.250,am:i,cc:1118.560.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~100%5D,as:%5B37~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1r1%7C1s1%7C1t1,idMap:1p*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:336,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_1,google_ads_iframe_/5129/ndm.hwt/home_1__container__,ad-block-300x250-1%5D,sinceFw:28,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame D520 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
23568348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
twgV1FIQUlSIPcaPM_qFDIeK0JD5y2O0lqPaF3Q90nQw2cBa8MZdkg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=1603602071&chanId=171638111&placementId=6405743267&pubCreative=138452144141&pubOrder=3263880218&cb=160836748&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bd-957f-11ee-9494-025fa74f1723&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:44aaecc2-f952-60c4-72ab-01347a9c6ac5,c:wcRDSG,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-cd76977fc-b24qw,rg:au,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:0.14873.1.1,am:i,cc:0.14873.1.1,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:366,mot:0,app:0,maw:0,fm:tXOLgzT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1r*.10507%7C1r1%7C1s1%7C1t1,idMap:1r*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:A.qs.tn,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:377,oid:017a790f-9580-11ee-95fe-52491e1594e5,v:19.8.464,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
app12.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=44aaecc2-f952-60c4-72ab-01347a9c6ac5&tv=%7Bc:wcRDT4,pingTime:-2,time:401,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:156,beZ:157,mfA:522,cmA:522,inA:522,inZ:523,prA:523,prZ:528,si:533,poA:533,poZ:541,cmZ:541,mfZ:541,loA:548,loZ:551,ltA:556,ltZ:557,mdA:157,mdZ:506%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1702008751363,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1,h:1,t:377%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:401,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:377,wc:0.0.1600.1200,ac:0.14873.1.1,am:i,cc:0.14873.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1r*.10507%7C1r1%7C1s1%7C1t1,idMap:1r*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:A.qs.tn,siq:377,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_3,google_ads_iframe_/5129/ndm.hwt/home_3__container__,ad-block-1000x50-1%5D,sinceFw:23,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
v.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Fri, 08 Dec 2023 04:12:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRDTy,time:436,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:436,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1118.560.300.250,am:i,cc:1118.560.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B109~100%5D,as:%5B109~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q1%7C1r.10507%7C1r1%7C1s1%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=44aaecc2-f952-60c4-72ab-01347a9c6ac5&tv=%7Bc:wcRDTD,time:436,type:e,env:%7Bar:self.0%7D,es:1,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:436,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:377,wc:0.0.1600.1200,ac:0.14873.1.1,am:i,cc:0.14873.1.1,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B69~0%5D,as:%5B69~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzT+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1r*.10507%7C1r1%7C1s1%7C1t1,idMap:1r*,rmeas:1,rend:1,renddet:A.qs.tn,siq:377,sis:406%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 1D10 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
23568348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
AsP9wM-iD4tprsiwvbtyLcU4GjtLTKNgytYyQ13_HhpCPNCtQ-mdag==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x250|2&pubId=36557831&chanId=171638111&placementId=5276126762&pubCreative=138436782532&pubOrder=2553375348&cb=837571303&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bc-957f-11ee-9494-025fa74f1723&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b89a9ad3-4154-bb0d-2f7c-64888394a5b7,c:wcRDU3,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-cd76977fc-pn8xf,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:808.14024.300.250,am:i,cc:808.14024.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:448,mot:0,app:0,maw:0,fm:tXOLgzW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s1%7C1t1,idMap:1q*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:459,oid:017fcfdc-9580-11ee-b123-e21ef6413f95,v:19.8.464,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
app06.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
13726
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/13726
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-78.syd1.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
via
1.1 406461fd8617bd4d59bb9898123ebbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-amzn-trace-id
Root=1-657297af-0238e9670443ef5d40785be7
x-amzn-requestid
5168e20f-811e-40fe-9fef-d8b61e2f1804
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
PmyjfERfDoEEg8Q=
content-length
25
x-amz-cf-id
-cE14xqbylpV9K3Inxotp25T9P-FsNa2H-IFnbwf5VkAQ_Q8xS6h2A==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b89a9ad3-4154-bb0d-2f7c-64888394a5b7&tv=%7Bc:wcRDUs,pingTime:-2,time:484,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:124,beZ:125,mfA:573,cmA:573,inA:573,inZ:574,prA:574,prZ:580,si:584,poA:584,poZ:592,cmZ:592,mfZ:592,loA:602,loZ:603,ltA:608,ltZ:608,mdA:126,mdZ:545%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:459%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:484,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:459,wc:0.0.1600.1200,ac:808.14024.300.250,am:i,cc:808.14024.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s1%7C1t1,idMap:1q*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:459,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_2,google_ads_iframe_/5129/ndm.hwt/home_2__container__,ad-block-300x250-2%5D,sinceFw:24,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4AC2 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
23568348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
4AFCtA3BB1Y6AHiGoncI6R1TX823TYkhAiA_bYXyNqudzwRk_adw3w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=728x90|2&pubId=36557831&chanId=171638111&placementId=5275743052&pubCreative=138445902045&pubOrder=2553375348&cb=462992330&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957be-957f-11ee-9494-025fa74f1723&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:55ed1f50-f083-cf7a-575c-dd08d984e795,c:wcRDUN,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-cd76977fc-28kb7,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:436.8420.728.90,am:i,cc:436.8420.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:493,mot:0,app:0,maw:0,fm:tXOLgzY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1t1,idMap:1s*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:504,oid:01854ead-9580-11ee-aa7a-261078e3c6a0,v:19.8.464,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
app04.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=55ed1f50-f083-cf7a-575c-dd08d984e795&tv=%7Bc:wcRDVg,pingTime:-2,time:532,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:90,beZ:91,mfA:584,cmA:584,inA:584,inZ:585,prA:585,prZ:591,si:594,poA:594,poZ:603,cmZ:603,mfZ:603,loA:613,loZ:614,ltA:622,ltZ:622,mdA:91,mdZ:559%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:503%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:532,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:503,wc:0.0.1600.1200,ac:436.8420.728.90,am:i,cc:436.8420.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1t1,idMap:1s*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:504,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_4,google_ads_iframe_/5129/ndm.hwt/home_4__container__,ad-block-728x90-2%5D,sinceFw:28,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0061 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.214.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-214-85.sfo53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 09:26:44 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b02f02cf8cf65aef5d6048e0e5066d32.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO53-P4
age
23568348
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
OSfD2-ySLSd_cIV1Md0TbNY6qawl-xvp5BwdrUZzZ6iD1yoKaXVAAw==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=300x90|1&pubId=36557831&chanId=171638111&placementId=5969529023&pubCreative=138455556485&pubOrder=3004275014&cb=315655829&custom=homepage&custom3=168400391&adsafe_par&impId=ff8957bf-957f-11ee-9494-025fa74f1723&adsafe_url=https%3A%2F%2Fwww.heraldsun.com.au%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:bd999249-686f-0271-7679-d56dbdcf4794,c:wcRDVD,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-cd76977fc-kgtn2,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:1118.444.300.90,am:i,cc:1118.444.300.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.KBsRy1,mtim:543,mot:0,app:0,maw:0,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:554,oid:0189e232-9580-11ee-b982-def2d162133d,v:19.8.464,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.79.148.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-79-148-68.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
app07.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcRDVO,pingTime:0,time:565,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:565,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1118.444.300.90,am:i,cc:1118.444.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B21~100%5D,as:%5B21~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcRDW5,pingTime:-2,time:582,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:61,beZ:62,mfA:604,cmA:605,inA:605,inZ:606,prA:606,prZ:611,si:615,poA:615,poZ:623,cmZ:623,mfZ:623,loA:632,loZ:634,ltA:643,ltZ:643,mdA:63,mdZ:567%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:582,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1118.444.300.90,am:i,cc:1118.444.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B38~100%5D,as:%5B38~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:554,slid:%5Bgoogle_ads_iframe_/5129/ndm.hwt/home_5,google_ads_iframe_/5129/ndm.hwt/home_5__container__,ad-block-300x90-1%5D,sinceFw:28,readyFired:true%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b89a9ad3-4154-bb0d-2f7c-64888394a5b7&tv=%7Bc:wcRDWh,time:597,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:597,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:459,wc:0.0.1600.1200,ac:808.14024.300.250,am:i,cc:808.14024.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B148~0%5D,as:%5B148~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q*.10507%7C1q1%7C1r1%7C1r2%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1q*,rmeas:1,rend:1,renddet:IMG.qs,siq:459,sis:489%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame 755A 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=55ed1f50-f083-cf7a-575c-dd08d984e795&tv=%7Bc:wcRDWA,time:614,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:614,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:503,wc:0.0.1600.1200,ac:436.8420.728.90,am:i,cc:436.8420.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzY+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s*.10507%7C1s1%7C1t.10507%7C1t1,idMap:1s*,rmeas:1,rend:1,renddet:IMG.qs,siq:504,sis:539%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcRDWF,time:618,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:618,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1118.444.300.90,am:i,cc:1118.444.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~100%5D,as:%5B74~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1px.gif
dcollector.bonzai.co/ Frame D53B 		35 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxNjQzLCJmaSI6ZmFsc2UsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiIsImNudCI6ImRpdiIsInNuIjoiREZQIChQRykiLCJwbCI6IjI2Njg4ODc5NTQ0MjA4Mjg0OTciLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGZ1bmN0aW9uIGNhbGxlZCwgZHRzTWFpbiJ9&etc=0.09535573505991524
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:49 GMT
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
13003
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
sGuJG7qvpb2ZxCRQUcf6EtDWI6qBHj3H5mJIXTMzehMO_xTgCwIy7A==
rec
collector.bonzai.co/ Frame D53B 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJicGlkIjoiZHRzTWFpbiIsInBhZ2VJZCI6ImR0c01haW4iLCJ3aWR0aCI6MTkyMCwiaGVpZ2h0IjoxMDgwLCJldiI6ImluaXRpYWxfYnAiLCJldm4iOiJpbml0aWFsX2JwIiwiZXZ0IjoiQXV0byIsImZpIjpmYWxzZSwibyI6InBvcnRyYWl0IiwiY3R6IjotNDgwLCJjdHMiOjE3MDIwMDg3NTE2NDYsIm1vZGUiOiJsaXZlIiwidGsiOiI0NzRjYjVlNTQ4M2MwMmI5NmY0MmI5MGQ2YzIxMjQzIiwiYWQiOiIyNjY1Mjc1Mzc2ODgwMjI4OTAyIn0=&etc=0.6636789708943733
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
VJ7uPjtiHHXDp6mMYqLheCDP_oq2DdW0jQ8HBhdPWXMx-UWHspDriw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46e0424ef527d652c8a0c66b493235cc9a8f92955e0f3b8fad5108fb4a88a4c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/jpeg
fcb2345c-07fe-43c0-a1f6-0976d163ff86_v1_5.png
massets.bonzai.co/ Frame D53B 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/fcb2345c-07fe-43c0-a1f6-0976d163ff86_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3902ec07441f5026f6710e208b44026df4e565d10b7b9617afe87254dc033237

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:16:48 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:37:00 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1623344
etag
"e984f8902757568fac9cc0165d717c78"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
170214
x-amz-cf-id
mpJcCJYymNrekxR60i23O0ZhraEmUgKM8dn1S0UFnT_IiVJeRW1drw==
20faf892-b3f1-458c-9cdc-236750818565_v1_5.png
massets.bonzai.co/ Frame D53B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/20faf892-b3f1-458c-9cdc-236750818565_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a0b875e366ec5fe0338828cb8f9c3386dd212092a5efa1047ce5ae524e9ef58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 07:47:11 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:36:47 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
937521
etag
"625214aa52ef068d3c2ac3cc1239476a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16987
x-amz-cf-id
mSMF5cNmt95GsqQukKj32hEtZWYTMrx-kn3OXavitA8BpdCSJ62roA==
2608bd8d-0a97-437d-b5f3-3e937cd714c6_v1_5.png
massets.bonzai.co/ Frame D53B 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/2608bd8d-0a97-437d-b5f3-3e937cd714c6_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cc413b95c1985f67daf096890d1a9f526c88936fbdaa9bb771ca5dedf2678fd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 07:47:11 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:37:04 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
937521
etag
"88921fdb8e884a4694e22002019d25e7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12534
x-amz-cf-id
wylxpSCufHRoi991yTN_jdahadREsUwv7EB6uShgRKBxSwxmSUXSYw==
2edc9d8a-7d29-4d55-8a50-afd359c04063_v1_5.png
massets.bonzai.co/ Frame D53B 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/2edc9d8a-7d29-4d55-8a50-afd359c04063_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97bbaa92f60f04ecdbdb4341606437096e7c0adf6b53ddb9d80a962661aea2c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 23:11:32 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:36:56 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1054860
etag
"03649e4b7b5386b95a5a56348c858566"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29754
x-amz-cf-id
FJrSKrYtxT71_ek-cWyz4wdN-iZiaAIJh6-EjbVnrDYpbI9083MSZw==
e4c58802-a43b-461b-948d-e5f9449bc091_v1_5.png
massets.bonzai.co/ Frame D53B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/e4c58802-a43b-461b-948d-e5f9449bc091_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8244700d0c1c4886977be92c63a52692f6e651f1f15c5b692c8820f6ce330bc9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:16:48 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:36:52 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1623344
etag
"b6d80990b6c21fab997d8bb4cfdbfbd9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20523
x-amz-cf-id
o_EBZMpJ_o9mEkcWIlTE02sL2msdiIxuRgBs4KnX-IxQIXlsyJeRXQ==
fcb2345c-07fe-43c0-a1f6-0976d163ff86_v1_5.png
massets.bonzai.co/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/fcb2345c-07fe-43c0-a1f6-0976d163ff86_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3902ec07441f5026f6710e208b44026df4e565d10b7b9617afe87254dc033237

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:16:48 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:37:00 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1623344
etag
"e984f8902757568fac9cc0165d717c78"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
170214
x-amz-cf-id
HbkB-4R3E0Y5Iqz2aCZZD0qn3BXUBvvuP7kHFf2l2-BVLWCZkZN6RQ==
20faf892-b3f1-458c-9cdc-236750818565_v1_5.png
massets.bonzai.co/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/20faf892-b3f1-458c-9cdc-236750818565_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a0b875e366ec5fe0338828cb8f9c3386dd212092a5efa1047ce5ae524e9ef58

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 07:47:11 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:36:47 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
937521
etag
"625214aa52ef068d3c2ac3cc1239476a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
16987
x-amz-cf-id
Q_To1CxHl_lyjqUmHIfLSjV8xFJcyZZ4Ue2a3TbbCOmQ-Wnrh-XdSw==
2608bd8d-0a97-437d-b5f3-3e937cd714c6_v1_5.png
massets.bonzai.co/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/2608bd8d-0a97-437d-b5f3-3e937cd714c6_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cc413b95c1985f67daf096890d1a9f526c88936fbdaa9bb771ca5dedf2678fd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 07:47:11 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:37:04 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
937521
etag
"88921fdb8e884a4694e22002019d25e7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12534
x-amz-cf-id
3QiQnStQ7swlfDgvccq4xA3z55DNiVVuMHLE9EXDUR59aJuJbbJ8MQ==
2edc9d8a-7d29-4d55-8a50-afd359c04063_v1_5.png
massets.bonzai.co/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/2edc9d8a-7d29-4d55-8a50-afd359c04063_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97bbaa92f60f04ecdbdb4341606437096e7c0adf6b53ddb9d80a962661aea2c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 23:11:32 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:36:56 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1054860
etag
"03649e4b7b5386b95a5a56348c858566"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29754
x-amz-cf-id
Yg8kowaDz85R5B8vCo-gRZblQGG2g04jEoumiOaOWpIYyAVra402og==
e4c58802-a43b-461b-948d-e5f9449bc091_v1_5.png
massets.bonzai.co/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://massets.bonzai.co/e4c58802-a43b-461b-948d-e5f9449bc091_v1_5.png
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-8.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8244700d0c1c4886977be92c63a52692f6e651f1f15c5b692c8820f6ce330bc9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 09:16:48 GMT
via
1.1 55995d846c30878fb2be24f27b355ccc.cloudfront.net (CloudFront)
last-modified
Tue, 31 Oct 2023 07:36:52 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
1623344
etag
"b6d80990b6c21fab997d8bb4cfdbfbd9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20523
x-amz-cf-id
Pvth7MgxnZ9RZIZZpPSSV509vQDyYHACrDNzTeCZVxCl3IL9fbR4CQ==
1px.gif
dcollector.bonzai.co/ Frame D53B 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxNjc1LCJmaSI6ZmFsc2UsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiIsImNudCI6ImRpdiIsInNuIjoiREZQIChQRykiLCJwbCI6IjI2Njg4ODc5NTQ0MjA4Mjg0OTciLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIHJlYWR5LCAqIn0=&etc=0.8736391580485936
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:49 GMT
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
13003
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
xH0iH_8cbkCHh2RNST8e04xaA7Wm7OHiYmRBfFsc0g4R6ZYwao9lPQ==
1px.gif
dcollector.bonzai.co/ Frame D53B 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxNzEyLCJmaSI6ZmFsc2UsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiIsImNudCI6ImRpdiIsInNuIjoiREZQIChQRykiLCJwbCI6IjI2Njg4ODc5NTQ0MjA4Mjg0OTciLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIHJlYWR5LCBkdHNNYWluIn0=&etc=0.034478127293768424
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:49 GMT
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
13003
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
SACq_KpQk8aluHRwQkm377qv1ElKKD4uStaIU7ALaLlUXL-qfj1-Dg==
1px.gif
dcollector.bonzai.co/ Frame D53B 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxNzM3LCJmaSI6ZmFsc2UsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiIsImNudCI6ImRpdiIsInNuIjoiREZQIChQRykiLCJwbCI6IjI2Njg4ODc5NTQ0MjA4Mjg0OTciLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGxvYWQsICoifQ==&etc=0.676936444940121
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:49 GMT
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
13003
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
Qpwy6ftgIlWsVqtqwzxHiKr4umFHzXY2b_sq4f6sAJYTmLrpRzRW6w==
1px.gif
dcollector.bonzai.co/ Frame D53B 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dcollector.bonzai.co/1px.gif?q=eyJwaWQiOiJsIiwicG4iOiJsIiwicHQiOiJodHRwcyIsImJya3BpZCI6ImwiLCJicmtwIjoibCIsImV2IjoibG9nIiwiZXZ0IjoiQXV0byIsImV2biI6IlNjcmlwdCBMb2ciLCJtb2RlIjoidGVzdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxNzM3LCJmaSI6ZmFsc2UsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiIsImNudCI6ImRpdiIsInNuIjoiREZQIChQRykiLCJwbCI6IjI2Njg4ODc5NTQ0MjA4Mjg0OTciLCJjcyI6IiIsInNjciI6ImJvbnphaV9zY3JpcHRfMCIsIm1lc3NhZ2UiOiJQYWdlIGxvYWQsIGR0c01haW4ifQ==&etc=0.8057916666442979
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-29.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:49 GMT
via
1.1 212ddd6c8eb82cf3007eedad5f05dca8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 06:17:46 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
13003
etag
"28d6814f309ea289f847c69cf91194c6"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
67p_hA2yg2cfyki7YA9QhKCF-pXPvKAGvXMYH98Af-aZyv4I6sXELQ==
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRE0D,pingTime:-10,time:1115,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702008751839%7C%7C45541b38f37a18bc922ed62fa2e5220d%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1cdc644cb3f2542449fcf12daea0790e%7C%7Cb0547ecc0fff204fd7d128a03078a4a8%7C%7Cb999b2538915ecafe3a1f1ae428c19be%7C%7C228cf4486c236a81d6a2bd90f9afb8b0%7C%7C60def96017f9913509a0d889b9c319bb%7C%7C1663701684%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
lookuplist
au.audience.newscgp.com/ 		108 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=12a4e09c9f085d898099a46ef33b007f&&bust=17020087518500.1355784887617797&errors-in-body=1
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-56.sin2.r.cloudfront.net
Software
nginx /
Resource Hash
9aa5039e856634395cc8b86e0213cc264ef7c1499ba417eced7796c200aae5ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.heraldsun.com.au
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
108
x-amz-cf-id
Jj3FomtyLKgB1IhdryGN6nGbdxsErBGi5mEmRFu_Fv7AUkopjJfABA==
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EB4 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyJLAjamxfJGvh1dlc3cOeP9i25lcGDwgAC_NVmtfkOtGxm4TtcMiTaT7S2b8x6LFfJdOzkfzueaWTSAeIEsfXfhkwzA7WNjy3tcYe51LvwJ3dBU0BDF6pqAbuo_g0nZKmyjJSQFcH-Q&sai=AMfl-YTCGo1qiDpITZp_namNwumfJjT6bAYBBnyMzA1LfnfT69yfTuw&sig=Cg0ArKJSzLxnHmq57coPEAE&id=lidar2&mcvt=1010&p=604,1118,854,1418&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1263259910&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702008750272&rpt=499&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxODc3LCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.9717332849983977
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:31 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
lp2wSg-LoGFkfMfn2kCC1YEM2QyFs6LpaZRDQLn6Sarckcf7GHvdlQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUxOTU1LCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.4750249754014817
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
Eh2AWmUNdFKbmm9nxmqJXZS1AJ_Lji6G8i_pj9bFwaQyKXULnApaMA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 43F2 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFaONXJYCqy2aq3LZL-D7wjqtskQapYGonZlxVeMvJdbRWsEYhFTKTHIPlqBQhAn7ArXkECPXArmg-FHndTll1hUQgl-CC_nPo6WVCJgtgx65aFf3r-WGzRdhmCvE8KbZ2Vs9pN217mQ&sai=AMfl-YQ9sZXzhwzA7PvWvff59aE42bSTXl2RVvtOnhNZdfCwVrSCvEM&sig=Cg0ArKJSzOsyFtkZQtpoEAE&id=lidar2&mcvt=1005&p=488,1118,578,1418&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2320616304&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702008750327&rpt=582&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 755A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60304377&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a69e5c86df52bdf96f6ddd4c08bdf849cb4ce763a3adc47e22c63fe7fc3c5e39

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 08 Dec 2023 04:12:32 GMT
content-length
1220
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRE65,pingTime:1,time:1453,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1453,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1093~100%5D,as:%5B1093~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRE66,pingTime:1,time:1454,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1454,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1094~100%5D,as:%5B1094~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRE66,pingTime:1,time:1454,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1454,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1094~100%5D,as:%5B1094~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRE66,pingTime:1,time:1454,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1454,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1094~100%5D,as:%5B1094~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
collector.bonzai.co/ Frame D53B 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUyMjU2LCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.88913707564373
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
aeRvF9XTITTng6VBHMKZPIDv3eiumc7RtV5VAHqf-EUEcmPQ-T3CLw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 58DB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 08 Dec 2023 04:12:33 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 08 Dec 2023 04:12:33 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame AB84
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=193117286844294976&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=193117286844294976&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 01:19:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
3ddf81e5-f854-44a4-8692-94a1ed3ce8bc
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:32 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=193117286844294976&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
sync
x.bidswitch.net/ Frame 49D8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da19df99-c746-4cb7-aeda-345d866d2e28&user_group=1&ssp=pubmatic&bsw_param=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da19df99-c746-4cb7-aeda-345d866d2e28&user_group=1&ssp=pubmatic&bsw_param=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 08 Dec 2023 04:12:33 GMT
Server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 08 Dec 2023 04:12:33 GMT
Location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da19df99-c746-4cb7-aeda-345d866d2e28&user_group=1&ssp=pubmatic&bsw_param=87ec1e42-82e2-4c28-8e3b-edda992f5e8e
Pug
image2.pubmatic.com/AdServer/ Frame 0648
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 04:12:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 08 Dec 2023 04:12:33 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame E9F2 		85 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 08 Dec 2023 04:12:32 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12527-BNE
x-timer
S1702008752.335260,VS0,VE231
ecm3
s.amazon-adsystem.com/ Frame E6C0 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID65582A45-3A0D-47AA-84B0-0E63A3261A05
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 08 Dec 2023 04:12:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7JT3HCEBCVQ3CN46YB4V
458249.gif
idsync.rlcdn.com/ Frame 755A
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=65582A45-3A0D-47AA-84B0-0E63A3261A05
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDY1NTgyQTQ1LTNBMEQtNDdBQS04NEIwLTBFNjNBMzI2MUEwNRAAGg0IsK_KqwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=b0858e80669943de200b5fc92acff152fc6db9d478d4d817ac3d4c54124b1832791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiMDg1OGU4MDY2OTk0M2RlMjAwYjVmYzkyYWNmZjE1MmZjNmRiOWQ0NzhkNGQ4MTdhYzNkNGM1NDEyNGIxODMyNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiMDg1OGU4MDY2OTk0M2RlMjAwYjVmYzkyYWNmZjE1MmZjNmRiOWQ0NzhkNGQ4MTdhYzNkNGM1NDEyNGIxODMyNzkxNDI2YjU0MTdkY2UyMRAAGgwIsK_KqwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=89a95977-4cd1-4a79-a302-2748bb3dff66
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=89a95977-4cd1-4a79-a302-2748bb3dff66
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:33 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 08 Dec 2023 04:12:33 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=89a95977-4cd1-4a79-a302-2748bb3dff66
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
Pug
simage2.pubmatic.com/AdServer/ Frame 755A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7354377163891688330&gdpr=0&gdpr_consent=&us_privacy=
1 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7354377163891688330&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7354377163891688330&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 755A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=65582A45-3A0D-47AA-84B0-0E63A3261A05&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5mUnubRE2uX_L4hV8c_hottqPApTWKY-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5mUnubRE2uX_L4hV8c_hottqPApTWKY-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-5mUnubRE2uX_L4hV8c_hottqPApTWKY-~A&gdpr=0
date
Fri, 08 Dec 2023 04:12:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRE8z,pingTime:1,time:1367,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1367,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1123.590.300.250,am:i,cc:1123.590.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1040~100%5D,as:%5B1040~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:626,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRE8A,pingTime:1,time:1368,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1368,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1123.590.300.250,am:i,cc:1123.590.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~100%5D,as:%5B1041~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:626,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRE8A,pingTime:1,time:1368,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1368,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1123.590.300.250,am:i,cc:1123.590.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~100%5D,as:%5B1041~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:626,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRE8A,pingTime:1,time:1368,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1368,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1123.590.300.250,am:i,cc:1123.590.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1041~100%5D,as:%5B1041~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:626,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=55ed1f50-f083-cf7a-575c-dd08d984e795&tv=%7Bc:wcRE8L,pingTime:-10,time:1370,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702008751839%7C%7C45541b38f37a18bc922ed62fa2e5220d%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1cdc644cb3f2542449fcf12daea0790e%7C%7Cb0547ecc0fff204fd7d128a03078a4a8%7C%7Cb999b2538915ecafe3a1f1ae428c19be%7C%7C228cf4486c236a81d6a2bd90f9afb8b0%7C%7C60def96017f9913509a0d889b9c319bb%7C%7C1663701684,sca:%7Bspg:ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ixmatch.html
js-sec.indexww.com/um/ Frame 5568 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
58
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83222bae4f4b5c0f-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 04:12:32 GMT
expires
Fri, 08 Dec 2023 08:12:32 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9B35 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 04:12:32 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame EDE4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.57.183 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-57-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 08 Dec 2023 04:12:32 GMT
ETag
"623de86a-cf34"
Expires
Sat, 09 Dec 2023 04:12:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8DA9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.198.59.89 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-59-89.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.heraldsun.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=164770
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 08 Dec 2023 04:12:32 GMT
expires
Sun, 10 Dec 2023 01:58:42 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=193117286844294976
43 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=193117286844294976
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
083ee577-ee71-4407-99a4-1672f527530c

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
an-x-request-uuid
c7f420a0-7677-45c0-aa0b-fa757727bd28
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=193117286844294976
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=b89a9ad3-4154-bb0d-2f7c-64888394a5b7&tv=%7Bc:wcRE9i,pingTime:-10,time:1404,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702008751839%7C%7C45541b38f37a18bc922ed62fa2e5220d%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1cdc644cb3f2542449fcf12daea0790e%7C%7Cb0547ecc0fff204fd7d128a03078a4a8%7C%7Cb999b2538915ecafe3a1f1ae428c19be%7C%7C228cf4486c236a81d6a2bd90f9afb8b0%7C%7C60def96017f9913509a0d889b9c319bb%7C%7C1663701684,sca:%7Bspg:ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame 9B35 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.255.186 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-255-186.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
67b1a4313af266ec0c90106e3b70587b23e0235f454fe8be766ad4012c051b79

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 04:12:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 08:15:21 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14584
Connection
keep-alive
Content-Length
13234
Expires
Fri, 08 Dec 2023 08:15:36 GMT
async_usersync
ib.adnxs.com/ Frame EDE4 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
an-x-request-uuid
934c491d-c4ff-4c0d-bdf0-c160a69e2d12
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRE9U,pingTime:-10,time:1450,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702008751839%7C%7C45541b38f37a18bc922ed62fa2e5220d%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1cdc644cb3f2542449fcf12daea0790e%7C%7Cb0547ecc0fff204fd7d128a03078a4a8%7C%7Cb999b2538915ecafe3a1f1ae428c19be%7C%7C228cf4486c236a81d6a2bd90f9afb8b0%7C%7C60def96017f9913509a0d889b9c319bb%7C%7C1663701684,sca:%7Bspg:ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 533A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e164af7f84bc9c1c986905f7d76d1c6a35fb0e1a40c7044fa748d2f6801fb59

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83222baeae58a977-SYD
content-encoding
br
content-type
text/html
date
Fri, 08 Dec 2023 04:12:32 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnYaLURghHa631qSPRRA1EwBq8fz2c8OpOJ1FSBDDnbV%2BoBtuzBIiSQ%2FcOhTSZtY9GbJbXfumCVKtSd0ZqIoTrOCACnGd7thfKgJdvgiYoHPmecvMScFZ8PtX9v5X1QlKJzknoVkwrw1Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ADAvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-zY02nnduOmx%2BSA%3D%3D&sc=1&os=1-uQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=1195&w=1632&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-428.796875&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1702008751180&de=768111847820&cu=1702008751180&m=1251&ar=cc84ca2002d-clean&iw=105f2cb&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=15684&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=65&vx=65%3A66%3A-&pe=1%3A764%3A764%3A0%3A832&as=1&ag=1210&an=25&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1210&kw=1019&aj=1&pg=98&pf=98&ib=0&cc=1&bw=1210&bx=25&ci=1210&jz=1019&dj=1&aa=1&ad=1110&cn=0&gk=0&gl=0&ik=0&co=1110&cp=1019&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1019&cd=50&ah=1019&am=50&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2665275376880228902%3A2668887954420828497%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=305385625&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 08 Dec 2023 04:12:32 GMT
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ADAvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-zY02nnduOmx%2BSA%3D%3D&sc=1&os=1-uQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=1195&w=1632&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-428.796875&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1702008751180&de=768111847820&cu=1702008751180&m=1251&ar=cc84ca2002d-clean&iw=105f2cb&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=15684&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=65&vx=65%3A66%3A-&pe=1%3A764%3A764%3A0%3A832&as=1&ag=1210&an=1210&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1210&kw=1019&aj=1&pg=98&pf=98&ib=0&cc=1&bw=1210&bx=1210&ci=1210&jz=1019&dj=1&aa=1&ad=1110&cn=1110&gk=0&gl=0&ik=0&co=1110&cp=1019&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1019&cd=1019&ah=1019&am=1019&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2665275376880228902%3A2668887954420828497%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=1612075528&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 08 Dec 2023 04:12:32 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/prebid/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.101.72 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-101-72.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 08 Dec 2023 04:12:33 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.195.101.72 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-101-72.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.heraldsun.com.au
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 08 Dec 2023 04:12:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=44aaecc2-f952-60c4-72ab-01347a9c6ac5&tv=%7Bc:wcREaA,pingTime:-10,time:1487,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702008751839%7C%7C45541b38f37a18bc922ed62fa2e5220d%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1cdc644cb3f2542449fcf12daea0790e%7C%7Cb0547ecc0fff204fd7d128a03078a4a8%7C%7Cb999b2538915ecafe3a1f1ae428c19be%7C%7C228cf4486c236a81d6a2bd90f9afb8b0%7C%7C60def96017f9913509a0d889b9c319bb%7C%7C1663701684,sca:%7Bspg:ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcREc3,pingTime:1,time:1572,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1572,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1123.474.300.90,am:i,cc:1123.474.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~100%5D,as:%5B1028~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:440,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcREc4,pingTime:1,time:1573,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1573,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1123.474.300.90,am:i,cc:1123.474.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:440,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcREc4,pingTime:1,time:1573,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1573,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1123.474.300.90,am:i,cc:1123.474.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:440,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcREc4,pingTime:1,time:1573,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1573,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1123.474.300.90,am:i,cc:1123.474.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1029~100%5D,as:%5B1029~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:440,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 533A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENdxgAwqQaIjWGOE-t0d7sI&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENdxgAwqQaIjWGOE-t0d7sI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IP0jXooAACncAWfNAhWom4a69nzfniZ5G8RIRIRCtcm31gUp9Bem8Ff2llA1qWbtAWNIU4716L%2FiU6KKkReQG8AWs1koVEJStbw3x2G3Zn%2F8NUpwdLS0P8ZPr3m9%2BadLPGphMHkiE1PeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222bb0482ba977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENdxgAwqQaIjWGOE-t0d7sI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 533A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=193117286844294976
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=193117286844294976
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBrFAveeCDP%2FLo4thwc9Vsgu17rHcCFJa3glGiuQuZ1arXf%2FScK3cQTdN1S1e9fGNrLB8Es%2Fp%2BBkf3q4FijYKoVmNJvpxXmRyl7XL1yzBZLG3J%2F8WUk9hHsoywHFn4xkcSSXh%2BQ7TKKHEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222bb0d8b2a977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
an-x-request-uuid
9274a6fe-0546-41de-8b9a-5ffaa0c57812
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=193117286844294976
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 533A 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.144.130 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-144-130.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 533A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eVCK33ZS39xiVI2PeVKQjC4G399iAYnUfVTUWRda
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eVCK33ZS39xiVI2PeVKQjC4G399iAYnUfVTUWRda
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WADPgrYkrLZQv7Ou9N45QFBvIwLaN0BnLFkHQEY2Ul0WyaQ%2BJg5L3XWmQUuLvVLPsZ17qNaaVEIlUdpWd31MAWMWYacPW4JuO9QLAMXz%2BSKDHrkpSmRDgoL2O12CIoe049XZQuAbKNyF1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222bb36bf8a977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=eVCK33ZS39xiVI2PeVKQjC4G399iAYnUfVTUWRda
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 533A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXKXrGl3_xG4ncnm_E05TAAAE0UAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Dec 2023 04:12:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCG1KCTDNWD2TQ4PWJN5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933
dpm.demdex.net/ Frame 533A 		42 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZXKXrGl3-xG4ncnm-E05TAAA%264933?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.54.220.201 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-220-201.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

dcs
dcs-prod-apse2-2-v054-0b0840e0b.edge-apse2.demdex.com 2 ms
pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
aIp1/DXORrY=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 533A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2C6370914026403A8B3F3E4BFA42C4FA
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2C6370914026403A8B3F3E4BFA42C4FA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TN1DdImls3yYVStaSu97FnK5hHiLvme%2F4zwCn7Ept4Fi1KoZU9Pqc21kz%2BfbOpf5jrLq20pEO5jZMtfoyUhJi7PBwHai%2BV3HtRHLAxAIP1DoOtZvzuawb5OMTZcdy2RO%2BbhEW83io7sgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222bb0e8bca977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 08 Dec 2023 04:12:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2C6370914026403A8B3F3E4BFA42C4FA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 07 Dec 2023 04:12:32 GMT
crum
dsum-sec.casalemedia.com/ Frame 533A
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717819952&external_user_id=48e2de66-b298-4088-8c1f-300e4cd735d6
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717819952&external_user_id=48e2de66-b298-4088-8c1f-300e4cd735d6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj1IXg3XTBd0N7c6VYYz6uSA8CisznYPHPaYX8NMR9tjPZCGgVYNM9g3liagQAtwyRBa5wk4fawe4Eqx6LovY8RUc9p2nlA8X%2BtGUkBJkEjKTBn0IYm%2B6seEFoerOgIKkGzY3qvgdRBRLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83222bb0f8cda977-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717819952&external_user_id=48e2de66-b298-4088-8c1f-300e4cd735d6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
htw-pixel.gif
cdn.indexww.com/ht/ Frame 533A 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZXKXrGl3-xG4ncnm-E05TAAA%264933
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.heraldsun.com.au%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
31636
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83222bafa9015c0f-SYD
content-length
43
expires
Sat, 09 Dec 2023 04:12:32 GMT
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUyNzEzLCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.19902618646742232
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
eqn7qCrTA9WRTb9EEJl6Zh24OuGvpVUQli3fq3fI7A9_agLCLycL7Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcREf5,pingTime:-10,time:1760,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702008751839%7C%7C45541b38f37a18bc922ed62fa2e5220d%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1cdc644cb3f2542449fcf12daea0790e%7C%7Cb0547ecc0fff204fd7d128a03078a4a8%7C%7Cb999b2538915ecafe3a1f1ae428c19be%7C%7C228cf4486c236a81d6a2bd90f9afb8b0%7C%7C60def96017f9913509a0d889b9c319bb%7C%7C1663701684,sca:%7Bspg:ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67%7D%7D
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:32 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame EDE4 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:33 GMT
an-x-request-uuid
27eb21d7-f87f-4e91-a499-d8b720661934
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.162; 66.203.112.162; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzUzNDI0LCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.40906509469829433
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:33 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
oXvca30gwojlSTnJlD457fuZmf2w4M8zusB43F3zA443AHcjZXvpqw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
v.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.heraldsun.com.au/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.heraldsun.com.au
Date
Fri, 08 Dec 2023 04:12:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
SPug
simage4.pubmatic.com/AdServer/ Frame 755A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:34 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rec
collector.bonzai.co/ Frame D53B 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzU1MTUzLCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.544751979992588
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:35 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
Fa-DFE_ye72-kOsHO6oy0yUHKOKp0h0W2ouFvva0Ooy_FCkUqmI3Pw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8DA9 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5030857&p=158393&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 Singapore, Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7b6ec2e0ac3c882506d309b2681d7ce6b0d8a2a1f71fad78c7b967edb49e1d0a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 08 Dec 2023 04:12:35 GMT
content-length
1576
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame FA3B
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12mludvcb0ms
1 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12mludvcb0ms
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 20:40:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Fri, 08 Dec 2023 04:12:36 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12mludvcb0ms
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6721
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
42 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 23:00:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Dec 2023 04:12:36 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KvtX7RgxWNRFeu4KcKUQBkLLcKI&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame B108
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=28ccdd7289c2496b8e25af2a7c1511a4
42 B
380 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=28ccdd7289c2496b8e25af2a7c1511a4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 04:12:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Fri, 08 Dec 2023 04:12:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=28ccdd7289c2496b8e25af2a7c1511a4
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
cm
ipac.ctnsnet.com/int/ Frame ABDD 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 08 Dec 2023 04:12:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
usersync.aspx
dis.criteo.com/dis/ Frame EDA0 		43 B
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 04:12:35 GMT
expires
Fri, 08 Dec 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
4281596
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame B2EE 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 74BA
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe4e0ec38fb23401487f48191ca71f750
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe4e0ec38fb23401487f48191ca71f750
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Dec 2023 23:00:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUe4e0ec38fb23401487f48191ca71f750
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 6C03
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MAxSDMaAC7GKRC_etJdyZQ
42 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MAxSDMaAC7GKRC_etJdyZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 01:58:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 04:12:36 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=MAxSDMaAC7GKRC_etJdyZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 8DA9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3706070511088630808
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3706070511088630808
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 04:12:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3706070511088630808
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 8DA9
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=58ee4293b7ff2193&is_secure=true&networkId=17100&version=1&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVf0yiDrgN9VSqmAAAAAAA&expiration=1702095157&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVf0yiDrgN9VSqmAAAAAAA&expiration=1702095157&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 08 Dec 2023 04:12:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:37 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL7ZVf0yiDrgN9VSqmAAAAAAA&expiration=1702095157&nuid=65582A45-3A0D-47AA-84B0-0E63A3261A05&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRF8C,pingTime:5,time:5455,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5455,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5095~100%5D,as:%5B5095~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:157,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=ce6f30ad-4f8f-ddfd-7c75-b48718bcfb67&tv=%7Bc:wcRF8D,pingTime:5,time:5455,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:377%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5455,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:377,wc:0.0.1600.1200,ac:0.0.970.250,am:i,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5095~100%5D,as:%5B5095~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:157,fm:tXOLgvW+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o*.10507%7C1o1%7C1p.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:378,sis:436%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRFaQ,pingTime:5,time:5352,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5352,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1123.590.300.250,am:i,cc:1123.590.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5025~100%5D,as:%5B5025~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:153,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=e340970b-cc86-a526-5745-fa70b26a7263&tv=%7Bc:wcRFaR,pingTime:5,time:5353,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5353,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:336,wc:0.0.1600.1200,ac:1123.590.300.250,am:i,cc:1123.590.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5026~100%5D,as:%5B5026~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:153,fm:tXOLgzO+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p*.10507%7C1p1%7C1q.10507%7C1q1%7C1r.10507%7C1r1%7C1s.10507%7C1s1%7C1t.10507%7C1t1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:336,sis:367%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ 		43 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=0&ni=1&ak=-&i=BONZAI1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ADAvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-zY02nnduOmx%2BSA%3D%3D&sc=1&os=1-uQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-480&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=1195&w=1632&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=-428.796875&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.heraldsun.com.au%2F&id=1&ii=4&f=0&j=&t=1702008751180&de=768111847820&cu=1702008751180&m=5168&ar=cc84ca2002d-clean&iw=105f2cb&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=15684&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=65&vx=65%3A66%3A-&pe=1%3A764%3A764%3A0%3A832&as=1&ag=5127&an=1210&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1210&kw=1019&aj=1&pg=98&pf=98&ib=0&cc=1&bw=5127&bx=1210&ci=1210&jz=1019&dj=1&aa=1&ad=5027&cn=1110&gk=0&gl=0&ik=0&co=1110&cp=1019&cq=1&im=1&in=1&pd=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4949&cd=1019&ah=4949&am=1019&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2665275376880228902%3A2668887954420828497%3Adesktop_truskin%3Aundefined&bo=dfp_pg&bp=wap&bd=undefined&gw=bonzai678688331786&zMoatOrigSlicer1=dfp_pg&zMoatOrigSlicer2=wap&hv=Bonzai&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=af&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=206701&na=1251739559&cs=0
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.241.42 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-241-42.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 08 Dec 2023 04:12:36 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcRFfc,pingTime:5,time:5611,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5611,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1123.474.300.90,am:i,cc:1123.474.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5067~100%5D,as:%5B5067~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:154,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=bd999249-686f-0271-7679-d56dbdcf4794&tv=%7Bc:wcRFfd,pingTime:5,time:5612,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:90,t:554%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5612,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:554,wc:0.0.1600.1200,ac:1123.474.300.90,am:i,cc:1123.474.300.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5068~100%5D,as:%5B5068~300.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:154,fm:tXOLgzZ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a11%7C1a12%7C1a131%7C1a132%7C1b%7C1c%7C1d11%7C1d12%7C1d13%7C1e%7C1f%7C1g11%7C1h%7C1i1%7C1j1%7C1k%7C1l%7C1m%7C1n%7C1o1%7C1o2%7C1p1%7C1p2%7C1q1%7C1q2%7C1r1%7C1r2%7C1s1%7C1s2%7C1t*.10507%7C1t1,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,siq:554,sis:584%7D&br=c
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.166.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-101-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rec
collector.bonzai.co/ Frame D53B 		43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.bonzai.co/rec?q=eyJhY3RzIjpbXSwiZXYiOiJ2aWV3LTQ5IiwiZXZuIjoidmlldy00OSIsImV2dCI6IkF1dG8iLCJmaSI6ZmFsc2UsIm8iOiJwb3J0cmFpdCIsImN0eiI6LTQ4MCwiY3RzIjoxNzAyMDA4NzU2ODMzLCJtb2RlIjoibGl2ZSIsInRrIjoiNDc0Y2I1ZTU0ODNjMDJiOTZmNDJiOTBkNmMyMTI0MyIsImFkIjoiMjY2NTI3NTM3Njg4MDIyODkwMiJ9&etc=0.43146771831466446
Requested by
Host: www.heraldsun.com.au
URL: https://www.heraldsun.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-95.syd1.r.cloudfront.net
Software
Jetty(8.1.7.v20120910) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.heraldsun.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 04:12:36 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
server
Jetty(8.1.7.v20120910)
x-amz-cf-pop
SYD1-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expries
-1
content-length
43
x-amz-cf-id
sJPJvk47p-KCPuSyHxjQ4hNrn4dD5_L-NtO3Jdfa6V_VynWMMZ6Lrw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8DA9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158393&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158393
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 04:12:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.heraldsun.com.au
URL
https://www.heraldsun.com.au/sitesearch/1/indexes/prod_plnn_content_bylatest/query?x-algolia-agent=Algolia%20for%20JavaScript%20(4.16.0)%3B%20Browser%20(lite)&x-algolia-api-key=&x-algolia-application-id=
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/akam/13/3ef6500b
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/uYGy2/F/c8/B6B3/OiQ3_g99/1mw3btNGfb5i/BGEpQGNdAg/Mh8a/ZCYmDDEB
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/_sec/cp_challenge/sec-4-0.css
Domain
login.newscorpaustralia.com
URL
https://login.newscorpaustralia.com/_sec/cp_challenge/sec-cpt-4-0.js
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZXKXrAAAAGLnLwNW&img=1
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| documentPictureInPicture object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| newscorpau object| utag_data object| newskey object| bruce_rtget string| bazadebezolkohpepadr object| _taboola function| admiral object| googletag function| loadjs boolean| isLoadedIndiesJs string| urhehlevkedkilrobacf object| ads_api function| algoliasearch object| jpf object| _vms object| indieApps function| setImmediate function| clearImmediate object| nb object| ADB boolean| VIDEOJS_NO_DYNAMIC_STYLE function| videojs object| httpStreaming function| videojsPerSourceBehaviors function| videojsBcAnalytics function| videojsErrors object| videojsBcCatalog object| videojsDock function| videojsPlaylist function| videojsSsai function| bc function| 4dm1r11545242527 object| vidora_ns object| vidora object| googleImaVansAdapter function| webpackHotUpdate object| regeneratorRuntime function| Rampart object| loginStatusPromise function| vidoraTrackExtraElements object| vidoraHelper object| app function| GeaLoader object| auth object| optimizely object| utag_err boolean| utag_condload object| domains object| parts string| p object| versaTag object| wut object| abtest number| num string| val number| itr number| maxval object| utag number| _sf_startpt object| _sf_async_config object| _cbq function| fetchGDPR function| _tealium_old_error boolean| __tealium_twc_switch object| uetq object| sectionData number| _sf_endpt function| fbq function| _fbq object| __alloyMonitors object| __alloyNS function| alloy number| gptPluginLoaded object| apstag number| gcTicker object| m string| TiktokAnalyticsObject object| ttq function| rdt object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent number| interval object| nca_ipsos object| dm object| ipsos_ready object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| KAMPYLE_EMBED object| ads_core object| ads_extra object| apsPlayerSize string| nk function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| massConfig object| adUnits object| pbjs object| __iasPET object| apstagShared object| kw_ignore object| mready object| pbjsChunk object| _pbjsGlobals object| apsUnits object| webpackChunk function| DIL object| adobe function| Visitor object| mconfig function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc object| google_tag_data function| stcc object| SUBSCRIPTIONS object| SWG object| atsdetectionmodule object| atsenvelopemodule object| ats object| _aps boolean| apstagLOADED object| apscustom object| ID5 object| __id5_instances object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| $this object| providersData boolean| isAlloyConfigured object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| UET function| UET_init function| UET_push object| ueto_cf80878bb5 object| diagPixSentCodes object| __iasAdRefreshConfig boolean| DotMetricsInitScript object| DotMetricsSettings undefined| _ number| startTime number| duration object| brandmetrics function| __assign object| DotmetricsJSON object| DotMetricsObj object| npt boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| redditId object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels string| account_suffix function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq function| AppMeasurement function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s object| visitor object| lastException boolean| explicitPageView object| nr object| metrics object| ggeac function| __spreadArray object| _brandmetrics function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| google_measure_js_timing boolean| hasApsUnits object| ads_ready function| omrhp object| Criteo string| CE_USER_COMMON_SCRIPT_URL undefined| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| clarity object| clarityuetq function| cookieWrite function| cookieRead function| formatTime string| pageName function| p_fo boolean| ppvChange string| ppvID object| __fo object| s_i_newscorpau-hsweb_newscorpau-global undefined| oneTagObj function| ebDecode object| bsResponseObj object| categoryData number| google_unique_id object| gaGlobal object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| __IntegralASExec undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA

199 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDXFg
.heraldsun.com.au/ Name: n_regis
Value: 123456789
.news.com.au/ Name: nk
Value: 12a4e09c9f085d898099a46ef33b007f
.heraldsun.com.au/ Name: nk
Value: 12a4e09c9f085d898099a46ef33b007f
.heraldsun.com.au/ Name: nk_debug
Value: nk_set
.heraldsun.com.au/ Name: nk_ts
Value: 1702008744
www.heraldsun.com.au/ Name: lux_uid
Value: 170200874471379906
.heraldsun.com.au/ Name: bm_sv
Value: 337BC428A790D95CA054DC549C51E572~YAAQH0DbF4CNvUKMAQAAu2ugRxbpkNF2UbKRnwnHS2UlUkmy5tPm3a+BnZ9IL8wc34+EVW81hS0d30lHDRsv7xhPTWf513iHowx87h9kcxNRN7CulLn6jl+i95eVlALS6xXDw5sYEqew0pWiMHQIledeZAWGHduPNQttYlPM1DhIs+PvuSkH7O6U7r+mwA84ohWpvvn2LtBOtwN5F1Dc8c/4HkEzCZJmYwATgsZMOgjtay/OyGsOVGG3bNRW1UVxYfw5wa0S~1
www.heraldsun.com.au/ Name: AWSALB
Value: wrG3gnhqxBUFO6d4faCFvDCAbmfM1gM8BV+VMa9FrFgA5IglsAgn69dZIIWlrsa56BfLTRyMp7UoxExe5LlGetCK0V9t+tXaXdrm72YTgN3PhxZWOJdd8EYO2G7a
.heraldsun.com.au/ Name: ak_bmsc
Value: 5279B5174F26BED912A1E09C3A2BE56F~000000000000000000000000000000~YAAQH0DbF5WNvUKMAQAAem2gRxbRRhSRckGxnU7/Q6aO8CgMXxrze3TvLIzYYx4tnMV0Lcm9MPfJrj26DWhokPqNnwtyF4SlEuwt3te0LKw7U/wJSGny+AL8WSM0nCFJDTyB2v/ut+YIqKkO86eVxtlTzuj7jk7oAR1BRwR8H7hPoFpMAygfrPJw5Vwnf3PZo+HO86bIdefoiG1rjzbMiKXI5Abzd809SZQSVA7LwwDeTqm5R95vb2ZYoBsAZsiweIVqdZzBRkh82nI6e7IcA4NcoM95GeRx2AP4etWb236VR58R6oy4uDQ8lJ2Ma7z8XSLfKv3OOoxtB1rwlZJGKNLLfxgkdCm/sEe/6Yf2rbWCaYU0/aJ/nqbGRamTlmHkIP59cdZdLmSWld40LJDlvaJhA5d3hzG5izJLY8k7F/HTcPG7p0d/8luVZ4M3g+ZmIKXBWuqhlXzgrnXtAiVRXWM344KV4o2ERGlM+x6Wnu/pCFNcxD8dTSZQ7pAla053OpSS08E=
www.heraldsun.com.au/ Name: AWSALBCORS
Value: wrG3gnhqxBUFO6d4faCFvDCAbmfM1gM8BV+VMa9FrFgA5IglsAgn69dZIIWlrsa56BfLTRyMp7UoxExe5LlGetCK0V9t+tXaXdrm72YTgN3PhxZWOJdd8EYO2G7a
.heraldsun.com.au/ Name: _awl
Value: 3.1702008746.5-a3852717bf03c8833ee77ad400b345ed-6763652d617369612d6561737431-0
login.newscorpaustralia.com/ Name: did
Value: s%3Av0%3Afed34d30-957f-11ee-bc1d-ddaa0c9b5b26.fnGFu%2BKDMyFHeO4vK8o6hP82auWPVKfEV6mZ6rbKBrs
.heraldsun.com.au/ Name: utag_main
Value: v_id:018c47a07283001bad016ff907d003073001d06b00b08$_sn:1$_se:1$_ss:1$_st:1702010546628$ses_id:1702008746628%3Bexp-session$_pn:1%3Bexp-session
.heraldsun.com.au/ Name: nearSessionCookie
Value: 0.5058649490511549
.heraldsun.com.au/ Name: _ncg_sp_ses.ff50
Value: *
.heraldsun.com.au/ Name: _ncg_sp_id.ff50
Value: a3b76738-85af-4b6e-ab01-36ffdbb305e3.1702008747.1.1702008747.1702008747.4bd36a66-c2e8-46e0-b312-b5e171f03169
www.heraldsun.com.au/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.heraldsun.com.au/ Name: _lr_retry_request
Value: true
www.heraldsun.com.au/ Name: _lr_env_src_ats
Value: false
.newscgp.com/ Name: sp
Value: 74b9d01a-73a5-4579-8bc1-af7edd29ce2d
.doubleclick.net/ Name: APC
Value: AfxxVi5yzKNr7hZOXsDZH1OfYQvc_WbDxRi-Mp0a848t4T5Hh-0YGQ
.heraldsun.com.au/ Name: _fbp
Value: fb.2.1702008747053.545317934
.heraldsun.com.au/ Name: _cb
Value: B2opSLBTn4NGB2qfqP
.heraldsun.com.au/ Name: _chartbeat2
Value: .1702008747086.1702008747086.1.Bz3NqTD2dNQxC4vM_NBJ4AglJeGVu.1
.heraldsun.com.au/ Name: _cb_svref
Value: null
.heraldsun.com.au/ Name: _uetsid
Value: ff436c60957f11ee87f29b5b82505567
.heraldsun.com.au/ Name: _uetvid
Value: ff43a980957f11eeb4ac43e2c5289dd3
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=25f7fec4-08fd-42ca-aa1e-502a301090c1&Created=12/08/2023 04:12:27&UserMode=0&guid=7a8c5886-20f2-4ad4-bf32-b34de1575ca2&ver=1
.doubleclick.net/ Name: IDE
Value: AHWqTUkWGoXqQ3o7WYcrc8cdcTrgEzIJ68g-3fwjjkYajra6osG37MErdMMIUXGSsPA
.bing.com/ Name: MUID
Value: 2E460A09BC626D13185519E8BDF26CE7
.bat.bing.com/ Name: MR
Value: 0
.heraldsun.com.au/ Name: optimizelyEndUserId
Value: oeu1702008747289r0.6715948631331936
.heraldsun.com.au/ Name: _ncid
Value: 7677659f91b0fd3e5b1d491def5c17d3
.heraldsun.com.au/ Name: _rdt_uuid
Value: 1702008747343.8d86f707-1b10-4cf5-857b-919a5d751e35
www.heraldsun.com.au/ Name: metrics_pcsid
Value: not set
.demdex.net/ Name: demdex
Value: 78538120634587733701909972485330738445
.heraldsun.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.heraldsun.com.au/ Name: nol_fpid
Value: dfaviede5attcsjboxtjzpg34pti91702008747|1702008747447|1702008747447|1702008747447
www.heraldsun.com.au/ Name: DM_SitId1557
Value: 1
www.heraldsun.com.au/ Name: DM_SitId1557SecId13062
Value: 1
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: icWwszlIOYrUT9r1WWWnT2jHG3rbOBn3sKIKzq7vfWzU6erbrnLLOggdeei4Pd6WhLH0BolfSxFg2ws4lU9sap1QZD3aps10qYRa7CLJ1RsAxY/RjRObO7sfARX2
www.heraldsun.com.au/ Name: _lr_geo_location_state
Value: NSW
www.heraldsun.com.au/ Name: _lr_geo_location
Value: AU
www.heraldsun.com.au/ Name: vidoraUserId
Value: jrivkg5ogunggadsup0msiika5hkiq
.imrworldwide.com/ Name: IMRID
Value: ff93b700-957f-11ee-a4ca-7bd5f1967ec9
.tiktok.com/ Name: _ttp
Value: 2ZFD5Ap0j3us0iN61lxmGPujQqI
www.clarity.ms/ Name: CLID
Value: dffbf1051854491cabd31d37471c9045.20231208.20241207
.heraldsun.com.au/ Name: _tt_enable_cookie
Value: 1
.heraldsun.com.au/ Name: _ttp
Value: 5EbJNjNcfaYAyTkLamRfcE0FOpR
.heraldsun.com.au/ Name: _clck
Value: m824ib%7C2%7Cfhd%7C0%7C1437
.adsrvr.org/ Name: TDID
Value: cbbf1e09-ad59-469f-a877-8867fb702585
.dpm.demdex.net/ Name: dpm
Value: 78538120634587733701909972485330738445
ads.playground.xyz/ Name: connect.sid
Value: s%3AylmGdKGXnSsGh9gkFpJd1oq0lUJJksPp.HCG5xBGdfKAQ3wA%2F%2FjaQyWrTPigD3Cvs0x4rzyTbyKo
.heraldsun.com.au/ Name: s_nr30
Value: 1702008748057-New
.heraldsun.com.au/ Name: s_tslv
Value: 1702008748058
.heraldsun.com.au/ Name: s_inv
Value: 0
.heraldsun.com.au/ Name: s_ips
Value: 1200
.heraldsun.com.au/ Name: s_tp
Value: 15389
.heraldsun.com.au/ Name: s_ppv
Value: hs%257Chome%257Chomepage%257Chomepage%2C8%2C8%2C1200%2C1%2C12
.heraldsun.com.au/ Name: s_ppn
Value: hs%7Chome%7Chomepage%7Chomepage
.heraldsun.com.au/ Name: s_cc
Value: true
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 005amuETy0_004c3mETy0_
.serving-sys.com/ Name: G4
Value: 0009fM00O._
.serving-sys.com/ Name: OT2
Value: 0001DC1tQs
.serving-sys.com/ Name: u2
Value: 914e34b7-1e1e-4654-a04c-b335673092d64PP050
.adnxs.com/ Name: uuid2
Value: 193117286844294976
.casalemedia.com/ Name: CMID
Value: ZXKXrGl3-xG4ncnm-E05TAAA
.casalemedia.com/ Name: CMPS
Value: 4933
.casalemedia.com/ Name: CMPRO
Value: 4933
.eyeota.net/ Name: mako_uid
Value: 18c47a079df-115c0000010d47c2
.eyeota.net/ Name: SERVERID
Value: 18370~DM
.heraldsun.com.au/ Name: _clsk
Value: inbm5i%7C1702008748670%7C1%7C0%7Cv.clarity.ms%2Fcollect
.yahoo.com/ Name: A3
Value: d=AQABBKyXcmUCEMoqoXB9z-jOZ5PFLvdCYI4FEgEBAQHpc2V8Zdww0iMA_eMAAA&S=AQAAAszD6xIdVrpk1r6JBB-KApQ
.amazon-adsystem.com/ Name: ad-id
Value: A4L4EhgziU3sthv_I-TWDvk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.heraldsun.com.au/ Name: _pin_unauth
Value: dWlkPU9Ua3paV0V6WkRRdFltWTFaaTAwWWpRM0xUZ3dPVGN0WlRWbU1XVmtabVUyWVdOaA
.t.co/ Name: muc_ads
Value: 0481d43c-f3cd-419e-b690-f46eeb620075
.twitter.com/ Name: personalization_id
Value: "v1_YUUL1aMzXfpMAy2Gr/RL9g=="
.heraldsun.com.au/ Name: _gcl_au
Value: 1.1.724770718.1702008749
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXKXrAAAAGLnLwNW
.heraldsun.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19700%7CMCMID%7C78516974098338345921912086589933866007%7CMCAAMLH-1702613548%7C8%7CMCAAMB-1702613548%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C652021841%7CMCOPTOUT-1702015948s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19707%7CvVersion%7C5.1.1
.bluekai.com/ Name: bku
Value: pSL99v0UzZU3TIxS
.bluekai.com/ Name: bkpa
Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEzTBE1T1E/yBM16BEQlBp1pBp9hmE98mEz0BeQN1p1yBp1TBexNJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9e8QJnL=
.google.com/ Name: NID
Value: 511=iErALX_66MQjC_VIzxG_tvAskwOEABAs-Oq6nbdv1wLDQri2cDb7zGaonyLMmYJwifkhrnZSFEtQAa9in0pysGxhjok8Tn0rj5BJPJZ_Lt_Hdk4aqcDZqEgswbZZ9_Wb93iWydhHyiBbX3aiPyyYnXFbhWLi84wAenb2yffbpQI
.pinterest.com/ Name: ar_debug
Value: 1
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZ6bnNIaFpsVWxlaFB4TkJGS21CVEtVTVhBZ0RmaG9abVVwb2ZsUlhydTBBV1crV2M4M0JxdTNTZU1YNGgvc0VjSHh0blRmMk1VVTE1SjJZZVRBVUNUcFhXRGJ6ZTV3ejJWd2RBL0NlRjVMUT0mR0Evbyt0ODVhc0NOb1pETy9QUWdoUGpFeVpnPQ=="
.heraldsun.com.au/ Name: nc_aam_segs
Value: asgmnt%3D16675898%2C17568988%2C17568985
.heraldsun.com.au/ Name: aam_uuid
Value: 78538120634587733701909972485330738445
.hb.yahoo.net/ Name: visitor-id
Value: 3450103492889840000V10
.hb.yahoo.net/ Name: data-ttd
Value: cbbf1e09-ad59-469f-a877-8867fb702585~~63
.turn.com/ Name: uid
Value: 7354377163891688330
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E?`mR`Al!]tcR8i_jAez_UZ18%4Q$p-Us:o+iJfs%yY%Tzu[wr^`D%(2K:$doRL2xc>Hx7R)0K51$#UAAF%DYzIJ!!+ib*`mB*
.openx.net/ Name: i
Value: de230861-397e-4d19-8a44-aaee2c389648|1702008749
.id5-sync.com/ Name: 3pi
Value:
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 65582A45-3A0D-47AA-84B0-0E63A3261A05
.mediago.io/ Name: __mguid_
Value: 81fa84b7f539768321p49n00lpw42c4r
.krxd.net/ Name: _kuid_
Value: P9jqNwdb
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-cbbf1e09-ad59-469f-a877-8867fb702585&KRTB&22918-cbbf1e09-ad59-469f-a877-8867fb702585&KRTB&22926-cbbf1e09-ad59-469f-a877-8867fb702585&KRTB&23031-cbbf1e09-ad59-469f-a877-8867fb702585
.tapad.com/ Name: TapAd_TS
Value: 1702008749660
.tapad.com/ Name: TapAd_DID
Value: 63f385a4-b33d-4255-9747-3fa3b9f6605c
.tribalfusion.com/ Name: ANON_ID
Value: aTnsmANj6WlCyhURB1xU2K3NFJZbrQ5VTsprr6K2AYbKGQdR4KE5y0wbyEeAHTp1rZdOhsoQvQ1v6R
.demdex.net/ Name: dextp
Value: 358-1-1702008747561|470-1-1702008747668|481-1-1702008747776|771-1-1702008747908|903-1-1702008748017|19566-1-1702008748179|23728-1-1702008748284|30432-1-1702008748387|30064-1-1702008748493|66757-1-1702008748596|134096-1-1702008748703|144230-1-1702008748819|144231-1-1702008748927|144232-1-1702008749034|144233-1-1702008749143|144234-1-1702008749246|144235-1-1702008749354|144236-1-1702008749458|144237-1-1702008749574|147592-1-1702008749699|461447-1-1702008749807
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEDih-A6nVDZ_B14V3iSeW5s&KRTB&23025-CAESEDih-A6nVDZ_B14V3iSeW5s&KRTB&23386-CAESEDih-A6nVDZ_B14V3iSeW5s
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZXKXrAAAAGLnLwNW&KRTB&22978-ZXKXrAAAAGLnLwNW&KRTB&23194-ZXKXrAAAAGLnLwNW&KRTB&23209-ZXKXrAAAAGLnLwNW
.adotmob.com/ Name: uid
Value: 09e42204003c83aab8a3367c
.adotmob.com/ Name: uuid
Value: 09e42204003c83aab8a3367c
.adotmob.com/ Name: partners
Value: IX%3A1702008749773
.bidr.io/ Name: bito
Value: AAEBt07K5S8AABQTGZH72g
.bidr.io/ Name: bitoIsSecure
Value: ok
.liadm.com/ Name: lidid
Value: f67a01ad-7a67-4ec8-a11e-19b3ece7cc3f
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.id5-sync.com/ Name: id5
Value: e4407bde-a9a5-78fc-a7c2-3730147f55ea#1702008749237#2
.simpli.fi/ Name: suid
Value: 2C6370914026403A8B3F3E4BFA42C4FA
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI6puGxb3ruzwQBRIZCgpyaWdodG1lZGlhEgsI9IWmxr3ruzwQBRIWCgdydWJpY29uEgsI8sjn2b3ruzwQBRIVCgZnb29nbGUSCwi6rt_Qveu7PBAFEhUKBmNhc2FsZRILCPCBr8-967s8EAUSFwoIcHVibWF0aWMSCwjs8oHVveu7PBAFEhgKCWJpZHN3aXRjaBILCLzvyc-967s8EAUSFAoFdGFwYWQSCwiip8fWveu7PBAFGAEgAigCMgsIhJ7Kg9TruzwQBTgBWgV0YXBhZGAC
.heraldsun.com.au/ Name: __gads
Value: ID=1a88171f0ab25567:T=1702008749:RT=1702008749:S=ALNI_MYwx6Ukq4t7Ku0JElB4KeMgskDpOQ
.heraldsun.com.au/ Name: __gpi
Value: UID=00000ca6ff36a1e5:T=1702008749:RT=1702008749:S=ALNI_MbE0daQGp-IszVcJ23yVU1HGhyY_w
.linkedin.com/ Name: bcookie
Value: "v=2&295f51a3-ff87-45ca-818c-ae490754cd5e"
.linkedin.com/ Name: lidc
Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2776:u=1:x=1:i=1702008750:t=1702095150:v=2:sig=AQFA4605k0DP1M5hpQehnXRHh_UL9EUQ"
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 69943bd37e90293cadc011a5e2f0eba0
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2C6370914026403A8B3F3E4BFA42C4FA&KRTB&23486-uid:2C6370914026403A8B3F3E4BFA42C4FA&KRTB&23489-uid:2C6370914026403A8B3F3E4BFA42C4FA&KRTB&23539-uid:2C6370914026403A8B3F3E4BFA42C4FA
.semasio.net/ Name: SEUNCY
Value: BA7BDB652AA447C7
.connatix.com/ Name: cnx_userId
Value: c44bf0d1b11a44b099bc62a94fea2457
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: e6f94bb5-a80a-48f0-98a8-2e82f4651b4d
.prebid.a-mo.net/ Name: sd_amuid2
Value: e6f94bb5-a80a-48f0-98a8-2e82f4651b4d
.rezync.com/ Name: zync-uuid
Value: 7ba02424-7b97-4043-88a0-8ae993ca99c0:1702008750.804227
.rubiconproject.com/ Name: khaos
Value: LPW42BV9-N-GKBA
.rubiconproject.com/ Name: audit
Value: 1|kUiA6sj/vRYjryAN2AG34y1+VlfAGmiPbvq2v//MlaH6DZ3dTM5nwf8JSkkSkeaeJnwMNee7seYiZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_identity
Value: CiY3ODUxNjk3NDA5ODMzODM0NTkyMTkxMjA4NjU4OTkzMzg2NjAwN1IQCIGFgr3EMRgBKgNWQTYwA_ABgYWCvcQx
.heraldsun.com.au/ Name: kndctr_5FE61C8B533204850A490D4D_AdobeOrg_cluster
Value: va6
.sharethrough.com/ Name: stx_user_id
Value: 5833ec1a-e248-45f0-83e6-9e5519aae569
.lijit.com/ Name: ljt_reader
Value: HyOcVQZHr5dD0cjnQOiLPIMM
.lijit.com/ Name: _ljtrtb_80
Value: LPW42BT0-F-7AYV
.primis.tech/ Name: csuuid
Value: 657297af4e6b4
.intentiq.com/ Name: intentIQ
Value: oNPjudz1Jk
.intentiq.com/ Name: IQver
Value: 1.9
www.heraldsun.com.au/ Name: _lr_sampling_rate
Value: 100
.intentiq.com/ Name: intentIQCDate
Value: 1702008751777
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeG9sR242
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 1120628898#1702008751772#0#1702008751772
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0N7CwNDE1M7OwtBTiM9StDDPKLAwIc_OqCgwFAPMuEnolAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAwDsA_rhDNuwA7bpD0W6eRI-3g0G0xmaJYikSPsRri_qrG6auG9BALWjdNIUj95Ypb8OQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzYysLQ0N7CwNDE1M7OwtBTiM9StDDPKLAwIc_OqCgwFAPMuEnolAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsQ2AMAwEwAmoMofRx3Gwn22cKAtRUjIpHRLl3VUOHwk1NfFBF4M1iUhI5CLbTHLirA4Fwjv2gKn6XbbvKmnP3_0FeQ-JzlkAAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNyjEOgzAMAMC_eCaVMQbb-QwKqYeoJa0ILEX8vYwn3Qnz17c1Va87xH07vIP8LrcaxBNa-a3-ggi9yUBoJqjG4zSpGVwdNG-tfOpcnveRJSExcZDFJDDyEFQTBk1uNuRkljH2goSoMuJDkYkErj97qCTu.ZXKXsA.bYIreDJLN39oLvKSsSVUtolRoQ4
.pubmatic.com/ Name: DPSync3
Value: 1703203200%3A201_245_226_197%7C1702080000%3A248%7C1702598400%3A164
.bidswitch.net/ Name: tuuid
Value: 87ec1e42-82e2-4c28-8e3b-edda992f5e8e
.bidswitch.net/ Name: c
Value: 1702008752
.bidswitch.net/ Name: tuuid_lu
Value: 1702008752
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2fhg:19e0~2fhg:175w~2fhg:18z8~2fhg"
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-193117286844294976&KRTB&23339-193117286844294976
.rlcdn.com/ Name: pxrc
Value: CLCvyqsGEgUI6AcQABIFCOhHEAA=
.company-target.com/ Name: tuuid
Value: 48e2de66-b298-4088-8c1f-300e4cd735d6
.company-target.com/ Name: tuuid_lu
Value: 1702008752|ix:0
.pippio.com/ Name: did
Value: JyQ44thhI1bbu6Ef
.pippio.com/ Name: didts
Value: 1702008752
.pippio.com/ Name: nnls
Value:
.quantserve.com/ Name: d
Value: EKQBCwHOKvijAA
.quantserve.com/ Name: mc
Value: 657297b1-10c0f-d38ff-4acea
.pippio.com/ Name: pxrc
Value: CLGvyqsGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 89a95977-4cd1-4a79-a302-2748bb3dff66
.linksynergy.com/ Name: icts
Value: 2023-12-08T04:12:33Z
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1&KRTB&19420-ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1&KRTB&22979-ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1&KRTB&23462-ZjBjwGkyNsN9NGSRYGN5lmM9MpR9MTWRNWT4xqI1
pool.admedo.com/ Name: tuuid
Value: da19df99-c746-4cb7-aeda-345d866d2e28
pool.admedo.com/ Name: c
Value: 1702008753
pool.admedo.com/ Name: tuuid_lu
Value: 1702008753
.rlcdn.com/ Name: rlas3
Value: nB0yawLtfoyHZhUOLca9MPIGfMNy3N7j1BgFd2xkkdQ=
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7354377163891688330&KRTB&23150-7354377163891688330&KRTB&23527-7354377163891688330
.adform.net/ Name: uid
Value: 3706070511088630808
.pubmatic.com/ Name: SPugT
Value: 1702008754
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 158393:4
.pubmatic.com/ Name: SyncRTB3
Value: 1703203200%3A21_56_254_71_220_13_233_209_8_22_214_54_7_3_247_264_96%7C1703289600%3A35%7C1702598400%3A223_2_15%7C1702857600%3A63
.ctnsnet.com/ Name: cid_fa88fd095fdb40f1a8c14e0d908e7932
Value: 1
.ctnsnet.com/ Name: cid_28ccdd7289c2496b8e25af2a7c1511a4
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1159
Value: 23138-28ccdd7289c2496b8e25af2a7c1511a4&KRTB&23328-28ccdd7289c2496b8e25af2a7c1511a4&KRTB&23427-28ccdd7289c2496b8e25af2a7c1511a4&KRTB&23445-28ccdd7289c2496b8e25af2a7c1511a4
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3706070511088630808&KRTB&23263-3706070511088630808&KRTB&23481-3706070511088630808
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 12mludvcb0ms
.c.appier.net/ Name: _auid
Value: MAxSDMaAC7GKRC_etJdyZQ
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12mludvcb0ms
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-MAxSDMaAC7GKRC_etJdyZQ
.pubmatic.com/ Name: PugT
Value: 1702000702
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2afb57ed-1831-58d4-457a-ee0a70a51006.9%2B4dslblU%2F10yFviDDAq561eImM9zXc%2BMfbuDNTzNAE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKvtX7RgxWNRFeu4KcKUQBkLLcKI.E8%2BIs%2BOaIzTjlmfCbOG3WLczy5TWTRn6JL7pOdRfvy0
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC0r8qrBjABOgQtwj9GQgQ4wTCU.fG3axq2iEMEm6khjpZ48rrymBbjadR6oHdmEyi4wMEE
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINQg467dMy_ak8tHN7qd7eoUVdzBS2FT1D2FgFpZzMrGEHwYBCC0r8qrBjABOgQtwj9GQgQ4wTCU.fG3axq2iEMEm6khjpZ48rrymBbjadR6oHdmEyi4wMEE
.adx.opera.com/ Name: UID
Value: OPUe4e0ec38fb23401487f48191ca71f750

9 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network error URL: https://login.newscorpaustralia.com/csp-reports
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/adj/N7203.197812.NSO.CODESRV/B7670439;dcadv=4149947;sz=1x2;ord=895903113697.8157?(Line 145)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://dt.scanscout.com/ssframework/uid?UIAA=78538120634587733701909972485330738445&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZXKXrAAAAGLnLwNW&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a.tribalfusion.com
a20352597942.cdn.optimizely.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad283e6552bdacb8114d8e4558965354.safeframe.googlesyndication.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
api.rlcdn.com
assets.vidora.com
ats-wrapper.privacymanager.io
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
bat.bing.com
beacon.krxd.net
bedsberry.com
bidder.criteo.com
bs.serving-sys.com
bvc1ogexrchmfxmh67mwfxmw2prqo1702008747.nuid.imrworldwide.com
c.amazon-adsystem.com
c0.eu-3-id5-sync.com
c0.eu-4-id5-sync.com
c1.adform.net
c1.eu-3-id5-sync.com
c1.eu-4-id5-sync.com
c2.eu-3-id5-sync.com
c2.eu-4-id5-sync.com
c3.eu-3-id5-sync.com
c3.eu-4-id5-sync.com
c4.eu-3-id5-sync.com
c4.eu-4-id5-sync.com
c5.eu-3-id5-sync.com
c5.eu-4-id5-sync.com
c6.eu-3-id5-sync.com
c6.eu-4-id5-sync.com
c7.eu-3-id5-sync.com
c7.eu-4-id5-sync.com
capi.connatix.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.brandmetrics.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.optimizely.com
cdn.speedcurve.com
cdn1.adoberesources.net
cdn3.optimizely.com
ce.lijit.com
check.analytics.rlcdn.com
cm-supply-web.gammaplatform.com
cm.ambientdsp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
collector.bonzai.co
config.aps.amazon-adsystem.com
connect.facebook.net
content.api.news
ct.pinterest.com
d.turn.com
d2n6ofw4o746cn.cloudfront.net
dcollector.bonzai.co
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
edge.adobedc.net
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.privacymanager.io
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
invoke.bonzai.co
ipac.ctnsnet.com
js-sec.indexww.com
js.adsrvr.org
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
massets.bonzai.co
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
metrics.heraldsun.com.au
mhr.talk.news.com.au
ncg.tags.news.com.au
nebula-cdn.kampyle.com
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
play.google.com
players.brightcove.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
resourcesssl.newscdn.com.au
rm-script.dotmetrics.net
s.amazon-adsystem.com
s.company-target.com
s.pinimg.com
s.tribalfusion.com
script.crazyegg.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
statsapi.foxsports.com.au
subscriptions.heraldsun.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.intentiq.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync1.intentiq.com
t.adx.opera.com
t.co
tags.bluekai.com
tags.news.com.au
tags.rd.linksynergy.com
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
v.clarity.ms
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.heraldsun.com.au
www.redditstatic.com
x.bidswitch.net
z.moatads.com
cm-supply-web.gammaplatform.com
login.newscorpaustralia.com
sync.mathtag.com
sync.search.spotxchange.com
www.heraldsun.com.au
100.25.107.27
103.229.10.192
103.43.90.54
104.18.25.173
104.18.36.155
104.18.41.104
104.19.147.8
104.22.52.86
104.244.42.195
104.244.42.197
104.26.13.18
107.178.254.65
107.21.182.54
119.9.108.211
13.107.21.200
13.107.213.31
13.107.42.14
13.224.181.11
13.224.181.67
13.239.180.158
13.33.88.56
13.35.144.104
13.35.147.106
13.35.147.22
13.35.147.40
13.35.147.55
13.35.147.76
13.35.147.78
13.35.147.8
13.35.147.85
13.35.147.95
13.35.148.114
13.35.151.131
13.54.220.201
131.153.206.102
139.162.38.30
141.95.98.64
142.250.204.1
142.250.204.14
142.250.204.2
142.250.204.3
142.250.66.232
142.250.67.2
142.250.71.67
142.250.76.98
142.251.221.65
142.251.221.66
142.251.221.68
142.251.221.70
151.101.1.140
151.101.1.44
151.101.128.84
151.101.129.229
151.101.193.140
151.101.193.175
151.101.28.157
151.101.66.217
151.101.66.49
157.240.8.23
157.240.8.35
162.19.138.116
172.217.167.102
172.217.167.98
172.64.149.180
172.64.151.101
18.138.18.111
18.143.106.89
18.158.203.99
18.177.210.19
18.178.8.168
18.238.192.40
18.239.199.51
18.244.214.85
18.67.107.130
18.67.111.74
18.67.114.43
18.67.93.127
18.67.93.29
18.67.93.30
18.67.93.43
182.161.73.129
182.161.73.145
182.161.73.146
184.24.241.42
185.84.60.20
198.8.71.131
199.127.207.182
20.114.189.135
207.65.33.76
207.65.33.82
23.198.57.183
23.198.59.89
23.198.63.128
23.204.64.151
23.204.64.193
23.204.64.196
23.214.44.119
23.214.88.160
23.214.88.51
23.221.20.194
23.38.138.181
23.40.72.216
23.40.74.168
23.46.34.73
23.48.96.232
23.52.235.84
23.52.245.131
23.52.255.186
3.25.20.197
3.33.220.150
34.102.253.54
34.111.113.62
34.149.26.226
34.160.169.226
34.199.164.108
34.227.121.59
34.233.55.153
34.96.71.22
34.98.67.3
35.160.247.117
35.166.101.88
35.186.193.173
35.194.66.159
35.208.249.213
35.213.12.39
35.244.154.8
35.244.159.8
45.137.176.88
50.116.239.135
51.75.89.127
51.75.89.188
51.75.92.250
51.75.93.54
51.75.93.98
51.75.95.135
51.75.95.152
52.195.101.72
52.221.162.132
52.46.155.104
52.74.150.191
52.74.155.254
52.76.144.130
52.77.135.86
54.152.61.223
54.153.211.209
54.79.148.68
54.79.99.215
57.129.23.120
63.140.38.149
63.140.38.186
67.199.150.81
67.199.150.87
67.220.228.201
69.173.151.100
69.173.158.64
69.173.158.65
69.175.41.79
74.118.186.107
82.145.213.8
89.207.22.108
99.84.238.146
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
008cf0303576365e2176a6a2702f43f97ba8621a03b9819f9bec472df8c32877
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02c92b6983dcf3e0df788441d88b51e67693b07db8af9b497c11ad066aa26d8b
02faab2bccfb952f16c0c877d82fd0e95b38498f79b1eb4a0490c4db660243c7
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
056168ca2c784368273fac448204be62038914fa7af89e209896b989407465ca
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b6b94156077f84782bc055aae153ae46be8a4d6d99924cd1140c37c0eb4b42
0a23ce8f29e3abc309f281963119fcf39e11241c0202eee4ecd36448f48f9cae
0ac510470baea887f80c1fa6908e73b10a0ca8f4a86b3923f4b41e380e6793af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb7f234ff483019ba55c46dd75bb5b67b302cfe19fc867285b5aa72a982e753
0d2958bf681f9132b5e41b0e2e09408c043e8c135240bb94ddddf699e8b539cd
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e164af7f84bc9c1c986905f7d76d1c6a35fb0e1a40c7044fa748d2f6801fb59
0e53454a6a3599c9e3c46ed4eb2132a19bd03b72d6be5282a2d4fb093249751f
0e6d6befe0a8e7a100edbcb5693090680c2cc9a67e07869616ffeffe4831ce85
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0ec76d4b6ed8c436113f06a582c476855e784f3226de982d3df06453a35eae3e
0f0969dcc16dee3f369b19032b7d58e0c6ed4c2b8844781c27c24c6dd4aa4279
0f5431ee7d16fe6aaf14ece03b86423fa0979939e2d3b28767e54ae63abea533
12a3170ec516303dd7108508ec6c5b44d8fc14f906a72e03fa65771199e37b5d
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
12f4750c420dc5836a0fad3789977f8ceb13a198487936d157701dea7083201e
130848934ba9f28923361203a7a8b8bb947f103cbba3380fa9030ce83ef6e340
135c38980e286aa356cd151198e12d0f3c577531dc068bae2ba82d2945ac60f5
13866940722f8047d28b746dc8078c87f7bff794c6f2f8344bbb53235b0bd348
14dc585d06bcd6d97acc6b6532cbd7e52afc3653c55e955e6074aba6d20a078f
15fa217127cf6224fe6f46eda85d4c976ee5c3085779dc7d3397bb29cc721663
16b4cf2b9a4908b20dff3b6c586bc3209fdf4bf53ea4f1fa2827cbffe4ceb070
175c95ac6f97af7d4843d1c6ae52c646b60309b8b6202721c0184044b929372e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18fc9e4be49d4646ea74bb1ca94cab88db5632ad958a5dd199a3631352befc41
1ab4134369398656a18ff7a84a790b2bbbe88282c75af9e05b4884fba83a296c
1c21be9db4a5aa36ef2488085f60682b852099e863f6b9d87647f17761cf9e3a
1cf1dfc8175b743db11a8b6990f6076e4cfaff2451faf94be19d90e30fb5b5ba
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
1dc7fe3be91d291923c4744bb96a4f74b9edd728cd2dc18a0086599c51fe2439
1f8c04c4627cb014b0d3f5bea7f2b2b8e06cd3c3849b80eda20e6b35dd086fd1
20238e49be2591e5ce83c3b8f0f26d0add8911828ebea96442dec2d15f8be20b
205d9ce8261f6f81979246859a430e5862411f2892d50728d30ee7ae36f7e881
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2147af34d5673f65461fc7f873e0652d2617669d19bf5774569f8d92b3d5de98
234c32f7c8c3eba6e647bb5dd9e79e29b86992067390d12bf7913c3ede8848d1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
287c91ffba5266dca4c14c4b6ac6252f56ea224633c68d974c41fadb1b7f4886
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b5b5c5a477fbef8dbdb68a01bd234d5dda7c05e221cedd93c198a362ff81758
2c1cbbb79ae2bb757aed7e19248ef2d314991cf082ab05dbf0bdaca3bdf420fa
2c5660f641ca8b2a795f976360ed032a7226aa4aee2ac8cad40723938f824790
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2c7d94cf72290f0afe885cac865b79ed0faf8175005d60abd2c9d8471f2f8a3e
2d80c21fe0d82066de8a0ff50c7d4db333285b640debd12262acb9cb8fa340fe
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f4ab71e8d224990cbada55ff7cc2d3a575f2ff234ff2965c52f9305de9fe643
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa5e41892a9504acfb95f940b8d91ea53e5c109bbb5a06beb36e9a8857d3c1d
30515e7af2d6991e1f7cace3c5c43572f6c7ff3a73f660ea75e2428f9f648746
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34e090ce181d8557a8a45048c5f8ace5e42fa9f4bc3216db6cc2ba92cdc0c845
34f81caac338e3937608c43dc6c890d5fe053de2f243255cc9508470b52d48bf
359452d029e9eec2e6e2f606a153762b9ae7d9741a4c77413a866f93e870a17a
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37ba5cc656354ac4b35fba92e51ef53fa5afe250fc14e0cf6690e95c49d3b801
3902ec07441f5026f6710e208b44026df4e565d10b7b9617afe87254dc033237
3a21462af9801ce566897beb74ca7426d79d53725718c7a31f1ae359d0f40a43
3b5adf0ba05505da041db8f0760d6fadec9474d71af49c37756465cd448e0a2c
3ba0cff4abec93167174b3ccdd28115cc303e1db88d24b6d6e1c3eebee2d75c5
3bcbb673451cfc2f3834867588248480d5f5eca74a4213a68f7e00c3958cc6f3
3cb89ebea6527df59287bc5d00d249d32042594d113a62049185b76945a6e959
3cbb17ce946796035eb3a1d9bf9f23b21b343f0e2e6b4445802c06388bba2e3b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402b69abb8c4ca07433838513d69e785781d47e6feb5f7f3686e59c6cbc39376
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4471305f7d908e13742d3e6cfcb410b6e6f9695489756062c9da2305a9b04fe6
459e7e241fe157217ebc67fc5d1e9ae75bbb995233bd54f2f2a925cfd26d8e2a
45ebd8c4c02d3be40fb3afa4fbb58a2493f0fc206b1c9fb1a1649f67b4301471
462de0cf99e5a07877be62391df469f48b1fb508b31d01ceab53b0a7bf1a73ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e0424ef527d652c8a0c66b493235cc9a8f92955e0f3b8fad5108fb4a88a4c8
475f9b9e50c213ab87b0d034da76de7ebc7e2eb9cd1fe856c7f21769e856bbcc
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0e900d88a4d79acc98c18901c221ff93418f92cfb8e3b10f5030b5d026071a
4c2e03d0e2d3f21d25a50ac39491f5124a03d778da219ccb65801c522201a370
4cc413b95c1985f67daf096890d1a9f526c88936fbdaa9bb771ca5dedf2678fd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e61c669b9aa3695047ed8e48bb8d2912f3b3ee78ea75b2b78e4a5d2e53f5074
4f738bbc1d51e9c8db1623caf6122fb43f3e2f200030cadcdb8066dd456490a0
4fd617ffafb554225fa615dade8d356f8545a35c0e5e0705cd0045c22f5b0e9f
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5284eec8b880c1f3cebe4823d8abb13368fcb9a1e4d213ae3f9a9e7bf1443a93
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f1edee3ca4757b85c73098470d185214e3a7eb6c42fd111216a83af730a326
550f31172d6616dd65b986ffed33b0d9400f220195367f15a980caa963349c75
58170ce1dd7c3fb0c02555698ea0a05f84f637efdc6f8bdade56e00be1a27e6c
5a2098a142b2a2ce4370cb34369cebcc65f38dce9db3eccb854adb885e40ffb6
5c9285bc0b9d3d259c18c249d3f486f8a6327082ab84c29ece7b9f692f8ee90f
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5efaa0df93c87783107dca102be7d1fdeeda1032e5f26099d27ba4c3ce4246ca
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
603fc565806e291180062d072e5a4ea084fc69a2b916975026ea7e94ebe04a3b
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
63cba7a7b3c3a6442d565047cb8aae2a8d61c1ce203b688e0e2d628034d79f9c
6484fcc9c19c09df7bf8ac514496e083ffc5ec2a54509f4a5b47e667171630f0
64ee2bc90d98a9e336e5e0a813b1c259926d822f1af16dea1ca2355cfa13294d
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
65d0ee95aa02438b70f870b09db5d41c4ce2b7faa5e9af574cd30b552773f986
6751a87fcb2eb8ad430772dfdf1946211940bb0e92817e50bb54517a4be6729e
67b1a4313af266ec0c90106e3b70587b23e0235f454fe8be766ad4012c051b79
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
68bd38acc0d64eef2eec5c884fc98610684c1fe21ec2f78e90aef07b8a2bae47
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6a941a1175f1fa29da2eec4eb3c70e8b1aeb54f1e2825c01438e56c8c987b1e8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6c1ef0a5a56e0f8283e3855d74769c8a6b2a2c39d4a64a4bdbc2b0ef1ab5d70d
6e1ea58d7d8d5c815f2240e45463d378ec398939e9e5816a96086ff0e50715b1
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
714f6738376a61459e39558628b73496acaabd5b90516c8bff2b44b7b36609a2
72045c6b93aeb78e8fe8ac11d57b8a921c22ec2bcc9b0e0e3965a436e56e0d22
73792bc2a387e9c986cc9ff688702fcc78ca2807b5f1dcc9a03945b9c3c7fb22
73d6a11ce32ab5c01d772644cabd5b522907c90729b4603d281584e6f2fdb05c
74c503817a8ff3d579fa281151b3e5f3ac11457cc8ea4002fa7ddef26349b114
753623f88346064bb548612ff9e5d5fd5b26939fc32942c060de14d6007cb912
7670bc5b1c18317279d039221742e12ab4007948479e2933b7536126d7d5f3e1
7733a0353c0558298380dfe92186c2fb47590903c95b5b27c2b75e0c8d226edd
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
79d277c8349d6b55245c0c1166b21a8f80f8ea057c24bfc565091b567dc44913
7adf4c6b7a9483f7296741d50e0a6c6674312b9df4e4809da33789a37a5f4ac4
7b6ec2e0ac3c882506d309b2681d7ce6b0d8a2a1f71fad78c7b967edb49e1d0a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f408e57fcca7a2cd06c9a0e5810015f4791294e57a8724fb027830e63a939b7
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
818649573d1249389d5861c571d5f41fe7a6a49e559d1a77e4fd67d51ea7f905
81d335f1468b3013dcfb19dadda021b3c8e0d565607cf6cd38af766f5af72e2d
8244700d0c1c4886977be92c63a52692f6e651f1f15c5b692c8820f6ce330bc9
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
875e2dbb46ed3ac5de6ffb948be3670674574c75bf0c963ad68edb8832f06d44
88368ae9b2482d286c5ed652a8b6c94f220d5a4a00cb502e19cd6bda85d39da1
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8bc2a535d18bf3d32f863ae406e7eaf87726c4f5ba0eac2b7d23fbc2c5f48936
8be4dcb40aede95c3bd86a19357e5e12c20e0876ee1942ebc281e274cfcd7b06
8ce7bd34b47ca8eb719ca9444f805008aa234f25f4e12302ff470d20b2bd4922
8cef1f4a03cd03efb05557253d4d4eac43ffbf1415e012891643117337a5d7fb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8eb08210f3cc71a6cf15301ef18ced50937dd65b78377b1f84a91bde6d20f962
9029e9d40644b491ea3dfbf70933eaef3d07a1ea5b3f8b16feaefbb22dd63739
90a1ce715a915054ce2269d7160de2035af86f48404b5918677ed9d058f85813
928ef04371043843ebcdba46b78980e61a73d306d2d75010dd2a8296c7276acd
93401f489dace786f4718ee877f18073995d8870cc5195570f82604948b0b5ed
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
940699e7170c09c94d4c9635679dde6277b2a8b1be37c403d46b32f5b0ae487a
945b317583c8a1af77063aad1ba55e6b549ff7f36a6dd47f4633de30db9239c1
948afceffe80d48945c9c9272bd46438f7174e4c11f050ca1a71f4c348fea70a
94d53eed450989620e3f5d3da0c8c720f59c308726eacbf7767667c3626c1a46
95ac383c4fa19e0a921e9d5f41e2ccf537d4988c70696192739a0ab87a91801a
96438abac3e63aa55835f1919e3897cb442505ee5f27c576ed11a21463c6bf59
97bbaa92f60f04ecdbdb4341606437096e7c0adf6b53ddb9d80a962661aea2c0
97e9b41230f3c246606f12807daab32475cd0ddb18490edf1c0b753c8327b6b7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99740307ed5cfa3bfd0c6d068d455e4c76d3328c7262599434f41754fd6165c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0b875e366ec5fe0338828cb8f9c3386dd212092a5efa1047ce5ae524e9ef58
9aa5039e856634395cc8b86e0213cc264ef7c1499ba417eced7796c200aae5ee
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9d8f5cba9dabe2675d9b08f4a65d17b153ce1d9ebbc10bf3fe8961f8a376453c
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e14f5a438897d6b49669dd16313010b7a17fc75c3159039c25fe667d6010b21
9e79c950a3ae56dccbc4c78b01bce05d2e3c40cff0521328456e30337f094918
9eab27c634b2201cb52d5a94c4bdec71726e1ca54039494147e92d35c5a0ce4a
a00648549caee247248a3b7ac4d5d0405da14b191f63a4c037ea66d1870eb145
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1bbd6d1213c59d0902e4426606d1b9d74e661ab103562210563b99d0ae0557e
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3b029951e626e7d3123a1f25886db28f5ea4f32d1e80491a3b8c8c51f13f5c9
a4a344f2d75cd0e85ae0f38c72d5fa5c49fef0e1a2b9c330ece72223090efd19
a5fa51407c2b5077023695076c55cecdc708af89dfc09342adc134baf356ec51
a69e5c86df52bdf96f6ddd4c08bdf849cb4ce763a3adc47e22c63fe7fc3c5e39
a6dbc71ed639415f01a97c8f609e753ebc885db3add7e5c889a88dfc050847d4
a7ac93815d34a45b882000c6c3141631709a72e2f24b9c29dcbe2e618438e9fe
a8d5b698907b7b16e8de39d3ac67be7b9493d7f4185ccc7cb7b771ffd46c2788
a925505f3081d8806a240aa875ad4e470f2c6f4413175cd5701e18172487197e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9a0c11dde2d9aa46e9bc641b81b5404f6f0e744785a278777dcd5e4644d797b
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
ac38e60e1064844576ce85030569c9e393c3c1c888acb6e10fe2ee7b62bcf090
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca997682d0dbc6da36f2262551bb2d69aac5a5d0ed13b876ecd74e874314eba
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adecd0c47125731bc832bfdc4f2363be43c211abead936eb0c39e47e7105018c
af74b8b4a0e418a5461b5c5b62ab9000c6997edbddc5c050ed931bcc062ab697
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1965ab4f6f50070c4d8214eb75ec76218f5e26cf01519fcaa3fe1f3c81043d1
b4ee7d61f3020f864ad1d5e86908826f56aab9d74cfb0527ccd4740661150016
b828e919c2ff55a336488d2ac02c554c1b69b0b662e2e0e6cb230f0e47cd4b6d
ba97fdb79551ec612f180093a000ae30f31ac9b2e82304a771ea5b502aa09352
bb1b8f345e2fc6fb265e8287f544ff5449288f2e8a275519d1533023e5b11309
bba3f2b1cf65dc4992fad83fefe41ea84164c5be9307acbba7ab1179c26597a0
bbd29deca68f9639a9456faedcb3c18abc0af0b4bd8336b49a82b61c34296bfe
bc337707a585e15920fb4103f3a40042343afca913548bb90c6260a2de72ae1b
bcc08a551387a09ca4432e80c9adfbaafaa0dcc06ea90922f511d62289a91441
bea9bf7def21dd40b781823407a9a48764c5b7650a1cd228f262436c513f10e0
bfd422498d06efe67b59793ea13073b5ef9bec93de68e2f950ec50bd5f633338
c0ed1b3990758de1e7ccaea5c99ca9be636632479237a668aebe722f231f4ecc
c130954aa6f9e655dbb8c48e8514d5d4ad3964b0035020ca1923b029f41bc998
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b24a67d925db0d9b80138eced5ca36c703262a13f62a3081e8c925b7e0751c
c33065e742b63134f0db0f7dbc095b0270bea39913a63bd2299a09607186196a
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c923a79edfcad1510873ec3e505e8832fc74d0f311465499ec0e8d5f473ef93e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ccb31b1542aaee2eb3ce785ccc2b5ab2b009461292d220cd329c2112da343826
cd0839b53d8479db6bdd8c35ff4c04352c9680c32da91cdf3ee1cd9c5516d5a0
cdc5e6c264177ca49e038b8812d036f7181eab0a771e72e91ad8010664aaa659
ce227a433689c18ee8ee40b39f9998aba7e64d917be1f263bdfc39c134bc6556
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf61991817f8e12e2b1ef7ffe01b27c45bcd7112abbf34867947f5c00793096b
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d1a2ff3a5504eea52cf51e0f6bcebec50e6e420d1d10a40aec7b45807006db83
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d577dc01139b89577a092ae25ad9e1614331e5f7a45f0a7457e953aa296931dc
d6a2262db41d6daa01a55bff2ad51439054c6b051f070f0b2c3ecb7a3c482489
d70fb32a3cf26dde15d12e146d5171ad6338d30fa02da2af2c1e3a311ca0429e
d8383af8aba7726aab9c165a5ff6f37e4cc077cae11916eb67ea5ac23bd30b6f
d85044f3641a9b36a57b5bbd072c066326a6813fe5d5e0953bf7f8fd00cb6d76
d8c8011cf82e03132ce22bc093dbbaa981cce0176331f13bfe2195530124f70e
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
d9f5945e80f23ab8addc1908230c8aa3ffabffd8aaa4827fa91afa5785a64169
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
dbb061a343bdb07118d85335aa88423c0bab2cc3536dce654ed5e4fdc8ace91b
dbf2b38491d95ca0fad4cd2951d8c8eb29ceaee6243f915eb3ec7013b22a0482
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0464c1b94d39e8958ba7a4c594cec1c1625ec4c5c154aa9ffc51de38e04da6
dd9f442f4b973f4fd7af161f3f15cfe056994732b722e0042f4eb68450bade82
de5045e72ed2fb935ff309cb41569befab981796ee8a72c873cc4bebdd2644ee
dee3c83cf711a819773d5cecc4f9f3c9b88d6d76b6cd9ca3813a545936a0e03f
dfb1e1e11a66d49a2537c14e42ad0147126dac2bfc06e0a5ea1a3c6432a80c9c
dfc4fa358cefa1c22ef7e4e89d130ed5d43ac301e6d0794b99a03544553eb267
e026e667ede932252886503ed43b96365aea8e928766138d74646edcf34a44c4
e037889685a5756ed0dc4cb380f78d239daceaa5a23de6ca49d541eed22edffd
e046665747aa6995e02a6872134b1adbdfc3df09d448ef615dbca4cb66e86d81
e0745c6e6ebe70b8ee5aa409b62f745e39a7d6efbdb6dd862fdb66ac65155947
e08e42038f0726aeb1f78519afe594b2379016cfa988e2b31cad7b02821e801f
e0b02764532818d98a44aba0ea1536f0445b38225d51f5933873279c1402c997
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e2f5fff0548f28990c1e58e26fd2561910c83f007143037301330bc86f114651
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1
e5b8b1d5df921838c2add27d72244ece12a8a941a2efac1924be751bd1f108c9
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
e6c7e8310c2c31944f4988e3e3e7e464a5df646d6db6feeb301211dddc4c7128
e70c4605cfa84bbad7055f51b13fc721c9323cc152f47c7e4c491a3c8177590c
e7a6f4d666e81c6328e303eebb24958255b1b50965cce8bb4327041fc5f4820a
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e8978a0635b2c7e92458a4fbfecb29a444434bc04e23023ba810d407f32badd4
e92d26b0897bf0e77a1ca33db7c3a729ca4fa391ea8159a00ded248fb48010b4
ed04c617331e334fbed5caa76dad0bc6a82dbbf9c829eb37500ee4489af8d0a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
ef8f621aa64890d26d3ffb95ce1ec34bfaf4e7b76cba454ee7e9aaf6da40e445
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f04f3ef1b173e07dcbe529d85b4a5d84f0a0456d347f7935f7ad68b6213a43c2
f0ef50bf45765ae087cc01984ebe59f10ff50a76af8b0677dda5b436347ee9dc
f0fd06a4d58ccce9ce112fbd5f9db051da01dd847d94dc96e4ae6beccb194876
f17425fede411b839288f0e1ce2c415095637302663d5fcd5b94f6dcb542a498
f1e0a4f3d202b8b9b6404c93af0b9d2bb0ff769a8dcac6f15cfe8c4ae7495461
f210c64af3485982d46559510ce93bb03374225d95484ddcc0226cbebee8f103
f3136fe9018c1e33809a1f7cf0b6050806ead6ae575e1ca101c4b1cf50bcfe5a
f50e766333eb040329cca30fe2536925cd1c3fe30c6bd968a674007404958c58
f5647c47fb1b581202f34328775140b59a860d678f541caf98adf2e3d48900f2
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fa4516a649f762b33686ce307d53bb2841da251daf6c37d7017451e8f03436d9
faa9004c26fdf1b0969a0216e2b057f2d672e78327ad7a10d76545be03d714c6
fb930fbea28387d34804f0b050973afc202a926d862052ad0b861f6b93dbddd9
fdba8926b943ef611fc6efc98f34bf6b946006bca29a6ca711c03f94e9b770ba
fee907a1d833331201ef7f88d3a573625c9afdbcfe50b1921ed5e50d770f5bbb
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54
ff9a87f98509d5b075acf151b9cedef48b02afb4e520535441bc908d5d8ca643
ffddb261cdb706feb2d83f5dd22f2a569ad95c25c45f5a861ed708580f1a72de